Appearance
Research Sources
Agent Policy v0.1.0 uses established policy, authorization, eventing, telemetry, AI governance, and agent protocol references. These references inform the shape of the standard; they do not transfer ownership of Agent Policy semantics.
| Source | What Agent Policy takes from it |
|---|---|
| Open Policy Agent docs | Policy-as-code, structured input, structured decision output, and decoupling decision from enforcement. |
| OPA policy language | Rego-style policy evaluation concepts and data-driven policy authoring. |
| OPA management bundles | Versioned policy bundles as a reference for policy set identity and distribution. |
| Cedar documentation | Principal, action, resource, context, entities, schema validation, and authorization decisions. |
| Cedar authorization | PARC request shape and permit/forbid evaluation model. |
| OASIS XACML 3.0 | PDP/PEP split and decision vocabulary such as Permit, Deny, NotApplicable, and Indeterminate. |
| OAuth 2.0 RFC 6749 | Token, grant, and scope concepts as adjacent identity inputs. |
| OAuth 2.0 Resource Indicators RFC 8707 | Resource-bound authorization requests as a reference for constrained grants. |
| Model Context Protocol specification | Tool, resource, prompt, and authorization boundaries for agent integrations. |
| Agent2Agent Protocol | Peer agent tasks, messages, artifacts, and handoff references. |
| CloudEvents specification | Portable event envelope design. |
| OpenTelemetry GenAI semantic conventions | Trace and span correlation for model and agent operations. |
| NIST AI Risk Management Framework | Governance-oriented vocabulary for mapping, measuring, managing, and documenting AI risk. |