Governance and security

LLMOps Concepts

Max Knobbout, PhD

Applied Scientist, Uber

LLM lifecycle: Governance and security

Overview of the LLM application lifecycle phases

LLMOps Concepts

Governance and security

 

A playful image of a policeman pointing at the red light

 

  • Governance involves policies, guidelines, and frameworks
  • Security involves measures to prevent:
    • Unauthorized access
    • Data breaches
    • Adversarial attacks
    • Potential misuse or manipulation of the models' outputs or capabilities
LLMOps Concepts

Access control

  • Use Role Based Access Control (RBAC)

  • All APIs must adhere to security standards

  • Use zero trust security model

  • Ensure the application assumes the correct role when accessing external information

 

An API flow where the LLM application is assuming the role of the user

LLMOps Concepts

Threat: Prompt injection

  • Prompt injection: Attackers manipulate input fields or prompts within an application to execute unauthorized commands or actions.
  • Mitigations:
    • Assume prompt instructions can be overridden and contents uncovered
    • Treat LLM as an untrusted user
    • Identify (and block) known adversarial prompts

Demonstration of a prompt injection

LLMOps Concepts

Threat: Output manipulation

  • LLM's output can be leveraged in downstream attacks.
  • Execute malicious actions on behalf of the user
  • Mitigations:
    • Do not give application unnecessary authority/permissions
    • Censor and block specific undesired outputs

Demonstration of output manipulation

LLMOps Concepts

Threat: Denial-of-service

  • Users flood our LLM application with requests, causing substantial cost, availability, and performance issues

  • Mitigations:

    • Limit request rates
    • Capping resource usage per request

 

Image showcasing a denial of service attack

LLMOps Concepts

Threat: Data integrity and poisoning

  • Data poisoning injects false, misleading, or malicious data into our training set

    • Data can contain copyrighted and/or personal information
    • Content can be harmful

  • Mitigations:

    • Use trusted sources and verify legitimacy
    • Use filters
    • Output censoring

Image of text documents, where one document is poisoned

LLMOps Concepts

Protecting ourselves

Playful image of a cartoon getting targeted by a falling object

 

  • Use latest security standards and implement mitigation strategies
  • Always assume the perspective of a malicious user targeting our system
  • Stay up to date, see Open Web Application Security Project (OWASP)
1 OWASP for LLMs: https://llmtop10.com/
LLMOps Concepts

Let's practice!

LLMOps Concepts

Preparing Video For Download...