Privilege Risk Evolution for Non-Human Identities: A Temporal Fiber Model for Cloud IAM
arXiv SecurityArchived Jun 03, 2026✓ Full text saved
arXiv:2606.03289v1 Announce Type: new Abstract: Cloud permission governance implicitly treats permission equivalence as a static relation. We show that for non-human identities (NHIs), equivalence has two irreducible components: structural equivalence, capturing identical permission profiles at a snapshot via graph fibration, and temporal equivalence, capturing recurring permission states via strongly connected components (SCCs) in a fiber transition graph. We call the equivalence classes under
Full text archived locally
✦ AI Summary· Claude Sonnet
Computer Science > Cryptography and Security
[Submitted on 2 Jun 2026]
Privilege Risk Evolution for Non-Human Identities: A Temporal Fiber Model for Cloud IAM
Christophe Parisel
Cloud permission governance implicitly treats permission equivalence as a static relation. We show that for non-human identities (NHIs), equivalence has two irreducible components: structural equivalence, capturing identical permission profiles at a snapshot via graph fibration, and temporal equivalence, capturing recurring permission states via strongly connected components (SCCs) in a fiber transition graph. We call the equivalence classes under temporal equivalence privilege circuits.
We formalize a three-layer framework: (1) a spatial quotient of the permission graph via fibration, (2) a lineage partition organizing stable transition compartments, (3) windowed SCC analysis as a temporal quotient within lineages.
Empirical evaluation on a large Azure tenant supports the framework. Backtesting demonstrates that early observation of ratchet-type privilege circuits predicts long-term structural stability.
Subjects: Cryptography and Security (cs.CR)
Cite as: arXiv:2606.03289 [cs.CR]
(or arXiv:2606.03289v1 [cs.CR] for this version)
https://doi.org/10.48550/arXiv.2606.03289
Focus to learn more
Submission history
From: Christophe Parisel [view email]
[v1] Tue, 2 Jun 2026 07:52:01 UTC (29 KB)
Access Paper:
HTML (experimental)
view license
Current browse context:
cs.CR
< prev | next >
new | recent | 2026-06
Change to browse by:
cs
References & Citations
NASA ADS
Google Scholar
Semantic Scholar
Export BibTeX Citation
Bookmark
Bibliographic Tools
Bibliographic and Citation Tools
Bibliographic Explorer Toggle
Bibliographic Explorer (What is the Explorer?)
Connected Papers Toggle
Connected Papers (What is Connected Papers?)
Litmaps Toggle
Litmaps (What is Litmaps?)
scite.ai Toggle
scite Smart Citations (What are Smart Citations?)
Code, Data, Media
Demos
Related Papers
About arXivLabs
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)