The Bureaucracy of Speed: Structural Equivalence Between Memory Consistency Models and Multi-Agent Authorization Revocation
Abstract
The temporal assumptions underpinning conventional Identity and Access Management collapse under agentic execution regimes. A sixty-second revocation window permits on the order of 6 × 103 unauthorized API calls at 100 ops/tick; at AWS Lambda scale, the figure approaches 6 × 105. This is a coherence problem, not merely a latency problem. We define a Capability Coherence System (CCS) and construct a state-mapping : MESI auth preserving transition structure under bounded-staleness semantics. A safety theorem bounds unauthorized operations for the execution-count Release Consistency-directed Coherence (RCC) strategy at D rcc ≤ n, independent of agent velocity v -- a qualitative departure from the O(v · TTL) scaling of time-bounded strategies. Tick-based discrete event simulation across three business-contextualised scenarios (four strategies, ten deterministic seeds each) confirms: RCC achieves a 120× reduction versus TTL-based lease in the high-velocity scenario (50 vs. 6,000 unauthorized operations), and 184× under anomaly-triggered revocation. Zero bound violations across all 120 runs confirm the per-capability safety guarantee. Simulation code: https://github.com/hipvlady/prizm
Turn this paper into a full lesson
ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.