Arthur is the very first MLOps observability platform to launch custom RBAC (Role-Based Access Control) to support today’s enterprise security and data privacy demands.
As organizational structures evolve and grow, companies need the flexibility to review and adjust permissions frequently to protect model data and MLOps lifecycle access management. Additionally, specific roles within MRM (model risk management) and third-party independent auditors require strict confidentiality, privacy, and access management controls. When businesses use highly sensitive personal identifiable information for privacy-sensitive data analysis in supervised learning environments, they face increased regulatory risk. To reduce privacy and compliance risks, segregation of duties is essential for different roles across the enterprise that are involved in ML monitoring and validation activities.
To uphold the integrity of trust frontiers necessary in AI systems and provide transparency to higher-level stakeholders who are tasked with management/governance KPIs as data flows through the ML development lifecycle, Arthur now offers a custom Role-Based Access Control (RBAC) system.
Enterprise organizations cannot rely on offerings with inflexible preset/pre-defined roles and provisioning access. Arthur provides the ability to set up a fully customizable RBAC for on-premises customers using OIDC authentication, and the flexibility and freedom to review and adjust permissions associated with each role as their org structures evolve and grow.
With this unique new capability, Arthur allows organizations to create groups and assign employees using any tool that speaks open ID connect language (OKTA, Microsoft Azure Active Directory, Duo, SecureAuth, AuthO, Ping Identity, and more). Organizations can leverage Arthur’s group mapping API for enterprise secure user authentication between data scientists, ML model engineers, systems integrators, domain practitioners, risk analysts, internal auditors, and external auditors.
Here’s an example managing users’ permissions in Arthur using a third-party identity provider, such as Okta. Each Okta Group corresponds to a role within an organization in Arthur’s platform.
In the future, we plan to extend custom RBAC to our existing support of SAML 2.0-based SSO identity providers.
When building trustworthy AI systems, it’s critical for enterprises to identify clear roles, requirements, and responsibilities for teams building, monitoring, and optimizing machine learning models.
Arthur’s RBAC-OIDC authentication solution was specifically built to support enterprises that are subject to EU, UK, US or state regulation that mandates algorithmic transparency and auditing. As such, our custom RBAC feature offers full-fledged flexibility across standard roles, plus organization-level, model-level, and alert-related permissioning.
Fully Customizable Permissions
Here’s an excerpt of some of the different permissions Arthur supports for use with custom roles. For a full list, you can check out our dev docs.