How Intent-Aware Access Works¶
Intent-aware access adds the missing decision: whether the action belongs before it changes state.
Traditional Access Stops Too Early¶
flowchart LR
A[Identity] --> B[Access Policy]
B --> C[Application Access]
C --> D[Action Executes]Traditional flow ends here. If identity and policy allow entry, the action proceeds.
Excalibur VITRO adds an intent-aware decision before execution:
flowchart LR
A[Identity] --> B[Access Policy]
B --> C[Application Access]
C --> E[Intent-Aware Check]
E -->|Allow| D[Action Executes]
E -->|Challenge| F[Pause Before State Change]Intent-aware access inserts a pre-execution decision.
What The Decision Uses¶
flowchart LR
A[Session Context] --> E[Intent-Aware Reasoning]
B[Workflow Position] --> E
C[Current Action] --> E
D[Consequence and Scope] --> E
E --> F[Allow]
E --> G[Challenge]
E --> H[Explain]The decision is based on the relationship between the action, the session, the workflow, and the consequence of what is about to happen.
Why This Changes What Can Be Governed¶
| Control model | Best at | Weakest at |
|---|---|---|
| Identity and policy | Establishing who can reach a system | Deciding whether a specific action makes sense right now |
| Signature and rule-based detection | Catching known bad patterns | Novel abuse, multi-step drift, and disguised destructive actions |
| Intent-aware access | Judging whether the action fits the session and purpose before execution | Works with identity, policy, and review as the pre-execution control layer |
Identity, policy, and review stay. Intent-aware access adds the missing pre-execution layer.
What Changes For Each Audience¶
| Audience | What changes |
|---|---|
| User | Routine work continues; risky actions are paused before they land. |
| Admin | Control moves to business intent instead of brittle exception rules and after-the-fact triage. |
| Organization | Security gains a pre-execution governance layer for novel and high-consequence actions. |
What Happens When Risk Appears¶
If the action fits, work continues. If it is high-consequence, out of scope, or session-incoherent, the system stops it before execution.
Why This Matters¶
This approach is especially valuable in workflows where meaning matters more than syntax:
- privileged administration
- approvals and payments
- identity and access changes
- destructive operations
- exports and sensitive data movement
- query, template, and execution surfaces
In these workflows, broad authorization is not enough.
For a full breakdown by domain, see Where it applies.