Intent-Based Access Control (IBAC) – FGA for AI Agent Permissions (ibac.dev)

A new approach to enhancing security for AI systems, called Intent-Based Access Control (IBAC), has been introduced to combat prompt injection attacks more effectively. Unlike traditional defenses that attempt to make AI better at detecting malicious inputs, IBAC renders these attacks ineffective by deriving permissions from explicit user intent for each request. This method enforces permissions in a deterministic manner before any tool is invoked, ensuring that unauthorized actions are blocked, regardless of compromised instructions. The implementation process for IBAC involves parsing user intent into Functional Group Access (FGA) tuples and performing an authorization check—taking about 9 milliseconds—before each tool invocation. This efficient mechanism requires no custom frameworks or dual-LLM architecture, allowing quick deployment that can be operational in minutes. By providing dynamic permissions and a standardized integration with existing systems, IBAC enhances security while maintaining ease of use, representing a significant leap forward in protecting AI agents from unauthorized actions and ensuring robust operational integrity.