Analytics, AI, Automation and Abstraction: Pioneering the Next Chapter in Identity Security

In the rapidly evolving landscape of identity security and governance platforms - Intelligent Analytics, Rise of AI, Need for hyper automation and Abstracting Complexities have emerged as tipping points to set the stage for a transformative next chapter. In this series of blogs, we will delve into each of these dimensions, starting with Analytics and AI, followed by a subsequent blog focused on Automation and Abstraction.

Tipping Point #1 - Intelligent Analytics:

Traditionally, identity platforms have employed clustering algorithms to define peer groups, using them to construct access analytics and recommendations. However, the current approach of using statistical algorithms to derive access analytics has its shortcomings:

• Static Parameters: Clustering algorithms rely on static parameters and attributes to generate peer groups. Organizations are dynamic, undergoing frequent structural transformations such as reorganizations, divestitures, spin-offs, as well as experiencing new joiners, internal transfers, and departures. Thereby a static approach results in generating peer groups that can quickly become outdated and stale recommendations with low confidence.
• Human Reliance: The effectiveness of the platform often depends on human input, requiring app and system owners to manually select and fine-tune attribute combinations, which can be a time-consuming trial-and-error process.
• Lack of Feedback Loop: A crucial element missing in the current system is a feedback loop. Usage data is not integrated into the recommendations engine, preventing the system from learning and refining its recommendations over time.

The optimal approach to building intelligent access analytics entails the following steps:

• Dynamically auto-recommend multi-dimensional peer groups : Implement algorithms to automatically choose the parameters/user attributes which are the closest match and can dynamically recommend multi-dimensional peer groups. Reduce the reliance on human inputs to zero.
• Determine most relevant peer groups based on users, access and application types
• Context driven algorithms making use of identity, access, usage as well as risk signals providing intelligent, high confidence and dynamic recommendations. Ingesting usage allows the platform to learn, fine tune and improve its findings and model coverage as well as the efficacy of the recommendations.

These translate into the following business benefits:

• Enhanced Scalability through Volume Processing: Achieve scalability by effectively processing larger quantities of security data across diverse identity types. Prioritize the identification of outlier access and risky entitlements to optimize resource allocation.
• Strengthened Security Measures: Bolster security controls to proactively mitigate over-provisioning risks. Recommendations are generated through a comprehensive analysis of identity attributes, access permissions, user activity, and risk indicators.
• Intelligent Streamlining of Automation: Streamline access approvals intelligently by taking into account usage patterns. Automatically grant access for low-risk cases with a high degree of confidence.
• Substantial Cost Reduction through Overhead Minimization: Realize substantial cost savings by automating the detection, restriction, and monitoring of outlier access. This minimizes human involvement in these operational tasks.

Tipping Point #2 - Rise of AI

In 2023, the spotlight was on AI, with technologies like ChatGPT and Bard garnering significant attention. This transformative year also marked a beginning of significant shift in the realm of identity platforms. These platforms are now ready for a substantial transformation through their integration with Large Language Models (LLMs), reshaping the dynamics of human and digital identity interactions within the domain of identity security.

However, there are several fundamental principles to consider when integrating LLMs with identity security and governance platforms. Constructing a GenAI-based integration for enterprise-ready identity platforms demands meticulous effort.

This article's objective is not to go into the inner details of LLMs, but it aims to provide you with the fundamentals of various design patterns and which ones are more practical and effective to implement in the realm of identity security and governance landscapes.

While the potential of LLMs is immense, there is an important caveat: even the most powerful pre-trained LLMs may not immediately align with your specific requirements.

Here's why:

• The inherent quality of identity data often lacks essential metadata or proper classifiers, leading to potential inaccuracies when processed by LLMs.
• Tailored Outputs are a Necessity: Identity platforms are highly tailored to individual businesses, necessitating a strong demand for customized outputs.
• Contextual Gaps: Pre-trained LLMs may lack awareness of specific workflows and processes crucial to your identity platforms. For instance, when handling technical queries related to particular access requests or user manager campaigns, the LLM's accuracy may falter if it lacks access to instruction manuals or metadata pertinent to these business processes/workflows.
• Specialized Vocabulary: Identity security and governance platforms employ distinct terminologies, concepts, and structures not prominently featured in general pre-training data. Consequently, a pre-trained LLM may encounter challenges when summarizing information or responding to queries related to financial data, medical research papers, or even transcripts from company meetings.

To address the specific requirements of identity platforms, there are four design patterns with their pros and cons as defined below.?

‘Prompt Engineering' and 'Retrieval Augmented Generation (RAG)' models are particularly fitting. They cater to practical necessities by offering refined control and customization. Prompt Engineering is the meticulous crafting of prompts to guide the AI in generating precise and relevant responses. It helps in simplifying complex queries and ensures consistency while mitigating bias and inappropriate content.

On the other hand, the RAG model brings an innovative approach by augmenting the generative capabilities of LLMs with information retrieval from external and business specific data sources. It is an efficient way to enhance LLMs with domain-specific knowledge, thereby reducing the dependency on large training datasets and lowering the propensity for generating incorrect information or "hallucinations". This model is particularly effective for applications where accuracy and up-to-date information are critical and is suited well for the identity landscape.

When choosing between these design patterns, the three key metrics to account for are Cost, Accuracy and Complexity of implementation.?

Cost - Prompt Engg. tends to be most cost effective among all the four patterns followed by RAG implementations. RAG is higher in terms of cost because of the need for multiple components including vector stores, retrievers and embedding models?

Implementation Complexity - Again Prompt Engg and RAG are the two design paradigms which are less complex as compared to PEFT and Full Tuning.?

Accuracy - The most important metric for an identity security platform to consider. RAG is clearly a winner when it comes to getting accurate results across multiple dimensions including Latest Responses, Reduced Hallucinations, Transparency and Interpretability.

Reducing hallucinations will be a key metric to track and will require specific design patterns to be implemented (more to come on this in subsequent articles)

Last but not the least, building responsible and secure AI integrations and adhering to the guidance published by government agencies will be extremely important ( USA Executive Order, The EU AI Act, Canada AI and Data Act). More to come on this in subsequent articles.

We at Saviynt are on this journey to reshape and redefine the identity security and governance landscape.

Join with us in this journey, help us and collaborate with us to be a part of this future.

The next series of this blog will focus on Automation and Abstraction as the other two tipping points. Stay tuned!

Reference Articles

https://towardsdatascience.com/how-to-cut-rag-costs-by-80-using-prompt-compression-877a07c6bedb

https://medium.com/aimonks/how-to-use-large-language-models-llms-on-private-data-a-data-strategy-guide-812cfd7c5c79

https://github.com/HuangOwen/Awesome-LLM-Compression

https://arxiv.org/pdf/2202.01110.pdf

https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-customize-prompt-engineering.html

https://medium.com/@bijit211987/tackling-hallucinations-in-llms-f2d7cbf35e72

https://arxiv.org/pdf/2312.03863.pdf

https://towardsdatascience.com/real-time-llm-hallucination-detection-9a68bb292698

https://www.ibm.com/docs/en/watsonx-as-a-service?topic=models-retrieval-augmented-generation