AEGIS Governed Capability Flow
Architectural Enforcement & Governance of Intelligent Systems
Version: 0.2
Status: Informational
Part of: AEGIS Architecture
Author: Kenneth Tannenbaum
Last Updated: March 6, 2026
Purpose
This document defines the end-to-end capability flow and the control contract for each stage from request proposal to execution outcome.
End-to-End Flow
1) User/System Intent
2) Agent Action Proposal
3) Capability Request Construction
4) Governance Admission Validation
5) Policy Matching and Precedence
6) Risk Calculation
7) Decision Outcome
8) Constraint Packaging (if required)
9) Audit Record Creation
10) Tool Proxy Execution or Block
11) Execution Telemetry and Post-Decision AuditStage Contracts
Stage 1-3: Proposal and Request Creation
Required outputs:
- Valid
agent_id,capability,resource,context. - Stable
request_idfor traceability.
Stage 4: Admission Validation
Required checks:
- Schema validity.
- Identity authenticity.
- Capability format normalization.
Failure behavior:
- Immediate
DENYand audit event.
Stage 5: Policy Matching
Required behavior:
- Evaluate enabled policies only.
- Apply deterministic precedence (deny first, then priority).1
Stage 6: Risk Calculation
Required behavior:
- Compute bounded score in range 0-100.
- Include actor, capability, resource, environment, history factors.
Stage 7-8: Decision and Constraints
Possible outcomes:
ALLOWCONSTRAINESCALATEDENY
Constraint-bearing outcomes must include enforceable machine-readable limits.
Stage 9-11: Audit and Execution
Required behavior:
- Record immutable decision evidence before execution handoff.
- Execute only if decision permits.
- Record execution telemetry and violations.
Flow Invariants
- No request executes without a prior decision.2
- No decision exists without an audit ID.2
- No constrained request executes unconstrained.
- No denied request causes infrastructure side effects.
Decision Matrix
| Decision | Execution | Constraints | Escalation | Audit |
|---|---|---|---|---|
| ALLOW | Yes | Optional | No | Required |
| CONSTRAIN | Yes | Required | No | Required |
| ESCALATE | No | N/A | Required | Required |
| DENY | No | N/A | Optional | Required |
Verification Checks
The flow is valid only if:
- 100% execution events map to governance decisions.
- All constrained executions show matching runtime controls.
- Escalation queue contains all risk threshold exceedances.
- Replay of flow events is deterministic.
Related Documents
docs/architecture/DECISION_ALGORITHM.mddocs/architecture/POLICY_MATCHING_AND_DEBUG.mddocs/architecture/END_TO_END_REQUEST_FLOW.md
References
Footnotes
-
F. B. Schneider, “Enforceable Security Policies,” ACM Transactions on Information and System Security (TISSEC), vol. 3, no. 1, pp. 30–50, Feb. 2000, doi: 10.1145/353323.353382. See REFERENCES.md. ↩
-
J. P. Anderson, “Computer Security Technology Planning Study,” Deputy for Command and Management Systems, HQ Electronic Systems Division (AFSC), Hanscom Field, Bedford, MA, Tech. Rep. ESD-TR-73-51, Vol. II, Oct. 1972. See REFERENCES.md. ↩ ↩2