As networks move toward the next-generation 6G, Intent-based Management (IbM) systems are increasingly adopted to simplify and automate network management by translating high-level intents into low-level configurations. Within these systems, agents play a critical role in monitoring current state of the network, gathering data, and enforcing actions across the network to fulfill the intent. However, ensuring secure and fine-grained authorization of agents remains a significant challenge, especially in dynamic and multi-tenant environments. Traditional models such as Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC) and Relational-Based Access Control (RelBAC) often lack the flexibility to accommodate the evolving context and granularity required by intentbased operations. In this paper, we propose an enhanced authorization framework that integrates contextual and functional attributes with agent roles to achieve dynamic, policy-driven access control. By analyzing agent functionalities, our approach ensures that agents are granted only the minimal necessary privileges towards knowledge graphs.

翻译：随着网络向下一代6G演进，意图驱动管理（IbM）系统日益普及，通过将高层级意图转化为低层级配置来简化和自动化网络管理。在此类系统中，智能体发挥着关键作用：监控网络实时状态、采集数据，并在全网执行操作以实现意图目标。然而，确保智能体获得安全且细粒度的授权仍是重大挑战，尤其在动态多租户环境中。传统模型如基于角色的访问控制（RBAC）、基于属性的访问控制（ABAC）及基于关系的访问控制（RelBAC）往往缺乏灵活性，难以适应意图驱动操作所需的动态上下文与精细粒度。本文提出一种增强型授权框架，通过将上下文属性、功能属性与智能体角色相融合，实现动态化、策略驱动的访问控制。该方法通过分析智能体功能，确保其仅被授予面向知识图谱的最小必要权限。