AgentGuardian: Learning Access Control Policies to Govern AI Agent Behavior
This addresses security and integrity issues for AI agent deployments, though it appears incremental as it builds on existing access-control concepts.
The study tackled the problem of ensuring AI agents perform only authorized actions by introducing AgentGuardian, a security framework that learns access-control policies from execution traces, and demonstrated its effectiveness in detecting malicious inputs and mitigating errors in real-world applications.
Artificial intelligence (AI) agents are increasingly used in a variety of domains to automate tasks, interact with users, and make decisions based on data inputs. Ensuring that AI agents perform only authorized actions and handle inputs appropriately is essential for maintaining system integrity and preventing misuse. In this study, we introduce the AgentGuardian, a novel security framework that governs and protects AI agent operations by enforcing context-aware access-control policies. During a controlled staging phase, the framework monitors execution traces to learn legitimate agent behaviors and input patterns. From this phase, it derives adaptive policies that regulate tool calls made by the agent, guided by both real-time input context and the control flow dependencies of multi-step agent actions. Evaluation across two real-world AI agent applications demonstrates that AgentGuardian effectively detects malicious or misleading inputs while preserving normal agent functionality. Moreover, its control-flow-based governance mechanism mitigates hallucination-driven errors and other orchestration-level malfunctions.