Dynamic Authorization for Knowledge-Base Agents in 6G

Leyli Karacay; Loay Abdelrazek; Marin Orlic

arxiv: 2605.05269 · v1 · submitted 2026-05-06 · 💻 cs.CR

Dynamic Authorization for Knowledge-Base Agents in 6G

Loay Abdelrazek , Leyli Karacay , Marin Orlic This is my paper

Pith reviewed 2026-05-08 17:33 UTC · model grok-4.3

classification 💻 cs.CR

keywords authorization frameworkzero-trustknowledge graphs6G networksmulti-agent systemsfirst-order logicrole-based accessdynamic authorization

0 comments

The pith

A hybrid framework blends roles with logic predicates to authorize agents at the exact triple level in 6G knowledge graphs.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper sets out to create finer control over what autonomous agents can see in shared knowledge bases as 6G networks move toward decentralized multi-agent systems. Traditional role-based models grant too much access through inheritance, so the authors combine roles with first-order logic rules that check individual subject-predicate-object facts. A reader would care because agents in future wireless systems will need to exchange semantic data without exposing unrelated information or relying on slow central checks. The approach claims to enforce zero-trust limits so each agent receives only the metadata tied to its current task.

Core claim

The central claim is that a hybrid authorization framework integrating roles and First-Order Logic predicates enforces zero-trust principles at the knowledge-graph level. Authorization is applied directly at each Subject-Predicate-Object triple rather than through inherited permissions, so agents access only the metadata required for their specific functional lifecycle in decentralized 6G multi-agent systems.

What carries the argument

The hybrid authorization framework that merges role assignments with First-Order Logic predicates applied at the Subject-Predicate-Object triple level of the knowledge graph.

If this is right

Agents receive only the metadata required for their specific functional lifecycle.
Permission inheritance is removed by enforcing decisions at the individual triple level.
Zero-trust principles are maintained directly on the knowledge-graph structure.
The model supports decentralized multi-agent systems without relying on coarse-grained role inheritance.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

This triple-level check could be combined with existing graph query engines to limit data exposure in other semantic applications.
Performance in mobile 6G settings would depend on how quickly the logic rules can be compiled or cached for repeated agent tasks.
The framework might reduce the attack surface when agents from different operators share the same knowledge base.

Load-bearing premise

First-order logic predicates can be evaluated efficiently and correctly in real time for autonomous agents without introducing unacceptable latency or requiring impractical computational resources in 6G environments.

What would settle it

A benchmark test that measures the added latency when first-order logic predicates are evaluated for repeated authorization queries by multiple agents against a shared knowledge graph in a 6G simulation and compares the results to real-time performance limits.

Figures

Figures reproduced from arXiv: 2605.05269 by Leyli Karacay, Loay Abdelrazek, Marin Orlic.

**Figure 1.** Figure 1: The Authorization Lifecycle: Registration to Query Enforcement. view at source ↗

read the original abstract

As 6G architectures transition toward decentralized Multi-Agent Systems (MAS), ensuring secure access to shared Knowledge Bases (KB) is critical. Traditional authorization models like RBAC fail to provide the granularity required for autonomous agents interacting with Semantic-based data. This work proposes a hybrid authorization framework that integrates roles and First-Order Logic (FOL) predicates to enforce zero-trust principles at the knowledge-graph level. We eliminate permission inheritance by enforcing authorization at the triple level (Subject-Predicate-Object), ensuring agents only access metadata required for their specific functional lifecycle.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

A high-level sketch for triple-level RBAC+FOL authorization in 6G agents that stops short of any formal details, algorithm, or performance analysis.

read the letter

The main thing to know is that this paper proposes a hybrid authorization model combining roles with first-order logic predicates to control access at the knowledge-graph triple level in decentralized 6G multi-agent systems, but it supplies no implementation, evaluation, or complexity analysis to support the claims. The core idea is to drop permission inheritance by checking authorization directly on Subject-Predicate-Object triples so agents only see the metadata tied to their specific tasks. That framing addresses a real gap in traditional RBAC for semantic data and autonomous agents operating under zero-trust assumptions. The motivation is clear and timely given the shift toward decentralized 6G architectures. The paper does a reasonable job spelling out why coarser role models fall short when agents interact with shared knowledge bases. The triple-level enforcement is a logical extension of existing logic-based access control techniques to this setting. Beyond that, the contribution stays conceptual. The soft spots are substantial and load-bearing. No formal semantics for the FOL predicates appear, no evaluation procedure is described, and nothing bounds the latency or computational cost of real-time triple checks against 6G timing requirements. The stress-test observation holds: without a performance model or asymptotic analysis, it is impossible to judge whether the approach is practical. There are also no comparisons to baselines, no simulated results, and no discussion of how the predicates would be maintained as the knowledge graph evolves. This leaves the central claim—that the model enforces zero-trust without inheritance—plausible on paper but untested. The work is aimed at specialists in network security, semantic access control, and 6G system design. A reader already thinking about authorization for multi-agent knowledge bases might find the high-level architecture useful as a prompt for further development. It does not, however, deliver enough concrete material to serve as a foundation for new implementations or experiments. I would not send this to peer review in its current state. It needs at least a defined predicate language, an evaluation algorithm, and some form of performance bound or prototype before it justifies referee effort.

Referee Report

2 major / 1 minor

Summary. The paper proposes a hybrid authorization framework for decentralized Multi-Agent Systems in 6G that integrates role-based access with First-Order Logic (FOL) predicates to enforce zero-trust principles directly at the knowledge-graph triple level (Subject-Predicate-Object). It claims this eliminates permission inheritance and ensures agents access only the metadata required for their functional lifecycle, addressing limitations of traditional RBAC in semantic data environments.

Significance. If the framework can be realized with bounded-latency FOL evaluation, it would address a timely security gap in emerging 6G MAS architectures by providing finer-grained, inheritance-free authorization over shared knowledge bases. The conceptual integration of roles and logic predicates is a reasonable direction, but the manuscript supplies no derivation, algorithm, or validation, so its practical significance cannot yet be assessed.

major comments (2)

Abstract: The central claim that FOL predicates enforce authorization at the triple level without permission inheritance is presented without any formal semantics, predicate definitions, or illustrative derivation; this is load-bearing for the zero-trust guarantee but unsupported by technical content.
No section provides a performance model, complexity bound, or latency analysis for real-time FOL predicate evaluation over the knowledge graph. This directly undermines the feasibility assertion for autonomous agents under 6G sub-millisecond timing constraints.

minor comments (1)

The abstract would be strengthened by a single sentence outlining the intended evaluation approach or key assumptions about FOL expressiveness, even if preliminary.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed review. The comments highlight important areas where the manuscript requires strengthening to fully substantiate its claims. We address each major comment below and commit to revisions that incorporate formal details and analysis without altering the core conceptual contribution.

read point-by-point responses

Referee: Abstract: The central claim that FOL predicates enforce authorization at the triple level without permission inheritance is presented without any formal semantics, predicate definitions, or illustrative derivation; this is load-bearing for the zero-trust guarantee but unsupported by technical content.

Authors: We agree that the abstract states the central claim at a high level without accompanying formal content. The manuscript body describes the hybrid integration of roles and FOL predicates at the triple level, but does not include explicit predicate definitions, semantics, or derivations. To address this, we will revise the paper by adding a new subsection in the model section that provides formal semantics for the FOL predicates, precise definitions, and a step-by-step derivation demonstrating enforcement at the Subject-Predicate-Object level with no permission inheritance. An illustrative example will be included to make the zero-trust property explicit. revision: yes
Referee: No section provides a performance model, complexity bound, or latency analysis for real-time FOL predicate evaluation over the knowledge graph. This directly undermines the feasibility assertion for autonomous agents under 6G sub-millisecond timing constraints.

Authors: We acknowledge that the current manuscript is primarily conceptual and contains no performance model, complexity bounds, or latency analysis for FOL evaluation. This is a valid concern for assessing practicality in 6G environments. In the revision, we will add a dedicated section on feasibility that includes a complexity analysis of FOL predicate evaluation over knowledge graphs (e.g., referencing linear-time fragments and indexing techniques), worst-case and average-case bounds, and a discussion of optimizations such as predicate caching and incremental evaluation to target sub-millisecond latencies. Relevant prior work on efficient semantic reasoning will be cited to support the claims. revision: yes

Circularity Check

0 steps flagged

No derivation chain or equations present in proposal

full rationale

The manuscript is a descriptive proposal for a hybrid role+FOL authorization model at the knowledge-graph triple level. No equations, fitted parameters, derivations, or load-bearing formal steps appear in the provided abstract or described content. The central claim is a design choice (enforcing authorization at Subject-Predicate-Object without inheritance) rather than a mathematical result derived from prior inputs. No self-citations, ansatzes, or reductions to fitted values are identifiable. The framework is therefore self-contained as a conceptual architecture with no circularity in any derivation chain.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract provides no explicit free parameters, axioms, or invented entities; the proposal assumes standard FOL semantics and zero-trust principles without detailing supporting assumptions or new constructs.

pith-pipeline@v0.9.0 · 5381 in / 1103 out tokens · 32930 ms · 2026-05-08T17:33:29.090827+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

22 extracted references · 22 canonical work pages

[1]

2024 IEEE International Conference on Cyber Security and Resilience (CSR) , pages=

Secure AI/ML-Based Control in Intent-Based Management System , author=. 2024 IEEE International Conference on Cyber Security and Resilience (CSR) , pages=. 2024 , organization=

work page 2024
[2]

2024 27th Conference on Innovation in Clouds, Internet and Networks (ICIN) , pages=

Revealing the threat landscape of intent-based management in O-RAN , author=. 2024 27th Conference on Innovation in Clouds, Internet and Networks (ICIN) , pages=. 2024 , organization=

work page 2024
[3]

OWASP Authorization Principles

OWASP. OWASP Authorization Principles

work page
[4]

NIST Special Publication 800-53A Revision 5

NIST. NIST Special Publication 800-53A Revision 5

work page
[5]

NIST special publication , volume=

Zero trust architecture , author=. NIST special publication , volume=

work page
[6]

GS ZSM 002 Zero-touch network and Service Management ( ZSM ); Reference architecture v1.1.1

ETSI. GS ZSM 002 Zero-touch network and Service Management ( ZSM ); Reference architecture v1.1.1

work page
[7]

3GPP 33.894 Study on applicability of the zero trust security principles in mobile networks, Release 18

3GPP. 3GPP 33.894 Study on applicability of the zero trust security principles in mobile networks, Release 18

work page
[8]

Ericsson Technology Review , volume=

5G zero trust--a zero-trust architecture for telecom , author=. Ericsson Technology Review , volume=. 2021 , publisher=

work page 2021
[9]

Proceedings of the IJCAI-07 workshop on semantic web for collaborative knowledge acquisition , year=

Policy-based access control for an RDF store , author=. Proceedings of the IJCAI-07 workshop on semantic web for collaborative knowledge acquisition , year=

work page
[10]

2008 Fourth International Conference on Semantics, Knowledge and Grid , pages=

Relbac: Relation based access control , author=. 2008 Fourth International Conference on Semantics, Knowledge and Grid , pages=. 2008 , organization=

work page 2008
[11]

SN Computer Science , volume=

Extended authorization policy for graph-structured data , author=. SN Computer Science , volume=. 2021 , publisher=

work page 2021
[12]

Proceedings of 11th Annual Computer Security Application Conference , pages=

A new model for role-based access control , author=. Proceedings of 11th Annual Computer Security Application Conference , pages=

work page
[13]

On the Move to Meaningful Internet Systems

A role and attribute based access control system using semantic web technologies , author=. OTM Confederated International Conferences" On the Move to Meaningful Internet Systems" , pages=. 2007 , organization=

work page 2007
[14]

TR292I Security Ontology v.3.7.0

TMforum. TR292I Security Ontology v.3.7.0

work page
[15]

2025 , url =

W3C , title =. 2025 , url =

work page 2025
[16]

IEEE Network , volume=

ZSM security: Threat surface and best practices , author=. IEEE Network , volume=. 2020 , publisher=

work page 2020
[17]

2010 IEEE Second International Conference on Cloud Computing Technology and Science , pages=

A token-based access control system for RDF data in the clouds , author=. 2010 IEEE Second International Conference on Cloud Computing Technology and Science , pages=. 2010 , organization=

work page 2010
[18]

2016 , publisher=

Artificial intelligence: a modern approach , author=. 2016 , publisher=

work page 2016
[19]

IFIP Annual Conference on Data and Applications Security and Privacy , pages=

Relog: a unified framework for relationship-based access control over graph databases , author=. IFIP Annual Conference on Data and Applications Security and Privacy , pages=. 2022 , organization=

work page 2022
[20]

Intent-based cognitive closed-loop management with built-in conflict handling , year=

Baktir, Ahmet Cihat and Junior, Amadeu Do Nascimento and Zahemszky, András and Likhyani, Ankita and Temesgene, Dagnachew Azene and Roeland, Dinand and Biyar, Elham Dehghan and Ustok, Refik Fatih and Orlić, Marin and D’Angelo, Mirko , booktitle=. Intent-based cognitive closed-loop management with built-in conflict handling , year=

work page
[21]

O-RAN Architecture Description 13.0

O-RAN. O-RAN Architecture Description 13.0

work page
[22]

Zero Trust Architecture,

NIST, "Zero Trust Architecture," Special Publication 800-207, 2020

work page 2020

[1] [1]

2024 IEEE International Conference on Cyber Security and Resilience (CSR) , pages=

Secure AI/ML-Based Control in Intent-Based Management System , author=. 2024 IEEE International Conference on Cyber Security and Resilience (CSR) , pages=. 2024 , organization=

work page 2024

[2] [2]

2024 27th Conference on Innovation in Clouds, Internet and Networks (ICIN) , pages=

Revealing the threat landscape of intent-based management in O-RAN , author=. 2024 27th Conference on Innovation in Clouds, Internet and Networks (ICIN) , pages=. 2024 , organization=

work page 2024

[3] [3]

OWASP Authorization Principles

OWASP. OWASP Authorization Principles

work page

[4] [4]

NIST Special Publication 800-53A Revision 5

NIST. NIST Special Publication 800-53A Revision 5

work page

[5] [5]

NIST special publication , volume=

Zero trust architecture , author=. NIST special publication , volume=

work page

[6] [6]

GS ZSM 002 Zero-touch network and Service Management ( ZSM ); Reference architecture v1.1.1

ETSI. GS ZSM 002 Zero-touch network and Service Management ( ZSM ); Reference architecture v1.1.1

work page

[7] [7]

3GPP 33.894 Study on applicability of the zero trust security principles in mobile networks, Release 18

3GPP. 3GPP 33.894 Study on applicability of the zero trust security principles in mobile networks, Release 18

work page

[8] [8]

Ericsson Technology Review , volume=

5G zero trust--a zero-trust architecture for telecom , author=. Ericsson Technology Review , volume=. 2021 , publisher=

work page 2021

[9] [9]

Proceedings of the IJCAI-07 workshop on semantic web for collaborative knowledge acquisition , year=

Policy-based access control for an RDF store , author=. Proceedings of the IJCAI-07 workshop on semantic web for collaborative knowledge acquisition , year=

work page

[10] [10]

2008 Fourth International Conference on Semantics, Knowledge and Grid , pages=

Relbac: Relation based access control , author=. 2008 Fourth International Conference on Semantics, Knowledge and Grid , pages=. 2008 , organization=

work page 2008

[11] [11]

SN Computer Science , volume=

Extended authorization policy for graph-structured data , author=. SN Computer Science , volume=. 2021 , publisher=

work page 2021

[12] [12]

Proceedings of 11th Annual Computer Security Application Conference , pages=

A new model for role-based access control , author=. Proceedings of 11th Annual Computer Security Application Conference , pages=

work page

[13] [13]

On the Move to Meaningful Internet Systems

A role and attribute based access control system using semantic web technologies , author=. OTM Confederated International Conferences" On the Move to Meaningful Internet Systems" , pages=. 2007 , organization=

work page 2007

[14] [14]

TR292I Security Ontology v.3.7.0

TMforum. TR292I Security Ontology v.3.7.0

work page

[15] [15]

2025 , url =

W3C , title =. 2025 , url =

work page 2025

[16] [16]

IEEE Network , volume=

ZSM security: Threat surface and best practices , author=. IEEE Network , volume=. 2020 , publisher=

work page 2020

[17] [17]

2010 IEEE Second International Conference on Cloud Computing Technology and Science , pages=

A token-based access control system for RDF data in the clouds , author=. 2010 IEEE Second International Conference on Cloud Computing Technology and Science , pages=. 2010 , organization=

work page 2010

[18] [18]

2016 , publisher=

Artificial intelligence: a modern approach , author=. 2016 , publisher=

work page 2016

[19] [19]

IFIP Annual Conference on Data and Applications Security and Privacy , pages=

Relog: a unified framework for relationship-based access control over graph databases , author=. IFIP Annual Conference on Data and Applications Security and Privacy , pages=. 2022 , organization=

work page 2022

[20] [20]

Intent-based cognitive closed-loop management with built-in conflict handling , year=

Baktir, Ahmet Cihat and Junior, Amadeu Do Nascimento and Zahemszky, András and Likhyani, Ankita and Temesgene, Dagnachew Azene and Roeland, Dinand and Biyar, Elham Dehghan and Ustok, Refik Fatih and Orlić, Marin and D’Angelo, Mirko , booktitle=. Intent-based cognitive closed-loop management with built-in conflict handling , year=

work page

[21] [21]

O-RAN Architecture Description 13.0

O-RAN. O-RAN Architecture Description 13.0

work page

[22] [22]

Zero Trust Architecture,

NIST, "Zero Trust Architecture," Special Publication 800-207, 2020

work page 2020