Score
Designing and operating authentication, authorization and provisioning systems that control who can access which resources using methods like OAuth/OIDC, SAML, RBAC, ACLs and MFA; implementing IAM involves defining roles/policies, integrating SSO/LDAP, issuing/verifying tokens, and auditing access logs for compliance.
Enterprise open-source software (OSS) frequently lacks native support for standard authentication protocols such as SAML and OIDC, hindering seamless single sign-on (SSO) integration and creating security governance gaps. To address this, we propose and formally define the “Auth Shim” architectural pattern—a lightweight, external proxy service that transparently bridges enterprise identity providers (e.g., Okta) with standalone OSS without modifying application source code. The Auth Shim programmatically translates authentication protocols via management APIs and automatically maps Identity and Access Management (IAM) groups to fine-grained Role-Based Access Control (RBAC) policies. Evaluated in a production Adobe environment, the pattern successfully integrated an open-source business intelligence tool with corporate SSO, enabling fully automated user provisioning and permission management. This eliminated manual configuration, strengthened compliance with security policies, and significantly improved operational efficiency.
In zero-trust architectures, fragmented identities across human users, workloads, and automated systems hinder unified access control. Method: This paper introduces the Identity Control Plane (ICP)—the first cross-domain identity governance framework integrating SPIFFE identity primitives, OIDC/SAML-based federated authentication, and scoped transactional tokens. It designs a composable, standards-compliant ABAC enforcement layer aligned with IETF WIMSE and OAuth specifications; integrates OPA/Cedar policy engines; and establishes FedRAMP/SLSA compliance mapping mechanisms. Contributions: (1) Unified multi-source identity modeling with fine-grained, dynamic authorization; (2) Transaction-token-driven real-time credential lifecycle management; and (3) A complete theoretical architecture, component specifications, performance modeling, comparative analysis against mainstream zero-trust models, and a production-ready, compliance-validated deployment pathway.
Existing Web data storage platforms struggle to meet the demands of decentralized, semantically rich, and legally compliant data usage control. This work proposes a novel approach that integrates the User-Managed Access (UMA) authorization framework with the W3C Open Digital Rights Language (ODRL) policy language to replace Solid’s native access control mechanism, thereby decoupling authorization from storage. For the first time within the Solid ecosystem, this integration advances access control from mere permission management toward legally aware usage control. The authors also design a policy evaluation mechanism tailored for non-standardized semantic environments. A prototype implementation demonstrates that the proposed method maintains compatibility with Solid while enabling flexible, interoperable, and legally aligned data governance.
To address the challenge of simultaneously ensuring security, accountability, and cross-modal access control in AI assistant permission management, this paper proposes a trustworthy authorization and auditable delegation framework for AI agents. Methodologically, it introduces the first agent-centric identity authentication architecture that integrates natural-language permission translation with extended OAuth 2.0 and OpenID Connect protocols, establishing agent-specific credential issuance and a semantic parsing model to enable end-to-end traceable mapping from human intent to machine-executable policies. It further incorporates an auditable access control engine supporting fine-grained, compliance-aware permission enforcement. The key contribution is the first automated translation of natural-language policies into standardized, enforceable access control rules—significantly enhancing AI agent controllability, interpretability, and accountability. The framework has been validated across multiple Web service prototypes, demonstrating plug-and-play secure integration.
In AWS cloud environments, IAM permission boundaries enforce isolation across principals, rendering global permissions invisible and hindering comprehensive privilege analysis. Method: This paper introduces the first collaborative, multi-principal IAM enumeration framework, overcoming the limitations of single-principal analysis. It integrates multi-principal cooperative enumeration, policy dependency modeling, and access-path inference with deep API call analysis and fine-grained permission semantics to construct cross-account and cross-role global permission mappings with contextual awareness. Contribution/Results: Compared to conventional tools, our approach significantly enhances detection capability for privilege escalation and unauthorized access vulnerabilities. Evaluated in real-world deployments, it achieves a 3.2× average improvement in detection coverage. The framework natively supports compliance auditing (e.g., GDPR, SOC 2) and enables proactive security defense through precise, actionable privilege insights.
Existing identity and access control models struggle to meet the requirements of autonomous agents operating across organizational boundaries for authorization that is explicit, constrained, auditable, revocable, and semantically consistent. This work proposes a portable authorization model tailored for autonomous agents, which decouples credential containers, authorization semantics, and enforcement engines. By integrating typed constraint algebras with a fail-closed evaluation mechanism, the model ensures unified authorization semantics across trust boundaries. It supports multi-protocol interoperability and incorporates delegation decay, governance-aware semantic resolution, and pre-flight discovery mechanisms. The design leverages established technologies such as JWT/JWS, verifiable credentials, and OAuth-rich authorization requests. Empirical validation in enterprise scenarios—including insurance claims processing and supply chain integrity—demonstrates the model’s consistency, security, and controllability in cross-system authorization.
This work addresses the persistent account compromise risk in agent-based systems arising from the reuse of user credentials by formally introducing, for the first time, the Agent Secret Usage (ASU) problem and establishing a corresponding security property taxonomy. To mitigate this threat, the authors design a three-party delegation protocol wherein a requester initiates an operation, the user grants authorization via a single-use credential, and a custodian executes the operation within a constrained environment, ensuring that reusable privileges never cross into untrusted agent boundaries. By integrating one-time authorization tokens, authenticator-backed delegation, sealed storage, and key isolation techniques—and assuming environment-level key rotation—the protocol achieves operation binding, single-use semantics, and verifiable authorization while guaranteeing storage confidentiality, encapsulated epoch-wise key isolation, and forward secrecy.
Current AI agent authorization mechanisms rely on static credentials, which struggle to ensure that tool invocations align with the user’s current intent and may lead to privilege escalation. This work proposes Intent-Governed Access Control (IGAC), the first framework to treat user intent as a monotonic and auditable authorization dimension. IGAC dynamically constrains agent behavior without expanding baseline permissions by introducing intent certificates, session-level permission narrowing, and consistency checks across intent, tool, and payload. Integrated into the OpenPort framework—which supports attribute-based access control (ABAC), pre-flight binding, and auditability—IGAC enables intent-driven, fine-grained authorization. This approach significantly enhances the controllability and compliance of AI agent actions while preserving existing security mechanisms.
Existing authorization mechanisms struggle to meet the governance demands of autonomous agents, particularly regarding permission inheritance, dynamic scoping, and recursive delegation. This work proposes a composable governance framework that, for the first time, formalizes recursive delegation, contextual boundaries, and dynamic scoping as composable governance primitives. It introduces a resource scoping decay mechanism to model delegation relationships through contractual constructs. Built upon a relational authorization model, the framework defines stackable composition operators that formally express delegation types and permission decay rules while remaining compatible with mainstream identity and access management (IAM) systems. Theoretical analysis and empirical evaluation demonstrate that the framework effectively supports dynamic authorization governance in complex agent systems without compromising accountability.
This study addresses the challenge of maintaining authorization invariance when non-human agents in multi-agent AI systems operate across trust boundaries—a problem inadequately handled by existing access control models. The work formally defines this issue for the first time, modeling it as a workflow-level property and identifying three core challenges: transitive delegation, aggregate inference, and temporal validity. It articulates seven architectural requirements, emphasizing that identity governance must serve as foundational infrastructure, enforced at every interaction boundary and prioritized over orchestration logic. The authors propose a novel authorization architecture incorporating capability-bound tokens, task-scoped authorization envelopes, dependency-graph-driven policy enforcement, and revocation based on execution counts. An initial implementation on an enterprise AI platform demonstrates that routine operations can readily trigger authorization violations, thereby validating the necessity and forward-looking nature of the proposed model.