English
Related papers

Related papers: Before the Tool Call: Deterministic Pre-Action Aut…

200 papers

AI agents increasingly require direct, structured access to application data and actions, but production deployments still struggle to express and verify the governance properties that matter in practice: least-privilege authorization,…

Cryptography and Security · Computer Science 2026-02-25 Genliang Zhu , Chu Wang , Ziyuan Wang , Zhida Li , Qiang Li

AI agents increasingly act through external tools: they query databases, execute shell commands, read and write files, and send network requests. Yet in most current agent stacks, model-generated tool calls are handed to the execution layer…

Cryptography and Security · Computer Science 2026-03-16 Aojie Yuan , Zhiyuan Su , Yue Zhao

As AI agents attempt to autonomously act on users' behalf, they raise transparency and control issues. We argue that permission-based access control is indispensable in providing meaningful control to the users, but conventional permission…

Cryptography and Security · Computer Science 2025-11-25 Yuhao Wu , Ke Yang , Franziska Roesner , Tadayoshi Kohno , Ning Zhang , Umar Iqbal

The emerging agentic web envisions AI agents that reliably fulfill users' natural-language (NL)-based tasks by interacting with existing web services. However, existing authorization models are misaligned with this vision. In particular,…

Cryptography and Security · Computer Science 2026-03-19 Reshabh K Sharma , Linxi Jiang , Zhiqiang Lin , Shuo Chen

AI agents promise to serve as general-purpose personal assistants for their users, which requires them to have access to private user data (e.g., personal and financial information). This poses a serious risk to security and privacy.…

Cryptography and Security · Computer Science 2026-04-22 Robert Stanley , Avi Verma , Lillian Tsai , Konstantinos Kallas , Sam Kumar

Modern AI agents execute real-world side effects through tool calls such as file operations, shell commands, HTTP requests, and database queries. A single unsafe action, including accidental deletion, credential exposure, or data…

Artificial Intelligence · Computer Science 2026-05-07 Chenglin Yang

The rapid rise of AI agents presents urgent challenges in authentication, authorization, and identity management. Current agent-centric protocols (like MCP) highlight the demand for clarified best practices in authentication and…

Autonomous agents can produce harmful behavioral patterns from individually valid requests -- a threat class per-request policy evaluation cannot address, because stateless engines evaluate each request in isolation. We present ACP, a…

Cryptography and Security · Computer Science 2026-05-04 Marcelo Fernandez

Autonomous UI agents powered by AI have tremendous potential to boost human productivity by automating routine tasks such as filing taxes and paying bills. However, a major challenge in unlocking their full potential is security, which is…

Cryptography and Security · Computer Science 2025-05-20 Ivan Evtimov , Arman Zharmagambetov , Aaron Grattafiori , Chuan Guo , Kamalika Chaudhuri

AI agents dynamically acquire tools, orchestrate sub-agents, and transact across organizational boundaries, yet no existing security layer verifies what an agent can do, whether it executed what it claims, or what happened in a multi-agent…

Cryptography and Security · Computer Science 2026-03-23 Ziling Zhou

The safety of autonomous AI agents is increasingly recognized as a critical open problem. As agents transition from passive text generators to active actors capable of executing shell commands, modifying files, calling APIs, and browsing…

Artificial Intelligence · Computer Science 2026-05-19 Ashwin Aravind

Agentic AI systems automate enterprise workflows but existing defenses--guardrails, semantic filters--are probabilistic and routinely bypassed. We introduce authenticated workflows, the first complete trust layer for enterprise agentic AI.…

Cryptography and Security · Computer Science 2026-02-12 Mohan Rajagopalan , Vinay Rao

Autonomous AI agents increasingly issue side-effect-bearing actions: database mutations, refunds, payments, external commitments. We propose the Actuarial Action Interface (AAI), a deterministic runtime contract that prices each such action…

Artificial Intelligence · Computer Science 2026-05-26 Hao-Hsuan Chen

As artificial intelligence systems evolve from passive assistants into autonomous agents capable of executing consequential actions, the security boundary shifts from model outputs to tool execution. Traditional security paradigms - log…

Cryptography and Security · Computer Science 2026-02-11 Herman Errico

Recent evidence suggests that frontier AI systems can exhibit agentic misalignment, generating and executing harmful actions derived from internally constructed goals, even without explicit user requests. Existing mitigation methods, such…

Artificial Intelligence · Computer Science 2026-04-28 Rong Xiang

As AI agents transition from research prototypes to enterprise production systems, the tool interfaces they consume remain rooted in human-oriented CRUD paradigms. This paper identifies five fundamental architectural mismatches between…

Artificial Intelligence · Computer Science 2026-05-12 Kai Pan

An Artificial Intelligence (AI) agent is a software entity that autonomously performs tasks or makes decisions based on pre-defined objectives and data inputs. AI agents, capable of perceiving user inputs, reasoning and planning tasks, and…

Cryptography and Security · Computer Science 2025-11-26 Zehang Deng , Yongjian Guo , Changzhou Han , Wanlun Ma , Junwu Xiong , Sheng Wen , Yang Xiang

Modern artificial intelligence governance lacks a formal, enforceable mechanism for determining whether a given AI system is legally permitted to operate in a specific domain and jurisdiction. Existing tools such as model cards, audits, and…

Computers and Society · Computer Science 2026-01-15 Daniel Djan Saparning

Recent advances in AI agents capable of solving complex, everyday tasks, from scheduling to customer service, have enabled deployment in real-world settings, but their possibilities for unsafe behavior demands rigorous evaluation. While…

Artificial Intelligence · Computer Science 2026-02-18 Sanidhya Vijayvargiya , Aditya Bharat Soni , Xuhui Zhou , Zora Zhiruo Wang , Nouha Dziri , Graham Neubig , Maarten Sap

Personal AI agents like OpenClaw run with elevated privileges on users' local machines, where a single successful prompt injection can leak credentials, redirect financial transactions, or destroy files. This threat goes well beyond…

Artificial Intelligence · Computer Science 2026-04-07 Bowen Wei , Yunbei Zhang , Jinhao Pan , Kai Mei , Xiao Wang , Jihun Hamm , Ziwei Zhu , Yingqiang Ge
‹ Prev 1 2 3 10 Next ›