Technical Specifications | IBA
PATENT-PENDING (UK)
GB2603013.0
TECHNICAL DOCUMENTATION

IBA Architecture

Deep dive into the technical implementation of Intent-Based Access Control

System Architecture

AI Agent Layer
Intent Declaration Layer
IBA Validation Engine (<5ms)
Execution / Kill Switch
Blockchain Audit Trail

Core Components

1. Intent Declaration Module

Captures AI action intent before execution and generates cryptographic hashes for validation. Supports structured intent schemas with type safety and validation.

interface Intent { action: string; // Action identifier parameters: object; // Action parameters scope: string[]; // Authorized scope timestamp: number; // Unix timestamp agentId: string; // AI agent identifier policyVersion: string; // Policy reference } const intentHash = SHA256(canonicalize(intent));

2. Validation Engine

Sub-5ms runtime validation using optimized cryptographic verification and policy matching. Designed for high-throughput AI workloads.

  • Parallel validation pipeline for low latency
  • In-memory policy cache with LRU eviction
  • Hardware-accelerated cryptographic operations
  • Fallback to synchronous validation on cache miss

3. Blockchain Integration

Immutable audit trail using enterprise blockchain (Hyperledger Fabric or Ethereum private chain). Each validation creates a permanent record.

{ “blockNumber”: 847291, “intentHash”: “a7f3c9e2d8b1…”, “validationResult”: “APPROVED”, “timestamp”: “2026-02-12T10:30:15Z”, “latencyMs”: 3.2, “agentId”: “claude-prod-7f3a”, “policyId”: “enterprise-v2.1” }

4. Kill Switch Mechanism

Automatic action termination on validation failure. Operates at machine speed without human intervention.

  • Pre-execution hooks intercept all AI actions
  • Fail-secure design: deny on validation timeout
  • Configurable response policies (block, alert, log-only)
  • Real-time alerting to security operations center

Performance Specifications

Metric Specification Notes
Validation Latency (p50) 3.2ms Median case, hot cache
Validation Latency (p99) 4.8ms 99th percentile, includes cache misses
Throughput 10,000 ops/sec Per validation node
Hash Algorithm SHA-256 NIST-approved, hardware accelerated
Blockchain Finality 2-5 seconds Asynchronous, non-blocking
Audit Retention Infinite Blockchain-backed persistence

Integration Patterns

Pattern 1: Pre-Execution Hook

Most common integration. IBA intercepts all AI actions before execution.

async function executeAIAction(action) { // Declare intent const intent = createIntent(action); // Validate with IBA const validation = await IBA.validate(intent, action); // Execute only if approved if (validation.approved) { return await action.execute(); } else { throw new SecurityViolation(validation.reason); } }

Pattern 2: Middleware Layer

For API-based AI systems, IBA operates as middleware in the request pipeline.

app.use(IBAMiddleware({ intentExtractor: (req) => extractIntent(req), onViolation: (req, reason) => { logSecurityEvent(req, reason); throw new HTTP403Forbidden(reason); } }));

Pattern 3: Agentic Loop Integration

For autonomous agents, IBA validates each step in the reasoning loop.

while (agent.hasNextStep()) { const step = agent.planNextStep(); const intent = agent.declareIntent(step); if (!await IBA.validate(intent, step)) { agent.halt(“Intent validation failed”); break; } await agent.executeStep(step); }

Security Properties

Cryptographic Guarantees

IBA provides provable security properties through cryptographic validation and blockchain-backed audit trails.

  • Tamper Resistance: Intent hashes use SHA-256, computationally infeasible to forge
  • Replay Protection: Timestamps and nonces prevent intent replay attacks
  • Audit Integrity: Blockchain ensures immutable, verifiable history
  • Fail-Secure: System denies actions on validation failures or timeouts
  • Defense in Depth: Multiple validation layers including policy, scope, and behavioral checks

Deployment Options

Cloud-Native Deployment

Containerized deployment on Kubernetes with horizontal scaling and high availability.

  • Stateless validation nodes for elastic scaling
  • Redis cluster for distributed policy cache
  • Multi-region deployment with sub-10ms latency
  • Prometheus metrics and Grafana dashboards

On-Premises Integration

Self-hosted deployment for air-gapped or highly regulated environments.

  • Private blockchain network (Hyperledger Fabric)
  • HSM integration for cryptographic key management
  • LDAP/AD integration for identity management
  • Compliance-ready logging and audit exports

Hybrid Architecture

Cloud-based validation with on-premises blockchain for maximum flexibility.

  • Cloud validation for low latency
  • On-prem blockchain for data sovereignty
  • Encrypted cross-boundary communication
  • Configurable data residency policies

Compliance & Standards

Regulatory Alignment

  • EU AI Act: Cryptographic audit trails satisfy Article 12 (record-keeping) and Article 14 (human oversight)
  • Taiwan AI Basic Act: Runtime validation addresses governance and accountability requirements
  • SOC 2 Type II: Audit trail completeness and tamper-resistance
  • ISO 27001: Access control and security monitoring
  • GDPR: Right to explanation through intent transparency

Technical Standards

  • NIST Cybersecurity Framework alignment
  • OWASP ASVS Level 2 compliance
  • OpenID Connect for authentication
  • OAuth 2.0 for authorization

Patent Coverage

UK Patent Application GB2603013.0

Filed February 10, 2026 with priority date February 5, 2026. Covers the core innovation of cryptographic intent validation for AI systems.

Claims

  • Method for cryptographic validation of AI action intent
  • Sub-5ms runtime enforcement without human-in-the-loop
  • Blockchain-backed audit trail generation
  • Automatic kill switch on intent violation
  • Integration patterns for agentic AI systems

International Expansion

Preparing PCT application for international protection in US, EU, China, and other jurisdictions. Patent strategy designed for maximum coverage of AI safety market.