Skip to content

JIT Context, Roles, And Target Expectations

Excalibur VITRO runs on three signals: session-specific JIT context, standing role expectations, and standing target expectations.

JIT context is the primary operating tool.

JIT Context Is The Main Tool

JIT context tells the system what this session is for. It narrows the decision to current business purpose.

Examples:

  • approve refund for ticket INC-4821 up to 5,000 EUR
  • rotate the TLS certificate for api.corp.com
  • review security alerts and collect evidence for incident INC-9012
  • export customer records for legal hold case LH-2026-014

Good JIT context is concrete, scoped, and tied to a real business purpose.

Roles Provide Standing Expectations

Roles define what a class of users normally does.

Each role carries two kinds of standing expectations:

  • role specification: what this type of user is generally expected to do
  • target specification: what the protected resource is meant to be used for, and what kinds of actions are acceptable on that surface

Examples:

  • an accounts payable role can process invoices and schedule payments within defined limits
  • a support role can look up customer records and restore access for approved cases
  • an infrastructure administration role can manage certificates and load balancer settings

Target expectations define what actions belong on a surface.

Why Both Matter

JIT context explains the current session. Roles and target expectations explain the normal boundaries of the user and the surface.

flowchart LR
    A[Role Specification] --> D[Intent-Aware Decision]
    B[Target Expectations] --> D
    C[JIT Session Context] --> D

Together they answer one question: does this action belong for this user, on this surface, in this session?

Example

Consider an infrastructure administrator working on a certificate rotation.

  • the role specification says this administrator normally manages certificates, load balancers, and related infrastructure settings
  • the target specification says the resource is an infrastructure management surface where certificate changes are acceptable, but unrelated identity changes or financial actions are not
  • the JIT context says this session is for rotating the TLS certificate for api.corp.com

That lets the system allow expected certificate work and stop unrelated or destructive actions.

Why JIT Is Used Most Of The Time

Standing role and target expectations are broad by design. Most real risk decisions depend on why the user is in the session now. JIT context is therefore used most of the time.

The default pattern is:

  1. provide JIT context for the current session whenever the purpose is specific, sensitive, or high consequence
  2. define standing role expectations for user classes that need durable guardrails
  3. define standing target expectations for important surfaces

Operating Model

  • standing role expectations
  • standing target expectations
  • session-specific JIT context

The Outcome

This model gives organizations precision:

  • JIT context tells the system what this session is for
  • roles tell the system what this user class normally does
  • target expectations tell the system what the resource is intended to be used for

Together, they make preemptive security operational.

Next: Adapting intent-aware access to your organization