Ave Gatton
๐ค SpeakerAppearances Over Time
Podcast Appearances
But if you have a user who is constrained in their actions by traditional security, and then those constraints are transferred to the agent, then the agent only has the capability to answer the questions that person could do.
What we found is that is useful to the extent that maybe the person can automate some of their tasks.
But in the future, that agent will likely talk to an agent who assumes the permissions of someone who has greater permissions or someone who has fewer permissions in order to fully realize the utility of agents.
In other words, you have agents talking to agents, and you're not guaranteed that all the agents have the same permissions.
In this framework, it's useful to assume that, or at least it's secure to assume that somehow, some way, one agent's going to transfer information to the other agent.
And so you've got to lock down the transfer of information between agents, and that is not something that traditional security does.
That transfer of information is usually locked down by the security model of the people in the company.
It's the actions that the people take.
So when Abe is talking to Noah and Noah is the supervisor and Abe is just the Noah's head of HR and Abe is just a regular HR person that doesn't have access to say everyone's payroll.
If the NOAA agent does have access to everyone's payroll and the AVE agent needs to talk to the NOAA agent, can the AVE agent ask the NOAA agent for everybody's payroll in the company?
And then once that AVE agent has it, it can reveal it to myself, to AVE.
And if I'm a bad actor, I shouldn't know about that, or it's a company secret that
Maybe I can get paid a lot of money by somebody on the outside by selling it to or something or other, then all of a sudden now you have a data leak.
And so you have to put guardrails on the transfer of information outside of the NOAA agent, the exfiltration of that information in order to secure the system.
And so it's not so much restricting the access to the information originally, but it restricting what that agent can then tell
the users and other agents that are talking to it.
And that's the difficulty.
It's you can have a, an agent that in a sense, you can have agents that are only able to do the things that someone is already able to do.
So if for instance, in my role in a company, I have some, some road tasks that are required at all times.
If I have an agent that is helping me do roads or just mind numbing tasks that are typically part of my role.