How do I enforce chunk-level access control so users only retrieve documents they're authorized to see?

To enforce chunk-level access control, you can implement an Intent-Based Access Control (IBAC) system that normalizes tool calls to canonical actions and resources, then applies policies based on these normalized intents. This allows for granular control over what specific agents can read, write, or execute on particular resources.

Here are concrete controls for enforcing chunk-level access control:

• Normalize Intent: Map heterogeneous tool calls from different agent runtimes (e.g., Claude's Read, OpenClaw's code_read, Gemini's file_read) to a unified set of canonical actions like read, write, or execute. This ensures consistent policy enforcement regardless of the agent or its specific tool naming conventions.
• Enforce Policy Uniformly: Use a single policy set, such as Cedar policies, to govern all agent runtimes. This prevents policy fragmentation and ensures consistent security standards across your AI agent ecosystem.
• Granular Control with Context-Bound Policies: Define policies that can differ based on various contextual factors, including the agent's identity, the environment (e.g., dev/staging/prod), the specific resource being accessed (e.g., file/directory), or even time-based rules. For example, a policy can permit a specific agent to read a resource only when context.environment == "prod" && resource.file_path.contains("config").
• Resource URI Format: Standardize resource identification using a scheme that identifies the resource type, such as file:path/to/file.txt for file reads or pattern:*.py for pattern searches. This allows policies to target specific types of resources.
• Deny-by-Default with Explicit Permits: Implement a deny-by-default approach where all actions are denied unless explicitly permitted by a policy. This is a strong security posture, ensuring that only authorized operations are allowed.
• Unified Audit Trail: Record all agent actions, including the tools used, canonical actions, resources, and policy decisions, in a consistent format (e.g., JSONL). This provides transparency and aids in compliance audits.