{"id":"https://openalex.org/W7162664689","doi":"https://doi.org/10.48550/arxiv.2605.28071","title":"AgentGuard: An Attribute-Based Access Control Framework for Tool-Use LLM-Based Agent","display_name":"AgentGuard: An Attribute-Based Access Control Framework for Tool-Use LLM-Based Agent","publication_year":2026,"publication_date":"2026-05-27","ids":{"openalex":"https://openalex.org/W7162664689","doi":"https://doi.org/10.48550/arxiv.2605.28071"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2605.28071","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.28071","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2605.28071","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5121652333","display_name":"Jiaqi Luo","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Luo, Jiaqi","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5124834037","display_name":"Songyang Peng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Peng, Songyang","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5137216204","display_name":"Jiarun Dai","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Dai, Jiarun","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5137293037","display_name":"Zhile Chen","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chen, Zhile","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041392528","display_name":"Zhuoxiang Shen","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shen, Zhuoxiang","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5137232197","display_name":"Geng Hong","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hong, Geng","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5137255223","display_name":"Xudong Pan","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Pan, Xudong","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5137281138","display_name":"Yuan Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhang, Yuan","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5137303256","display_name":"Min Yang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yang, Min","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.848800003528595,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.848800003528595,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.04340000078082085,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.03999999910593033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6055999994277954},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.45570001006126404},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.4284000098705292},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.41839998960494995},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.39649999141693115},{"id":"https://openalex.org/keywords/cover","display_name":"Cover (algebra)","score":0.39410001039505005},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.37040001153945923},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.3605000078678131}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7329999804496765},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6055999994277954},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.492900013923645},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.45570001006126404},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.4284000098705292},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.41839998960494995},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.39649999141693115},{"id":"https://openalex.org/C2780428219","wikidata":"https://www.wikidata.org/wiki/Q16952335","display_name":"Cover (algebra)","level":2,"score":0.39410001039505005},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.37040001153945923},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.3605000078678131},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3181000053882599},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.31139999628067017},{"id":"https://openalex.org/C105446022","wikidata":"https://www.wikidata.org/wiki/Q445962","display_name":"Legacy system","level":3,"score":0.3010999858379364},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.29660001397132874},{"id":"https://openalex.org/C1304207","wikidata":"https://www.wikidata.org/wiki/Q7189582","display_name":"Physical access","level":3,"score":0.290800005197525},{"id":"https://openalex.org/C41550386","wikidata":"https://www.wikidata.org/wiki/Q529909","display_name":"Multi-agent system","level":2,"score":0.2831999957561493},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2782999873161316},{"id":"https://openalex.org/C2779304628","wikidata":"https://www.wikidata.org/wiki/Q3503480","display_name":"Face (sociological concept)","level":2,"score":0.2759000062942505},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.26989999413490295},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.2655999958515167},{"id":"https://openalex.org/C89505385","wikidata":"https://www.wikidata.org/wiki/Q47146","display_name":"User interface","level":2,"score":0.260699987411499},{"id":"https://openalex.org/C5894958","wikidata":"https://www.wikidata.org/wiki/Q2297769","display_name":"Software agent","level":2,"score":0.2590999901294708},{"id":"https://openalex.org/C99613125","wikidata":"https://www.wikidata.org/wiki/Q165194","display_name":"Application programming interface","level":2,"score":0.2500999867916107}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2605.28071","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.28071","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"Preprint"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2605.28071","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.28071","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.732345700263977}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"LLM-based":[0,58],"agents":[1,27,74],"have":[2,23],"recently":[3],"attracted":[4],"significant":[5],"attention":[6],"due":[7],"to":[8,11,16,35,109],"their":[9],"ability":[10],"autonomously":[12],"invoke":[13],"relevant":[14],"tools":[15],"accomplish":[17],"complex":[18],"tasks.":[19],"However,":[20],"recent":[21],"studies":[22],"shown":[24],"that":[25],"these":[26],"face":[28],"severe":[29],"security":[30,115,129],"risks,":[31],"which":[32],"may":[33],"lead":[34],"privacy":[36],"leakage,":[37],"financial":[38],"loss,":[39],"or":[40],"even":[41],"full":[42],"system":[43],"compromise.":[44],"In":[45,120],"this":[46],"paper,":[47],"we":[48],"present":[49],"AgentGuard,":[50],"an":[51],"attribute-based":[52],"access":[53],"control":[54],"framework":[55],"for":[56,73,128],"tool-use":[57],"agents.":[59],"AgentGuard":[60,69,103,136],"adopts":[61],"a":[62,124],"client-server":[63],"architecture.":[64],"On":[65,99],"the":[66,94,100],"client":[67],"side,":[68,102],"provides":[70,104],"lightweight":[71],"integration":[72],"implemented":[75],"in":[76,117],"different":[77],"programming":[78],"languages":[79],"and":[80,113,132],"architectures.":[81],"It":[82],"requires":[83],"only":[84],"minor":[85],"code":[86],"modifications":[87],"(e.g.,":[88],"around":[89],"10":[90],"lines)":[91],"without":[92],"changing":[93],"underlying":[95],"agent":[96,118],"execution":[97],"logic.":[98],"server":[101],"three":[105],"complementary":[106],"inspection":[107],"mechanisms":[108],"cover":[110],"both":[111],"single-tool":[112],"cross-tool":[114],"risks":[116],"execution.":[119],"addition,":[121],"it":[122],"offers":[123],"visualized":[125],"front-end":[126],"interface":[127],"policy":[130],"specification":[131],"runtime":[133],"auditing.":[134],"Currently,":[135],"is":[137],"publicly":[138],"accessible":[139],"at":[140],"https://github.com/WhitzardAgent/AgentGuard.":[141]},"counts_by_year":[],"updated_date":"2026-07-01T06:00:48.157686","created_date":"2026-05-29T00:00:00"}
