English

Contextual Agent Security: A Policy for Every Purpose

Cryptography and Security 2025-04-18 v3 Computation and Language Machine Learning

Abstract

Judging an action's safety requires knowledge of the context in which the action takes place. To human agents who act in various contexts, this may seem obvious: performing an action such as email deletion may or may not be appropriate depending on the email's content, the goal (e.g., to erase sensitive emails or to clean up trash), and the type of email address (e.g., work or personal). Unlike people, computational systems have often had only limited agency in limited contexts. Thus, manually crafted policies and user confirmation (e.g., smartphone app permissions or network access control lists), while imperfect, have sufficed to restrict harmful actions. However, with the upcoming deployment of generalist agents that support a multitude of tasks (e.g., an automated personal assistant), we argue that we must rethink security designs to adapt to the scale of contexts and capabilities of these systems. As a first step, this paper explores contextual security in the domain of agents and proposes contextual agent security (Conseca), a framework to generate just-in-time, contextual, and human-verifiable security policies.

Keywords

Cite

@article{arxiv.2501.17070,
  title  = {Contextual Agent Security: A Policy for Every Purpose},
  author = {Lillian Tsai and Eugene Bagdasarian},
  journal= {arXiv preprint arXiv:2501.17070},
  year   = {2025}
}

Comments

Workshop in Hot Topics in Operating Systems (HotOS) 2025

R2 v1 2026-06-28T21:22:20.892Z