Search papers, labs, and topics across Lattice.
The paper introduces SEAL-Tag, a privacy-preserving runtime environment for RAG systems that mitigates contextual leakage of PII by using a Verify-then-Route paradigm. SEAL-Tag employs a novel SEAL-Probe protocol to generate a PII-Evidence Table (PET) and a Probabilistic Circuit (PC) to enforce verifiable logical constraints for robust decision-making. Experiments show that SEAL-Tag reduces adaptive leakage by over 8x while maintaining the utility and speed of unsafe baselines, establishing a new Pareto frontier.
RAG systems can now achieve 8x better PII leakage protection without sacrificing utility or speed, thanks to a novel "Verify-then-Route" paradigm.
Retrieval-Augmented Generation (RAG) systems introduce a critical vulnerability: contextual leakage, where adversaries exploit instruction-following to exfiltrate Personally Identifiable Information (PII) via adaptive extraction. Current defenses force a rigid trade-off between semantic utility and latency. We present SEAL-Tag, a privacy-preserving runtime environment that resolves this via a Verify-then-Route paradigm. SEAL-Tag introduces the SEAL-Probe protocol, transforming auditing into a structured tool-use operation where the model generates a verifiable PII-Evidence Table (PET) alongside its draft. To adjudicate this evidence, we employ a Probabilistic Circuit (PC) that enforces verifiable logical constraints for robust decision-making. To overcome the privacy"Cold Start"problem, we introduce the S0--S6 Anchored Synthesis Pipeline, generating high-fidelity, provenanced RAG interactions. We pair this with a Two-Stage Curriculum that first optimizes for entity detection before aligning the model to the rigorous audit protocol. Our evaluation demonstrates that SEAL-Tag establishes a new Pareto frontier, reducing adaptive leakage by over 8$\times$ while matching the utility and speed of unsafe baselines.
