HUMΛN

Access Control

HUMΛN uses capability-based access control (CBAC): permissions are granted based on verified skills, not just identity. This ensures agents can only perform tasks they're qualified for.

Capability-Based Access Control

Traditional Identity-Based vs. HUMΛN Capability-Based

❌ Identity-Based (Traditional)

  • • Access granted based on who you are
  • • Static roles (admin, user, guest)
  • • No verification of competence
  • • All-or-nothing permissions

✅ Capability-Based (HUMΛN)

  • • Access granted based on verified skills
  • • Dynamic capability verification
  • • Competence must be proven
  • • Granular, task-specific permissions
python
# Grant capability with evidence of competence
capability = client.capability.grant(
    passport_id="passport_agent",
    capability_id="invoice_processing",
    level="expert",
    granted_by="passport_supervisor",
    evidence={
        "certification": "Invoice Processing Specialist",
        "test_score": 95,
        "supervised_tasks": 100
    }
)


# System verifies capability before allowing action
verification = client.capability.verify(
    passport_id="passport_agent",
    capability_id="invoice_processing"
)


if verification.verified:
    # Agent can proceed
    process_invoices()
else:
    # Access denied
    print(f"Denied: {verification.reason}")

Capability Levels

Capabilities are granted at different proficiency levels, allowing fine-grained access control:

BEGINNER

Basic Proficiency

Can perform simple, supervised tasks. Suitable for low-risk operations with clear guidelines.

Example: Data entry, document filing, basic queries

INTERMEDIATE

Competent & Independent

Can work independently on standard operations. Handles common edge cases appropriately.

Example: Invoice processing, customer support, report generation

EXPERT

Advanced Specialist

Handles complex, ambiguous situations. Can train others and establish best practices.

Example: Financial analysis, contract review, system architecture

MASTER

Industry-Leading Expertise

Top-tier proficiency. Trusted with critical systems and high-stakes decisions.

Example: M&A analysis, regulatory compliance, security audits

Principle of Least Privilege

Minimum Necessary Access

Agents receive only the capabilities necessary to perform their assigned tasks. Capabilities can be granted temporarily for specific workflows and automatically revoked when complete.

python
# Temporary capability for specific workflow
with client.capability.temporary(
    passport_id="passport_agent",
    capability_id="financial_data_access",
    level="intermediate",
    duration=timedelta(hours=2)
) as temp_capability:
    # Agent has access only within this block
    workflow = client.humanos.orchestrate(
        task="Generate Q4 financial report",
        required_capabilities=["financial_data_access"]
    )
    
    result = wait_for_completion(workflow.workflow_id)
    
# Capability automatically revoked
print("Access revoked")

Delegation Constraints

Delegations can include fine-grained constraints to limit what agents can do:

Constraint TypePurposeExample
time_boundsLimit validity periodexpires_at: "2024-12-31"
usage_limitsCap number of usesmax_uses: 100
financial_limitsControl spendingmax_amount: 5000
operation_scopeRestrict actionsallowed_operations: ["read"]
network_scopeIP restrictionsip_whitelist: ["10.0.0.0/8"]
python
# Highly constrained delegation
delegation = client.delegation.create(
    delegator="passport_human",
    delegatee="passport_agent",
    scope=["expense_approval"],
    constraints={
        "expires_at": "2024-06-30T23:59:59Z",
        "max_uses": 50,
        "max_amount": 1000,  # Per transaction
        "allowed_operations": ["read", "approve"],
        "time_restrictions": {
            "timezone": "America/New_York",
            "allowed_hours": [9, 10, 11, 12, 13, 14, 15, 16, 17],
            "allowed_days": [1, 2, 3, 4, 5]  # Weekdays only
        }
    }
)

Instant Revocation

Real-Time Effect

Capability and delegation revocations take effect immediately. In-flight requests fail, and the agent cannot initiate new actions.

python
# Revoke capability
client.capability.revoke(
    passport_id="passport_agent",
    capability_id="invoice_processing",
    reason="Performance issues detected"
)


# Revoke delegation
client.delegation.revoke(
    delegation_id="delegation_abc",
    reason="Project complete"
)


# Agent's next action fails immediately
try:
    agent_client.humanos.orchestrate(...)
except HumanError as e:
    print(e.code)  # 'capability_revoked'

Related

Capability SDK

Implement capability-based access

Delegation SDK

Manage delegation tokens