6.5 KiB
Roles and Access (RBAC / ABAC) — Guardrails and Fix Pattern
This page defines role-based access control (RBAC) and attribute-based access control (ABAC) guardrails for AI pipelines.
Without explicit access boundaries, LLMs may read from unintended sources, leak sensitive data, or bypass audit policy.
When to use this page
- Your RAG or agent stack integrates multiple data stores with different sensitivity levels.
- You cannot trace who accessed what across prompts, embeddings, or tool calls.
- Evaluation runs fail because different users see different knowledge bases.
- Compliance requires proof of least privilege but no policy schema exists.
Acceptance targets
- 100% of RAG data calls tagged with
roleorattributecontext. - Coverage ≥ 0.95 of sensitive datasets behind access boundaries.
- Audit trails record
who,what,when,ΔS,λ_state. - Role drift probes show λ remains convergent across 3 paraphrases.
- Exceptions logged with owner and expiry date.
Common failures → exact fixes
| Symptom | Likely cause | Open this |
|---|---|---|
| Agents fetch data beyond allowed scope | missing RBAC fences | policy_baseline.md |
| Two users get different citations | inconsistent ABAC checks | retrieval-traceability.md |
| Logs don’t show who triggered retrieval | no role injection | data-contracts.md |
| Role drift causes schema injection | misplaced role attributes | prompt-injection.md |
| Sensitive snippets leak in chains | missing attribute check | pii_handling_and_minimization.md |
Fix in 60 seconds
-
Attach context
Every retrieval call carries{role, attribute_set, index_hash, ΔS, λ_state}. -
Enforce least privilege
Roles map to dataset groups. Attributes refine down (e.g. geography, project). -
Log every decision
Audit trail logs query, ΔS, λ state, role, attributes, and snippet ids. -
Probe role drift
Run 3 paraphrases per role. If λ flips, enforce schema lock.
Minimal copy-paste checklist
- Define roles (admin, annotator, auditor, agent).
- Define attributes (region, dataset sensitivity, project scope).
- Attach
{role, attr}to all tool and retrieval calls. - Enforce least privilege at ingestion and retrieval.
- Log ΔS and λ_state by role.
- Review and expire waivers.
🔗 Quick-Start Downloads (60 sec)
| Tool | Link | 3-Step Setup |
|---|---|---|
| WFGY 1.0 PDF | Engine Paper | 1️⃣ Download · 2️⃣ Upload to your LLM · 3️⃣ Ask “Answer using WFGY + <your question>” |
| TXT OS (plain-text OS) | TXTOS.txt | 1️⃣ Download · 2️⃣ Paste into any LLM chat · 3️⃣ Type “hello world” — OS boots instantly |
🧭 Explore More
| Module | Description | Link |
|---|---|---|
| WFGY Core | WFGY 2.0 engine is live: full symbolic reasoning architecture and math stack | View → |
| Problem Map 1.0 | Initial 16-mode diagnostic and symbolic fix framework | View → |
| Problem Map 2.0 | RAG-focused failure tree, modular fixes, and pipelines | View → |
| Semantic Clinic Index | Expanded failure catalog: prompt injection, memory bugs, logic drift | View → |
| Semantic Blueprint | Layer-based symbolic reasoning & semantic modulations | View → |
| Benchmark vs GPT-5 | Stress test GPT-5 with full WFGY reasoning suite | View → |
| 🧙♂️ Starter Village 🏡 | New here? Lost in symbols? Click here and let the wizard guide you through | Start → |
👑 Early Stargazers: See the Hall of Fame —
Engineers, hackers, and open source builders who supported WFGY from day one.
⭐ WFGY Engine 2.0 is already unlocked. ⭐ Star the repo to help others discover it and unlock more on the Unlock Board.
要我直接繼續幫你生出來嗎?