Operationalizing Reconstructive Authority: Runtime Construction, Dependency Resolution, and Execution Gating in Autonomous Agent Systems
Pith reviewed 2026-07-04 17:12 UTC · model glm-5.2
The pith
Three-State Execution Gate Stops Agents Acting on Stale Authority
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
The central mechanism is a runtime enforcement loop with three structural pieces. First, a dynamic dependency resolver determines which state variables are needed to authorize a given action at the current moment — these dependencies are not statically fixed but discovered from live state. Second, an authority construction function evaluates whether all required variables are observable, reliable, and consistent; if any condition fails, authority is undefined (⊥) and the system enters halt rather than guessing. Third, a Recovery Loop identifies the missing variables, acquires additional observations (or reverts to a prior consistent state), and reattempts construction. The safety theorem (4)
What carries the argument
Ternary execution gate (execute/deny/halt); authority construction function F(O(t)); dynamic dependency resolution D(t) = Resolve(O(t)); Recovery Loop with signal extraction and state augmentation; enforcement loop integrating RAM, IML drift detection, and ACP execution control
If this is right
- If the model is correct, any autonomous agent that does not recompute authority at execution time will eventually act under stale conditions — making runtime reconstruction a structural necessity rather than an optimization.
- The halt state gives a principled alternative to risk-threshold gating: instead of executing under 'acceptable' uncertainty, the system refuses until uncertainty is resolved, which changes how safety-critical agent deployments would handle partial observability.
- Policy engines like XACML and OPA could adopt the halt distinction to separate 'authority is false' from 'authority cannot be evaluated,' improving auditability and reducing silent failures from missing data.
- The Recovery Loop's conditional liveness guarantee means that in persistently unobservable environments, agents would halt indefinitely — shifting the failure mode from incorrect action to inaction, which may or may not be acceptable depending on the domain.
Where Pith is reading between the lines
- The safety guarantee is only as strong as the specification of dependency sets D(a) and the construction function F; if these are incomplete, the system can execute with 'constructible' authority that is actually insufficient — the guarantee holds vacuously over whatever was specified, not over what should have been specified.
- A natural empirical test would compare halt frequency and recovery latency against traditional risk-threshold systems in a simulated financial-transfer or autonomous-vehicle scenario with controlled drift rates, measuring whether the safety gain justifies the availability cost.
- The model could be extended with probabilistic authority bounds — allowing graduated halt/retry policies rather than binary observability thresholds — though this would weaken the deterministic safety property the author relies on.
- In adversarial settings, an attacker who can manipulate which variables are observable could force indefinite halting, suggesting the model needs a companion analysis of denial-of-service resistance.
Load-bearing premise
The model assumes that the authority construction function F and the dependency sets D(a) can be completely and correctly specified for every action class. If F is missing a relevant variable or D(a) is incomplete, the system can execute with 'constructible' authority that is actually insufficient — the safety guarantee only checks what was specified, not what should have been specified.
What would settle it
Deploy the enforcement loop in an environment where the dependency specification D(a) is deliberately incomplete — missing one authority-relevant variable — and show that the system executes actions under conditions a complete specification would have halted, demonstrating that the safety guarantee is vacuous with respect to specification gaps.
Figures
read the original abstract
Autonomous agent systems fail not only due to incorrect decisions, but due to executing decisions whose authority no longer holds at runtime. Prior work defined Reconstructive Authority (RAM) as a condition for valid execution: actions are permitted only if authority can be constructed from current state. This paper addresses enforcement at runtime: how to enforce this condition in a running system. We introduce a runtime execution model in which authority is evaluated at action time and execution is conditioned on its constructibility. This extends the execution state space beyond admit/deny with a third state, halt, representing cases where authority is undefined due to incomplete or uncertain observability. We define a concrete execution protocol including dynamic dependency resolution, authority reconstruction, and explicit decision semantics. We further introduce a Recovery Loop that integrates drift detection (IML) with execution control (ACP), allowing the system to suspend execution, acquire missing information, and re-attempt authority reconstruction. We show that this model guarantees safety -- no action is executed without constructible authority -- and conditional liveness: execution resumes when authority-defining variables become observable. This work operationalizes reconstructive authority as a runtime enforcement mechanism, providing the execution semantics required to apply RAM in real systems.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. This paper (Paper 6 in a 6-part series) operationalizes the Reconstructive Authority Model (RAM, Paper 5) by defining a runtime enforcement protocol for autonomous agent systems. The core contribution is a ternary execution gate—execute, deny, halt—where 'halt' represents non-evaluable authority due to incomplete observability, and a Recovery Loop that attempts to restore constructibility after a halt. The enforcement loop integrates RAM with two prior components from the series: IML (drift detection) and ACP (execution pipeline). The paper presents four theorems claiming safety (no execution without constructible authority) and conditional liveness (execution resumes when observability is restored).
Significance. The paper addresses a genuine problem: the gap between decision-time authorization and execution-time validity in dynamic environments. The ternary execute/deny/halt distinction is a reasonable design contribution—elevating epistemic incompleteness to a first-class execution state rather than collapsing it into deny is a meaningful architectural choice. The comparative analysis against XACML and OPA (§10.4) correctly identifies that these systems lack a non-evaluable state. The enforcement loop (§4.7, Listing 2) is well-specified as pseudocode with clear control-flow semantics. The auditability requirements (§7) are thorough. However, the formal contributions are limited: the theorems hold by construction of the enforcement loop rather than by any non-trivial property of the authority model, and the entire theoretical foundation is self-referential (all six papers are by the same author, with no external validation of the framework's axioms).
major comments (4)
- §4.7, Listing 2 and Theorem 4: The safety guarantee is tautological. The proof sketch explicitly states 'Safety is guaranteed by construction' and confirms that 'no execution path' reaches execution without passing the constructibility check. This is correct but trivially true—it is a property of the loop's control flow, not of the authority model's content. The paper does not distinguish between 'safety given correct specification of F and D(a)' (trivially true) and 'safety under specification uncertainty' (the practically important case). §11.4 acknowledges that 'incomplete or incorrect specifications will produce incorrect constructibility evaluations,' which means the safety guarantee is vacuous in the most common real-world failure mode: if D(a) omits a relevant variable, the system executes with 'constructible' authority that is actually insufficient. The paper should explicitly sc
- §9.2, Theorem 2: The conditional liveness proof contains a logical gap. The proof assumes all variables in U(t) become observable and concludes F(S_r(t'')) = True, but observability of all dependencies only establishes Constructible(a, O(t'')) (Definition 1), not A(t'') = True. Authority could still evaluate to False (deny) after recovery. The theorem's formal statement correctly allows the outcome to be in {execute, deny}, but the proof's final line states 'F(S_r(t'')) = True ⇒ A(t'') ≠ ⊥' which conflates constructibility with validity. The proof should be corrected to match the theorem's formal statement.
- §2, Definition 1 and §4.3: The dependency resolution algorithm (§4.3, step 3) states that required dependencies are 'discovered by F' at runtime, but the constructibility definition (Definition 1) refers to D(a) as if it is a fixed set associated with action a. The relationship between the statically-associated D(a) in Definition 1 and the dynamically-resolved D(t) = Resolve(O(t)) in §4.3 is unclear. If D(t) is truly dynamic, then the constructibility check is circular: F determines which variables it needs, then checks whether those variables are observable, but F could trivially 'discover' only observable variables. The paper needs to clarify what constrains F's dependency discovery to prevent it from selectively resolving only convenient variables.
- §10.4: The comparative analysis against XACML and OPA claims these systems 'do not explicitly model non-evaluable states' and that OPA 'returns undefined or defaults to deny.' This is partially inaccurate: OPA/Rego returns undefined for missing required inputs, and the handling of undefined is a configuration decision, not a structural limitation. XACML explicitly defines an 'Indeterminate' decision that corresponds closely to the paper's 'halt' state. The paper should acknowledge that XACML's Indeterminate outcome already captures the epistemic incompleteness the authors claim is novel, and clarify what the halt state adds beyond renaming.
minor comments (7)
- §2: The authority definition A(t) = F(S_r(t)) uses S_r(t) (real state), but the system operates on O(t) (observable state). §3.2 then writes A(t) = F(O(t)). These are different functions applied to different inputs; the notation should be consistent or the relationship clarified.
- §4.6: The worked example uses decision code ADMIT_AUTHORITY_CONSTRUCTIBLE, but Table 1 lists seven codes. The example only illustrates three of seven codes; showing examples of HALT_REATTESTATION_REQUIRED and NARROW_PRIVILEGE_REEVALUATE would clarify the less obvious decision paths.
- §4.4, Listing 1: The code uses 'reliable' as a check distinct from 'observable,' but the formal model (Definition 1) does not define reliability as a separate constructibility condition. Either add reliability to Definition 1 or explain how it maps to the uncertainty threshold θ_auth.
- §5, drift timeline figure: The ASCII timeline is difficult to parse. A proper figure with labeled axes would improve clarity.
- §6, Table 1: The code CONTINUE_BOUNDED_NON_AUTHORITY_DRIFT allows execution when drift affects non-authority-defining variables, but the paper does not define how the system determines that a drifted variable is non-authority-defining. This decision path needs clarification.
- References: The series papers [2, 3, 4, 5, 6] are all by the same author. The paper would benefit from engaging with external work on runtime verification, access control with incomplete information, or obligation monitoring in policy systems to contextualize the contribution.
- §4.5: The Non-Persistence Property states A(t) ≠ A(t+Δ) 'unless explicitly recomputed,' but this is not a formal property—it is an implementation directive. Consider reframing as an invariant or removing the 'Property' framing.
Simulated Author's Rebuttal
We thank the referee for a careful and substantive review. The referee raises four major comments concerning: (1) the tautological nature of the safety guarantee under specification uncertainty, (2) a logical gap in the conditional liveness proof, (3) ambiguity between static and dynamic dependency sets and potential circularity in F's dependency discovery, and (4) inaccuracies in the comparative analysis against XACML and OPA. We agree with points 2 and 4 and will revise accordingly. On points 1 and 3, we partially agree and will clarify the manuscript's scope and add explicit discussion of the identified gaps, while defending the core contributions where the referee's critique overreaches.
read point-by-point responses
-
Referee: §4.7, Listing 2 and Theorem 4: The safety guarantee is tautological. The proof sketch explicitly states 'Safety is guaranteed by construction' and confirms that 'no execution path' reaches execution without passing the constructibility check. This is correct but trivially true—it is a property of the loop's control flow, not of the authority model's content. The paper does not distinguish between 'safety given correct specification of F and D(a)' (trivially true) and 'safety under specification uncertainty' (the practically important case). §11.4 acknowledges that 'incomplete or incorrect specifications will produce incorrect constructibility evaluations,' which means the safety guarantee is vacuous in the most common real-world failure mode: if D(a) omits a relevant variable, the system executes with 'constructible' authority that is actually insufficient.
Authors: The referee is correct that Theorem 4's safety guarantee holds by construction of the enforcement loop, and we agree this should be stated more transparently. We will revise the proof sketch to explicitly acknowledge that the theorem establishes safety relative to the specification of F and D(a)—i.e., conditional on correct specification—rather than absolute safety. This is a legitimate and important distinction the paper should make more clearly. However, we respectfully disagree that this renders the guarantee 'vacuous.' The contribution is not the theorem itself but the enforcement architecture that makes such a guarantee enforceable at all. The gap between decision-time authorization and execution-time validity is a real architectural problem (the referee's own summary acknowledges this). The enforcement loop closes that gap by ensuring that whatever the specification says must hold is actually checked at execution time. This is analogous to type safety: a type system guarantees no type errors relative to the type annotations, not relative to the programmer's intent. The guarantee is real and useful even though it is conditional on correct specification. That said, we agree the paper should explicitly discuss specification uncertainty as a limitation of the guarantee's scope. We will add a subsection in §11.4 that distinguishes between (a) safety under correct specification (what Theorem 4 proves), (b) the residual risk under specification error (what §11.4 currently acknowledges but does not develop), and (c) the relationship between specification completeness and the safety guarantee. We will also temper the abstract's claim of 'safety' to 'safety relative to specification correctness.' revision: partial
-
Referee: §9.2, Theorem 2: The conditional liveness proof contains a logical gap. The proof assumes all variables in U(t) become observable and concludes F(S_r(t'')) = True, but observability of all dependencies only establishes Constructible(a, O(t'')) (Definition 1), not A(t'') = True. Authority could still evaluate to False (deny) after recovery. The theorem's formal statement correctly allows the outcome to be in {execute, deny}, but the proof's final line states 'F(S_r(t'')) = True ⇒ A(t'') ≠ ⊥' which conflates constructibility with validity. The proof should be corrected to match the theorem's formal statement.
Authors: The referee is correct. The proof's final line conflates constructibility with validity. The theorem's formal statement correctly allows the outcome to be in {execute, deny}, but the proof's conclusion 'F(S_r(t'')) = True ⇒ A(t'') ≠ ⊥' incorrectly implies that authority evaluates to True. The correct conclusion should be: once all variables in U(t) become observable, Constructible(a, O(t'')) holds, and therefore A(t'') ≠ ⊥ (authority is evaluable), but A(t'') could be either True (execute) or False (deny). We will correct the proof's final line to: 'Then Constructible(a, O(t'')) holds, so A(t'') ≠ ⊥, and ExecState(a, O(t'')) ∈ {execute, deny}.' This matches the theorem's formal statement. We thank the referee for catching this error. revision: yes
-
Referee: §2, Definition 1 and §4.3: The dependency resolution algorithm (§4.3, step 3) states that required dependencies are 'discovered by F' at runtime, but the constructibility definition (Definition 1) refers to D(a) as if it is a fixed set associated with action a. The relationship between the statically-associated D(a) in Definition 1 and the dynamically-resolved D(t) = Resolve(O(t)) in §4.3 is unclear. If D(t) is truly dynamic, then the constructibility check is circular: F determines which variables it needs, then checks whether those variables are observable, but F could trivially 'discover' only observable variables. The paper needs to clarify what constrains F's dependency discovery to prevent it from selectively resolving only convenient variables.
Authors: The referee identifies a genuine notational inconsistency and raises a legitimate concern about potential circularity. We will address both. First, the notation: Definition 1 uses D(a) suggesting a fixed set associated with action a, while §4.3 uses D(t) = Resolve(O(t)) suggesting dynamic resolution. The intended semantics is that D(a) represents the complete set of variables that could be relevant to action a (a static, action-class-level specification), while D(t) ⊆ D(a) represents the subset that F determines is actually required given the current state. We will revise Definition 1 to use D(a) as the universe of potentially relevant variables and clarify that the constructibility check applies to the runtime-resolved subset D(t) ⊆ D(a). Second, the circularity concern: the referee is right that if F could freely choose which variables to discover, it could trivially select only observable ones. The constraint is that F's dependency discovery must be sound with respect to D(a): F may select a subset of D(a) that is relevant to the current state, but it may not omit variables from D(a) that are relevant. In other words, F determines relevance within D(a), not membership of D(a) itself. We will add an explicit soundness condition: if a variable v ∈ D(a) is relevant to the authority evaluation under the current state, then F must include v in D(t). This prevents selective resolution. We acknowledge that verifying this soundness condition is itself a specification burden (related to §11.4), and we will note this explicitly. revision: partial
-
Referee: §10.4: The comparative analysis against XACML and OPA claims these systems 'do not explicitly model non-evaluable states' and that OPA 'returns undefined or defaults to deny.' This is partially inaccurate: OPA/Rego returns undefined for missing required inputs, and the handling of undefined is a configuration decision, not a structural limitation. XACML explicitly defines an 'Indeterminate' decision that corresponds closely to the paper's 'halt' state. The paper should acknowledge that XACML's Indeterminate outcome already captures the epistemic incompleteness the authors claim is novel, and clarify what the halt state adds beyond renaming.
Authors: The referee is correct on both points. XACML does define an 'Indeterminate' decision that captures cases where the policy cannot be evaluated due to missing or erroneous attributes, and this is structurally analogous to our 'halt' state. Our claim that XACML 'does not explicitly model non-evaluable states' is inaccurate and we will correct it. Similarly, OPA's handling of undefined results is indeed a configuration decision (default deny, default allow, or explicit error), not a structural absence of the concept. We will revise §10.4 to acknowledge that XACML's Indeterminate outcome already captures epistemic incompleteness at the decision level. What our model adds beyond this is not the concept of non-evaluability itself, but (1) the integration of non-evaluability into a runtime enforcement loop with a Recovery Loop that actively attempts to restore constructibility, (2) the coupling of non-evaluability with drift detection (IML) and execution control (ACP) in a closed-loop architecture, and (3) the non-persistence property requiring recomputation at every action rather than per-request evaluation. We will reframe the contribution as operationalizing non-evaluability within a runtime enforcement and recovery architecture, rather than claiming novelty for the concept itself. We will also remove or soften the claim that these systems lack a non-evaluable state. revision: yes
Circularity Check
Theorem 4 (the central safety guarantee) is self-definitional: it restates the enforcement loop's control-flow definition as a theorem. Theorem 3 is similarly by-construction. The self-citation chain across all six papers is heavy but partially mitigated by the paper's own limitations section.
specific steps
-
self definitional
[Theorem 4 and Proof Sketch (after §10.5), referencing §4.7 Listing 2]
"Theorem 4 (Execution Safety under Constructible Authority). Under the runtime enforcement loop (Section 4.7), no action is executed unless its authority is constructible and valid at execution time. Formally: ∀a, O(t) : Execute(a, O(t)) ⇒ (Constructible(a, O(t)) ∧ A(t) = True) ... Conclusion. There exists no path in the enforcement loop that leads to execution without satisfying both Constructible(a, O(t)) and A(t) = True. Safety is guaranteed by construction."
The enforcement loop (Listing 2, §4.7) is defined so that `state = EXECUTE` is only set after: (1) the constructibility check (Definition 1) passes, and (2) `is_valid(a, D, S_t)` returns True. Theorem 4 then 'proves' that Execute(a, O(t)) ⇒ (Constructible(a, O(t)) ∧ A(t) = True), which is exactly the loop's entry condition for the execute state. The theorem is a restatement of the control-flow definition, not a derived property. The paper itself says 'Safety is guaranteed by construction' — acknowledging that the guarantee is the definition, not a consequence of any property of F, D(a), or the authority model. The theorem adds no information beyond what Listing 2 already specifies.
-
self definitional
[Theorem 3 and Proof (after §10.5), referencing §4.3]
"Theorem 3 (Authority Validity). Any system that permits execution under incomplete authority-defining state cannot guarantee that no action proceeds without constructible authority. ... Proof. Let a system S permit execution when D(t) ⊄ O(t) for some required set D(t). Then there exists an execution at time t where A(t) = ⊥ (by Definition 2) yet S proceeds. This violates the execution safety invariant (Proposition 3). RAM satisfies it by construction through the dependency resolution algorithm (Section 4.3)."
Theorem 3 states that systems allowing execution under incomplete dependencies violate safety, and then 'proves' that RAM satisfies safety 'by construction through the dependency resolution algorithm.' The dependency resolution algorithm (§4.3, step 6) is defined to set A(t) = ⊥ (halt) when any authority-defining variable is unresolved. The theorem is thus: 'the algorithm checks dependencies, therefore the algorithm checks dependencies.' Proposition 3 (Execution Safety Invariant) is similarly defined: 'If A(t) ≠ True, no action proceeds. This is enforced structurally by the execution gate, not by policy configuration.' These are control-flow definitions presented as theorems.
-
self citation load bearing
[§1 (Introduction), §4.7 (Runtime Enforcement Loop), §8 (Integration with the Governance Stack), References [2-6]]
"Reconstructive Authority (RAM), introduced in Paper 5 [6], addresses this by redefining execution as a constructibility problem... To address this, we integrate RAM within the Agent Control Protocol (ACP) [3] as the authorization criterion at the execution gate (stage 3 of the 6-stage ACP flow), and connect it with the Invariant Monitoring Layer (IML) [4] for drift detection."
The entire theoretical and operational foundation — RAM (Paper 5 [6]), ACP (Paper 1 [3]), IML (Paper 2 [4]), atomic execution (Paper 0 [2]), and governance structure (Paper 3/4 [5]) — comes from five prior papers all by the same author (Marcelo Fernandez). The enforcement loop (§4.7) integrates all three layers (RAM, IML, ACP), each from self-cited prior work with no external validation, no machine-checked proofs, and no external benchmarks. The practical safety of any deployment depends on F and D(a) being correctly specified, which comes from Paper 5's model. However, this is partially mitigated: the paper explicitly frames itself as operationalization ('This paper does not extend the theoretical definition'), and §11.4 and §11.6 acknowledge that the guarantee does not cover correctness,
full rationale
The paper's central contribution — the safety guarantee (Theorem 4) — is self-definitional: the enforcement loop is defined so that execution only occurs after constructibility and validity checks, and the theorem restates this as a proven property. The paper itself says 'Safety is guaranteed by construction.' Theorem 3 and Proposition 3 follow the same pattern. This is genuine circularity in the formal sense: the theorems are equivalent to their inputs (the loop/algorithm definitions) by construction. The self-citation chain across all six papers is heavy and load-bearing for the practical safety claim (which depends on F and D(a) from Paper 5), but the paper is explicitly an operationalization paper and acknowledges its specification limitations in §11.4 and §11.6. The paper does have independent content — the halt state as a first-class execution outcome, the recovery loop, and the comparative analysis against XACML/OPA — but the formal 'guarantees' that constitute its strongest claims reduce to restatements of control-flow definitions. Score 6 reflects that the central predictions reduce by construction while the paper retains partial independent content.
Axiom & Free-Parameter Ledger
free parameters (1)
- θ_auth =
0.2 (in worked example)
axioms (5)
- ad hoc to paper Reconstructive Authority Model (RAM) from Paper 5 [6]: authority must be derived from current system state, not inherited from prior validation.
- ad hoc to paper Agent Control Protocol (ACP) 6-stage enforcement flow from Paper 1 [3].
- ad hoc to paper Invariant Monitoring Layer (IML) drift detection from Paper 2 [4].
- ad hoc to paper Atomic decision-action binding from Paper 0 [2].
- domain assumption Eventual Observability: all temporarily unobservable dependencies become observable in finite time.
invented entities (2)
-
HALT execution state (A(t) = ⊥)
no independent evidence
-
Recovery Loop
no independent evidence
Reference graph
Works this paper leans on
-
[1]
Victor Costan and Srinivas Devadas. Intel SGX explained. InIACR Cryptology ePrint Archive, volume 2016, page 086, 2016. 23
work page 2016
-
[2]
Marcelo Fernandez. Atomic decision boundaries: A structural requirement for guarantee- ing execution-time admissibility in autonomous systems.https://doi.org/10.5281/zenodo. 19670649, 2026. Agent Governance Series, Paper 0. arXiv:2604.17511. DOI: 10.5281/zen- odo.19670649
work page internal anchor Pith review Pith/arXiv arXiv doi:10.5281/zenodo 2026
-
[3]
Agent Control Protocol: ACP v1.30—admission control for agent actions,
Marcelo Fernandez. Agent Control Protocol: ACP v1.30—admission control for agent actions,
-
[4]
Agent Control Protocol: Admission Control for Agent Actions
Agent Governance Series, Paper 1. arXiv:2603.18829. DOI: 10.5281/zenodo.19672575
work page internal anchor Pith review Pith/arXiv arXiv doi:10.5281/zenodo.19672575
-
[5]
From Admission to Invariants: Measuring Deviation in Delegated Agent Systems
Marcelo Fernandez. From admission to invariants: Epistemological limits of local observability in agent governance.https://doi.org/10.5281/zenodo.19672589, 2026. Agent Governance Series, Paper 2. arXiv:2604.17517. DOI: 10.5281/zenodo.19672589
work page internal anchor Pith review Pith/arXiv arXiv doi:10.5281/zenodo.19672589 2026
-
[6]
Marcelo Fernandez. Irreducible governance structure for autonomous agent systems: Fair allocation, strategy-proofness, and multi-scale composition.https://doi.org/10.5281/ zenodo.19708496, 2026. Agent Governance Series, Paper 3/4 (consolidated). Zenodo. DOI: 10.5281/zenodo.19708496
-
[7]
Marcelo Fernandez. Reconstructive authority model: Runtime execution validity under partial observability.https://doi.org/10.5281/zenodo.19669430, 2026. Agent Governance Series, Paper 5. DOI: 10.5281/zenodo.19669430
-
[8]
AI control: Improving safety despite intentional subversion.arXiv preprint arXiv:2312.06942, 2024
Ryan Greenblatt et al. AI control: Improving safety despite intentional subversion.arXiv preprint arXiv:2312.06942, 2024
-
[9]
Leslie Lamport. Time, clocks, and the ordering of events in a distributed system.Communi- cations of the ACM, 21(7):558–565, 1978
work page 1978
-
[10]
Jan Leike, Miljan Martic, Victoria Krakovna, Pedro A Ortega, Tom Everitt, Andrew Lefrancq, Laurent Orseau, and Shane Legg. AI safety gridworlds.arXiv preprint arXiv:1711.09883, 2018
work page internal anchor Pith review Pith/arXiv arXiv 2018
-
[11]
eXtensible Access Control Markup Language (XACML) Version 3.0
OASIS. eXtensible Access Control Markup Language (XACML) Version 3.0. Technical re- port, OASIS Standard, 2013. URLhttps://docs.oasis-open.org/xacml/3.0/xacml-3. 0-core-spec-os-en.html
work page 2013
-
[12]
Open Policy Agent (OPA).https://www.openpolicyagent.org,
Open Policy Agent Project. Open Policy Agent (OPA).https://www.openpolicyagent.org,
-
[13]
CNCF Graduated Project
-
[14]
Trusted execution environment: What it is, and what it is not
Mohamed Sabt, Mohammed Achemlal, and Abdelmadjid Bouabdallah. Trusted execution environment: What it is, and what it is not. InIEEE Trustcom/BigDataSE/ISPA, pages 57–64. IEEE, 2015. 24
work page 2015
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.