# access-control

12 articlestagged with “access-control”

Cloud AI IAM Misconfigurations

Common IAM misconfigurations in cloud AI services and their exploitation for unauthorized model access.

cloud-aiiammisconfigurationsaccess-control

Vector Database Access Control

Vector database access control weaknesses: API key management, tenant isolation failures, namespace security, and metadata filtering bypass techniques.

access-controlapi-keystenant-isolationnamespace-securitymetadata-filteringvector-databases

Intermediate

Vector DB Access Control Bypass Techniques

Techniques for bypassing vector database access controls including namespace escaping, metadata injection, and query manipulation.

embeddingvector-dbaccess-controlbypass

Advanced

Authentication & Session Attacks

Methodology for bypassing authentication, extracting API keys, manipulating session state, exploiting cross-session data leakage, and escalating privileges in LLM-powered applications.

authenticationsession-attacksapi-keysprivilege-escalationjwtllm-appsaccess-control

Advanced

Vector Database Security

Security hardening for vector databases including Pinecone, Weaviate, Chroma, and pgvector.

infrastructurevector-databasesecurityaccess-control

Intermediate

RAG Access Control Bypass

Bypass document-level access controls in enterprise RAG systems through query manipulation and context injection.

labsragaccess-controlbypassadvanced

Advanced

Lab: Vector Database Access Control Testing

Test vector database access controls for bypass vulnerabilities including namespace traversal and filter manipulation.

labsvector-dbaccess-controlintermediate

Intermediate

Feature Store Access Control

Access control strategies for feature stores: feature-level permissions, cross-team data leakage prevention, PII protection in features, service account management, and implementing least-privilege access for ML feature infrastructure.

access-controlfeature-storepermissionspiidata-leakageleast-privilegerbac

Intermediate

Model Registry Security (Llmops Security)

Security overview of model registries: how registries manage model lifecycle, access control models, trust boundaries, and the unique security challenges of storing and distributing opaque ML artifacts.

model-registryartifact-managementaccess-controltrust-boundariesml-securitymodel-lifecycle

Intermediate

Capability-Based Access Control

Step-by-step walkthrough for implementing fine-grained capability controls for LLM features, covering capability token design, permission scoping, dynamic capability grants, and audit trails.

access-controlcapabilitiespermissionsauthorizationdefensewalkthrough

Intermediate

Implementing Access Control in RAG Pipelines

Walkthrough for building access control systems in RAG pipelines that enforce document-level permissions, prevent cross-user data leakage, filter retrieved context based on user authorization, and resist retrieval poisoning attacks.

ragaccess-controlretrievaldata-leakageauthorizationdefensewalkthrough

Advanced

Agent Tool Access Control Implementation

Implement fine-grained tool access control for LLM agents with capability-based security and approval workflows.

walkthroughsdefenseagentaccess-control

Advanced