Description
Sensitive Information Disclosure is one of the OWASP Top Ten for LLM Applications](https://owasp.org/www-project-top-10-for-large-language-model-applications/assets/PDF/OWASP-Top-10-for-LLMs-2023-v1_1.pdf). While the LLM cannot memorize the prompts and the context thereof, it can generate responses off the context which can bring an element of risk. In this notebook, we will show how this potential threat can play out and demonstrate how to shield your applications from it.
This notebook shows how IBM Cloud Security & Compliance Center Data Security Broker (DSB or SCC DSB) can be used to dynamically encrypt/mask sensitive data that is fed into an LLM in a typical Retrieval Augmented Generation (RAG) workflow. We will demonstrate this with an example showing a couple of personas - a privileged user and a non-privileged user - and how the responses generated by LLM can be altered by dynamic RBAC and data masking without any changes to your Gen AI application!