The authority graph explained

Introduction to authority in modern systems

In most systems, authority is implied rather than explicitly modelled. Permissions are scattered across roles, services, and policies, making it difficult to understand who is allowed to perform a given action and under what conditions.

As systems become more distributed, this lack of structure introduces risk. Authority is no longer a simple mapping between user and permission, but a chain of relationships that must be resolved at runtime.

The authority graph provides a way to model this complexity in a clear and structured form.

From static permissions to dynamic relationships

Traditional access control models rely on static assignments. A role is granted a set of permissions, and those permissions determine what actions can be performed. While effective in simple environments, this approach struggles to represent more dynamic scenarios

In practice, authority often depends on multiple factors. An agent may act on behalf of a profile, which is governed by a decision surface with defined constraints. These relationships are not static, but contextual and evolving.

The authority graph captures these relationships as a connected structure, allowing authority to be resolved dynamically.

‍

Modelling the authority chain

Cursus curabitur euismod vel fermentum sapien non dolor odio vel. Tortor lectus mauris in praesent a tincidunt nam. In aenean At the core of the authority graph is a chain that links the elements involved in an action. A decision surface defines what can be done. A profile defines the conditions under which it can be done. A grant links an agent to that profile, establishing authority.

When a request is evaluated, MIDAS resolves this chain to determine whether the agent is permitted to act on the surface under the given context.

This model provides a clear and consistent way to represent authority across systems.

Why the graph matters

By representing authority as a graph rather than a set of isolated rules, MIDAS enables a more flexible and transparent approach to governance. Relationships can be inspected, validated, and evolved without introducing fragmentation.

The graph also makes it possible to trace how authority is established and applied. This is critical for understanding how decisions are governed and for maintaining control as systems scale.

A foundation for governed execution

The authority graph is not just a data model; it is the foundation for how MIDAS evaluates requests. Every governed action relies on resolving this structure to determine whether execution is permitted.

By making authority explicit and structured, the graph ensures that governance is consistent, explainable, and adaptable across different environments.