ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2605.10012v1· 20 results

cs.CRRecentApr 12, 2026

MuSimA: A Tool with Multi-modal Input for Generating Bespoke ABAC Datasets

Saket Jha, Karthikeya S. M. Yelisetty, Singabattu Sathya, Shamik Sural

The paper introduces MuSimA, a web-based tool that addresses the lack of large-scale synthetic dataset generation for Attribute-based Access Control (ABAC) systems.

View →
cs.CRRecentApr 14, 2026

EXTree: Towards Supporting Explainability in Attribute-based Access Control

Shanampudi Pranaya Chowdary, Shamik Sural

This paper introduces EXTree, a novel structure for Attribute-based Access Control (ABAC) policies that optimizes for both fast evaluation and human-understandable explanations when access is denied.

View →
cs.CRcs.AIRecentMay 18, 2026

Prompts Don't Protect: Architectural Enforcement via MCP Proxy for LLM Tool Access Control

Rohith Uppala

The paper proposes an architectural proxy (MCP) to enforce robust, reliable tool access control for LLM agents, demonstrating that this structural enforcement is necessary because prompt-based restric…

View →
cs.CRRecentMay 23, 2026

Reframing LLM Agent Security as an Agent-Human Interaction Problem

Peiran Wang, Ying Li, Yuan Tian

The paper argues that LLM agent security is fundamentally an agent-human interaction (AHI) problem, demonstrating that industry practices rely on human-centric mechanisms while academic research focus…

View →
cs.CRRecentMay 25, 2026

AgentSecBench: Measuring Prompt Injection, Privacy Leakage, and Tool-Use Integrity in LLM Agents

Faruk Alpay, Taylan Alpay

The paper introduces AgentSecBench, a security evaluation framework that measures prompt injection, privacy leakage, and tool-use integrity in LLM agents by defining formal security games and testing…

View →
cs.CRRecentMay 10, 2026

Permit: Permission-Aware Representation Intervention for Controlled Generation in Large Language Models

Pengcheng Sun, Lan Zhang, Zhaopeng Zhang, Jiewei Lai +1 more

Permit is a novel framework that enforces fine-grained, permission-aware control over the hidden states of LLMs, preventing information leakage even when sensitive data is present in the context.

View →
cs.AIcs.CRcs.NIRecentMar 18, 2026

Access Controlled Website Interaction for Agentic AI with Delegated Critical Tasks

Sunyoung Kim, Hokeun Kim

The paper proposes a novel design for website interaction that provides fine-grained access control, enabling agentic AI to safely perform delegated critical tasks on a user's behalf.

View →
cs.AIcs.CRRecentJun 2, 2026

Overlaying Governance: A Compositional Authorization Framework for Delegation and Scope in Agentic AI

Amjad Ibrahim, Yong Li

The paper proposes a compositional governance framework to provide richer, dynamic authorization semantics necessary for governing autonomous agentic AI systems, moving beyond traditional static IAM m…

View →
cs.CRcs.AIRecentMar 31, 2026

Architecting Secure AI Agents: Perspectives on System-Level Defenses Against Indirect Prompt Injection Attacks

Chong Xiang, Drew Zagieboylo, Shaona Ghosh, Sanjay Kariyappa +4 more

The paper proposes a vision for system-level defenses against indirect prompt injection attacks targeting AI agents, emphasizing structured control and human oversight.

View →
cs.CRcs.AIRecentMay 14, 2026

Do Coding Agents Understand Least-Privilege Authorization?

Zheng Yan, Jingxiang Weng, Charles Chen, Dengyun Peng +8 more

The paper introduces a new benchmark and decomposition method, Sufficiency-Tightness Decomposition, demonstrating that current coding agents struggle to accurately infer least-privilege authorization,…

View →
cs.CRcs.AIRecentApr 3, 2026

Towards Secure Agent Skills: Architecture, Threat Taxonomy, and Security Analysis

Zhiyuan Li, Jingzheng Wu, Xiang Ling, Xing Cui +1 more

This paper provides the first comprehensive security analysis of the Agent Skills framework, identifying severe structural vulnerabilities that require fundamental architectural changes rather than si…

View →
cs.CRcs.AIRecentApr 6, 2026

Strengthening Human-Centric Chain-of-Thought Reasoning Integrity in LLMs via a Structured Prompt Framework

Jiling Zhou, Aisvarya Adeseye, Seppo Virtanen, Antti Hakkala +1 more

The paper proposes a structured prompt engineering framework to enhance the integrity and reliability of Chain-of-Thought (CoT) reasoning in LLMs, demonstrating significant improvements in security-se…

View →
cs.CRcs.SERecentMay 11, 2026

Usability as a Weapon: Attacking the Safety of LLM-Based Code Generation via Usability Requirements

Yue Li, Xiao Li, Hao Wu, Yue Zhang +4 more

This paper introduces UPAttack, a novel threat model demonstrating that focusing on explicit usability requirements can cause LLMs to generate insecure code by neglecting implicit security constraints…

View →
cs.CRcs.SERecentMay 4, 2026

A Validated Prompt Bank for Malicious Code Generation: Separating Executable Weapons from Security Knowledge in 1,554 Consensus-Labeled Prompts

Richard J. Young, Gregory D. Moody

The paper introduces a validated, consensus-labeled prompt bank that separates requests for executable malicious code (weapons) from requests for general harmful security knowledge, providing a more g…

View →
cs.CRRecentMay 27, 2026

AgentGuard: An Attribute-Based Access Control Framework for Tool-Use LLM-Based Agent

Jiaqi Luo, Songyang Peng, Jiarun Dai, Zhile Chen +5 more

AgentGuard is an attribute-based access control framework designed to mitigate severe security risks, such as privacy leakage and system compromise, in tool-using LLM-based agents.

View →
cs.HCcs.AIcs.CRRecentApr 19, 2026

What Security and Privacy Transparency Users Need from Consumer-Facing Generative AI

Jiaxun Cao, Yu Dong, Chunxi Zhan, Rithvik Neti +2 more

The paper investigates how users perceive and utilize security and privacy transparency in consumer-facing generative AI, finding that users rely on proxies like popularity and require actionable, tru…

View →
cs.CRcs.AIcs.SERecentMay 12, 2026

Options, Not Clicks: Lattice Refinement for Consent-Driven MCP Authorization

Ying Li, Yanju Chen, Peiran Wang, Issac Khabra +3 more

The paper introduces Conleash, a client-side middleware that uses a risk lattice to enforce granular, boundary-scoped authorization for tool invocations, significantly improving user consent and secur…

View →
cs.CRcs.AIRecentMar 21, 2026

Before the Tool Call: Deterministic Pre-Action Authorization for Autonomous AI Agents

Uchi Uchibeke

The paper introduces the Open Agent Passport (OAP), a deterministic pre-action authorization framework that intercepts and validates AI agent tool calls against a declarative policy, achieving a 0% su…

View →
cs.CRRecentMay 9, 2026

When LLMs Team Up: A Coordinated Attack Framework for Automated Cyber Intrusions

Minfeng Qi, Tianqing Zhu, Zijie Xu, Congcong Zhu +2 more

The paper introduces CAESAR, a novel multi-agent framework that coordinates LLM agents across five specialized roles to improve success rates and stability in complex, multi-stage cyber intrusion task…

View →
cs.CRcs.AIcs.PLRecentMar 21, 2026

AC4A: Access Control for Agents

Reshabh K Sharma, Dan Grossman

The paper introduces AC4A, an access control framework that allows users to precisely limit the capabilities of LLM agents, ensuring they only access the specific APIs or parts of web pages necessary…

View →