Definition
In RAG and AI Agent architectures, Access Control refers to the enforcement of document-level security (DLS) or row-level permissions within a vector database to ensure retrieved context fragments align with a user's specific authorization. This prevents 'data leakage' where an LLM generates answers based on sensitive information the querying user is not permitted to see.
Focuses on granular document-level authorization within the data retrieval layer rather than simple user login (Authentication).
"A keycard system for a library where the reader can see the building, but only specific bookshelves unlock based on their security clearance level."
- Metadata Filtering(Implementation Mechanism)
- Document-Level Security (DLS)(Component)
- PII Masking(Complementary Privacy Measure)
- Vector Partitioning(Architectural Strategy)
Conceptual Overview
In RAG and AI Agent architectures, Access Control refers to the enforcement of document-level security (DLS) or row-level permissions within a vector database to ensure retrieved context fragments align with a user's specific authorization. This prevents 'data leakage' where an LLM generates answers based on sensitive information the querying user is not permitted to see.
Disambiguation
Focuses on granular document-level authorization within the data retrieval layer rather than simple user login (Authentication).
Visual Analog
A keycard system for a library where the reader can see the building, but only specific bookshelves unlock based on their security clearance level.