Principal directions for deploying secure document workflow on artificial intelligence platforms
Abstract
The article explores the principal directions for deploying secure document workflow on artificial intelligence platforms using local large language models (LLMs). It analyzes the technological features and functional capabilities of tools such as Ollama and DeepSeek-R1 in the context of ensuring confidentiality in document processing. The advantages of containerizing AI applications based on Docker Desktop are considered, particularly for enhancing system security and component isolation. A conceptual model of a multi-level architecture for a secure document workflow system is proposed, including the infrastructure layer, document processing layer, data protection layer, and monitoring and response layer. Key security risks associated with the use of large language models in document workflow systems are identified, and methodologies for their mitigation are described, notably through the application of the specialized security testing tool Garak.
Based on the research findings, practical recommendations have been formulated for the deployment and configuration of secure document workflow systems, taking into account the requirements for autonomy, scalability, and regulated handling of sensitive information. In particular, the feasibility of using local LLMs in environments with strict data transfer policies beyond the organization’s controlled zone (such as government institutions, medical facilities, and defense industry enterprises) has been substantiated. It is established that combining local language models with a containerized infrastructure provides an optimal balance between functionality, performance, and security.
The research results demonstrate that integrating local LLMs with containerized infrastructure ensures an optimal balance among functionality, productivity, and security of document workflow systems, especially in sectors with high confidentiality requirements.
It is worth noting that a promising direction for further research lies in the development of intelligent, secure, and flexible next-generation public administration systems capable of functioning effectively in complex information environments.
Downloads
References
Feretzakis, G., Papaspyridis, K., Gkoulalas-Divanis, A., & Verykios, V.S. (2024). Privacy-Preserving Techniques in Generative AI and Large Language Models: A Narrative Review. Information. 15(11):697. DOI: https://doi.org/10.3390/info15110697
Das, B. C., Amini, M. H., & Wu, Y. (2025). Security and privacy challenges of large language models: A survey. ACM Computing Surveys, 57(6), R. 1-39.
The «Big 8» Trends in Document Management in 2025. (2025, January 27). URL: https://www.adlibsoftware.com/news/the-big-8-trends-in-document-management-in-2025
Guo, D., Zhu, Q., Yang, D., Xie, Z., Dong, K., Zhang, W., ... & Liang, W. (2024). DeepSeek-Coder: When the Large Language Model Meets Programming-The Rise of Code Intelligence. arXiv preprint arXiv:2401.14196. URL: https://arxiv.org/abs/2401.14196
Zhihan, Zhang, Yixin, Cao, Chenchen, Ye, Yunshan, Ma, Lizi, Liao, & Tat-Seng, Chua. (2024). Analyzing Temporal Complex Events with Large Language Models? A Benchmark towards Temporal, Long Context Understanding. In Proceedings of the 62nd Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), 1588-1606, Bangkok, Thailand. Association for Computational Linguistics.
Derczynski, L., Galinkin, E., Martin, J., Majumdar, S., & Inie, N. (2024). garak: A framework for security probing large language models. arXiv preprint arXiv:2406.11036.
Kolchenko, V., Khoma, V., Sabodashko, D., & Perepelytsia, P. (2024). Exploring large language models security threats with automated tools. Social Development and Security, 14(6), 81-96. DOI; https://doi.org/10.33445/sds.2024.14.6.9. URL: https://arxiv.org/abs/2406.11036
Sahana Upadhya et al. A State-of-Art Review of Docker Container Security Issues and Solutions. (2017). American International Journal of Research in Science, Technology, Engineering & Mathematics, 17(1), (December 2016-February 2017), 33-36. URL: https://www.researchgate.net/publication/315823494
Docker Security: 5 Risks and 5 Best Practices for Securing Your Containers URL: https://www.tigera.io/learn/guides/container-security-best-practices/docker-security/
Penubadi, H.R. (2023). Sustainable electronic document security: A comprehensive framework integrating encryption, digital signature and watermarking algorithms, Heritage and Sustainable Development, vol. 5, no. 2, pp. 391-404, URL: https://hsd.ardascience.com/index.php/journal/article/view/359
Jakesch, M. (2022). Assessing the Effects and Risks jf Large Language Models in Ai-Mediated Communication : Cornell University. URL: https://www.jakesch-lab.org/assets/pdf/thesis_jakesch_cornell_phd.pdf
Ollama. (2024). Run Llama 2, Mistral, Gemma and other large language models locally. URL: https://ollama.com
Das, Badhan Chandra, Amini, M. Hadi, & Wu, Yanzhao. (2025). Security and privacy challenges of large language models: A survey. ACM Computing Surveys, 57.6: 1-39. Ollama Models Library. URL: https://ollama.com/library
Ollama Documentation. (2024). Modelfile reference. URL: https://github.com/ollama/ollama/blob/main/docs/modelfile.md
Hoffmann, J., Borgeaud, S., Mensch, A., et al. (2022). Training Compute-Optimal Large Language Models. arXiv:2203.15556. URL: https://arxiv.org/abs/2203.15556
Chen, M., Tworek, J., Jun, H., et al. (2021). Evaluating Large Language Models Trained on Code. arXiv:2107.03374. URL: https://arxiv.org/abs/2107.03374
LM Studio. (2024). Run local large language models. URL: https://lmstudio.ai
Mozilla. (2024). llamafile: Distribute and run LLMs with a single file. URL: https://github.com/Mozilla-Ocho/llamafile
Jan AI. (2024). Run open-source LLMs locally. URL: https://jan.ai
NextChat. (2024). Local ChatGPT-like assistant. URL: https://github.com/next-chat/next-chat
Faraday.dev. (2024). Local AI Development Environment. URL: https://faraday-dev.en.softonic.com/web-apps
Backyard AI. (2024). Self-hosted AI assistant platform. URL: https://backyard.ai/
GPT4All. (2024). Run open-source large language models locally. URL: https://gpt4all.io
Gruber, Johannes B. & Weber, Maximilian. (2024). Rollama: An R package for using generative large language models through Ollama. DOI: doi.org/10.21105/joss.05321. URL: https://arxiv.org/abs/2404.07654
Shyshatskyi, A. (Ed.) (2024). Information and control systems: modelling and optimizations: collective monograph. Kharkiv: Teshnology Center PC, 180. DOI: http://doi.org/10.15587/978-617-8360-04-7. URL: http://monograph.com.ua/pctc/catalog/book/978-617-8360-04-7
Zhyvylo, Ye.O., & Orlov, O.V. (2022, April). The essence of cyber security of the national segment of the state’s cyberspace in the context of crisis management. In: Collection of scientific materials of the 22nd International Scientific Congress «Public administration of the 21st century in the context of hybrid threats», 248-254.
Zhyvylo, Ye., & Shevchenko, D. (2022). Cybersecurity Risk Assessment and Privacy Control in Public Administration Information Systems. Collection of scientific works of the Military Institute of Kyiv National Taras Shevchenko University, (75), 66–77. DOI: https://doi.org/10.17721/2519-481X/2022/75-07. URL: https://miljournals.knu.ua/index.php/zbirnuk/article/view/957
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
