@inproceedings{alabdulkareem-etal-2026-securellm,
title = "{S}ecure{LLM}: Using Inference-time Compositionality to Build Secure Language Models",
author = "Alabdulkareem, Abdulrahman and
Arnold, Christian Michael and
Lee, Yerim and
Feenstra, Pieter M and
Arnold, Conner and
Katz, Boris and
Barbu, Andrei and
Cheung, Brian",
editor = "Habernal, Ivan and
Ghanavati, Sepideh and
Haghighi, Sara and
Ramesh, Krithika and
Igamberdiev, Timour and
Wilson, Shomir",
booktitle = "Proceedings of the Seventh Workshop on Privacy in Natural Language Processing",
month = jul,
year = "2026",
address = "San Diego, California",
publisher = "Association for Computational Linguistics",
url = "https://aclanthology.org/2026.privatenlp-main.3/",
doi = "10.18653/v1/2026.privatenlp-main.3",
pages = "26--52",
ISBN = "979-8-89176-397-5",
abstract = "As Large Language Models (LLMs) increasingly support critical sectors such as healthcare, finance, and public governance, ensuring data confidentiality and robust access control is a pressing societal challenge. Traditional security mechanisms isolate sensitive resources from unauthorized users, yet existing LLM safety approaches often fail to enforce strict segregation of confidential data. In this work, we introduce SecureLLM, a novel compositional framework for building secure LLMs that integrates fine-tuning with traditional access security measures to protect private information. By fine-tuning LLMs on segregated, ``siloed'' training data and composing their outputs at inference time based solely on a user{'}s verified credentials, SecureLLM not only prevents unauthorized data leakage but also enables accurate responses for complex queries spanning multiple data silos. Our method is demonstrated on a challenging natural-language-to-SQL translation task and is designed with real-world applications in mind, where protecting sensitive information is critical."
}<?xml version="1.0" encoding="UTF-8"?>
<modsCollection xmlns="http://www.loc.gov/mods/v3">
<mods ID="alabdulkareem-etal-2026-securellm">
<titleInfo>
<title>SecureLLM: Using Inference-time Compositionality to Build Secure Language Models</title>
</titleInfo>
<name type="personal">
<namePart type="given">Abdulrahman</namePart>
<namePart type="family">Alabdulkareem</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Christian</namePart>
<namePart type="given">Michael</namePart>
<namePart type="family">Arnold</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Yerim</namePart>
<namePart type="family">Lee</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Pieter</namePart>
<namePart type="given">M</namePart>
<namePart type="family">Feenstra</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Conner</namePart>
<namePart type="family">Arnold</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Boris</namePart>
<namePart type="family">Katz</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Andrei</namePart>
<namePart type="family">Barbu</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Brian</namePart>
<namePart type="family">Cheung</namePart>
<role>
<roleTerm authority="marcrelator" type="text">author</roleTerm>
</role>
</name>
<originInfo>
<dateIssued>2026-07</dateIssued>
</originInfo>
<typeOfResource>text</typeOfResource>
<relatedItem type="host">
<titleInfo>
<title>Proceedings of the Seventh Workshop on Privacy in Natural Language Processing</title>
</titleInfo>
<name type="personal">
<namePart type="given">Ivan</namePart>
<namePart type="family">Habernal</namePart>
<role>
<roleTerm authority="marcrelator" type="text">editor</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Sepideh</namePart>
<namePart type="family">Ghanavati</namePart>
<role>
<roleTerm authority="marcrelator" type="text">editor</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Sara</namePart>
<namePart type="family">Haghighi</namePart>
<role>
<roleTerm authority="marcrelator" type="text">editor</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Krithika</namePart>
<namePart type="family">Ramesh</namePart>
<role>
<roleTerm authority="marcrelator" type="text">editor</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Timour</namePart>
<namePart type="family">Igamberdiev</namePart>
<role>
<roleTerm authority="marcrelator" type="text">editor</roleTerm>
</role>
</name>
<name type="personal">
<namePart type="given">Shomir</namePart>
<namePart type="family">Wilson</namePart>
<role>
<roleTerm authority="marcrelator" type="text">editor</roleTerm>
</role>
</name>
<originInfo>
<publisher>Association for Computational Linguistics</publisher>
<place>
<placeTerm type="text">San Diego, California</placeTerm>
</place>
</originInfo>
<genre authority="marcgt">conference publication</genre>
<identifier type="isbn">979-8-89176-397-5</identifier>
</relatedItem>
<abstract>As Large Language Models (LLMs) increasingly support critical sectors such as healthcare, finance, and public governance, ensuring data confidentiality and robust access control is a pressing societal challenge. Traditional security mechanisms isolate sensitive resources from unauthorized users, yet existing LLM safety approaches often fail to enforce strict segregation of confidential data. In this work, we introduce SecureLLM, a novel compositional framework for building secure LLMs that integrates fine-tuning with traditional access security measures to protect private information. By fine-tuning LLMs on segregated, “siloed” training data and composing their outputs at inference time based solely on a user’s verified credentials, SecureLLM not only prevents unauthorized data leakage but also enables accurate responses for complex queries spanning multiple data silos. Our method is demonstrated on a challenging natural-language-to-SQL translation task and is designed with real-world applications in mind, where protecting sensitive information is critical.</abstract>
<identifier type="citekey">alabdulkareem-etal-2026-securellm</identifier>
<identifier type="doi">10.18653/v1/2026.privatenlp-main.3</identifier>
<location>
<url>https://aclanthology.org/2026.privatenlp-main.3/</url>
</location>
<part>
<date>2026-07</date>
<extent unit="page">
<start>26</start>
<end>52</end>
</extent>
</part>
</mods>
</modsCollection>
%0 Conference Proceedings
%T SecureLLM: Using Inference-time Compositionality to Build Secure Language Models
%A Alabdulkareem, Abdulrahman
%A Arnold, Christian Michael
%A Lee, Yerim
%A Feenstra, Pieter M.
%A Arnold, Conner
%A Katz, Boris
%A Barbu, Andrei
%A Cheung, Brian
%Y Habernal, Ivan
%Y Ghanavati, Sepideh
%Y Haghighi, Sara
%Y Ramesh, Krithika
%Y Igamberdiev, Timour
%Y Wilson, Shomir
%S Proceedings of the Seventh Workshop on Privacy in Natural Language Processing
%D 2026
%8 July
%I Association for Computational Linguistics
%C San Diego, California
%@ 979-8-89176-397-5
%F alabdulkareem-etal-2026-securellm
%X As Large Language Models (LLMs) increasingly support critical sectors such as healthcare, finance, and public governance, ensuring data confidentiality and robust access control is a pressing societal challenge. Traditional security mechanisms isolate sensitive resources from unauthorized users, yet existing LLM safety approaches often fail to enforce strict segregation of confidential data. In this work, we introduce SecureLLM, a novel compositional framework for building secure LLMs that integrates fine-tuning with traditional access security measures to protect private information. By fine-tuning LLMs on segregated, “siloed” training data and composing their outputs at inference time based solely on a user’s verified credentials, SecureLLM not only prevents unauthorized data leakage but also enables accurate responses for complex queries spanning multiple data silos. Our method is demonstrated on a challenging natural-language-to-SQL translation task and is designed with real-world applications in mind, where protecting sensitive information is critical.
%R 10.18653/v1/2026.privatenlp-main.3
%U https://aclanthology.org/2026.privatenlp-main.3/
%U https://doi.org/10.18653/v1/2026.privatenlp-main.3
%P 26-52
Markdown (Informal)
[SecureLLM: Using Inference-time Compositionality to Build Secure Language Models](https://aclanthology.org/2026.privatenlp-main.3/) (Alabdulkareem et al., PrivateNLP 2026)
ACL
- Abdulrahman Alabdulkareem, Christian Michael Arnold, Yerim Lee, Pieter M Feenstra, Conner Arnold, Boris Katz, Andrei Barbu, and Brian Cheung. 2026. SecureLLM: Using Inference-time Compositionality to Build Secure Language Models. In Proceedings of the Seventh Workshop on Privacy in Natural Language Processing, pages 26–52, San Diego, California. Association for Computational Linguistics.