Episode 201 - GluuFederation/identerati-office-hours GitHub Wiki

Title: AI Agents Need Intent, Not Roles: Introducing IBAC

• Host: Mike Schwartz, Founder/CEO Gluu
• Guest: Yash Prakash

Channels

• Linkedin Event
• Youtube Video
• Short

Description

AI agents are non-deterministic, often taking actions unpredictable at provisioning time. Traditional models (RBAC, ABAC) confirm identity, but they can't validate purpose.

Intent-Based Access Control (IBAC) closes this gap. By requiring agents to justify every tool call, IBAC uses embeddings and anomaly detection to score alignment against system-defined intent. In this session, we’ll demonstrate how IBAC creates a hard authorization boundary at the tool level. We will explore how IETF transaction tokens propagate context across multi-hop chains and how behavioral signals—like tool sequence analysis—can neutralize prompt injections. Join us to discuss the future of autonomous agent authorization.

Homework

• IBAC specification and paper
• Reva blog: Intent‑Based Access Control: A Technical Primer by Ken Huang

Takeaways

TBD

Livestream Audio Archive

Will be Here