Execution-Time Authorization for AI Agents: A Formal Framework for Deterministic Governance Boundaries

Execution-time authorization is a deterministic enforcement layer that evaluates canonicalized action instances against versioned policy and governed system state prior to execution, producing a replayable authorization verdict and an immutable decision artifact. This paper formalizes execution-time authorization as a distinct architectural category within AI governance—irreducible to guardrails, alignment techniques, identity and access management, observability tooling, or agent orchestration. As autonomous AI agents increasingly execute irreversible actions in regulated domains—including healthcare, finance, defense, and critical infrastructure—the gap between what an agent is technically capable of doing…