◎ OS PUB Apache 2.0 ← All specifications

P166 — AIEP — Evidence Access Control and Permission Protocol

Publication Date: 2026-04-12 Status: Open Source Prior Art Disclosure Licence: Apache License 2.0 Author/Organisation: Phatfella Ltd Schema: AIEP_OS_SPEC_TEMPLATE v1.0.1 — https://aiep.dev/schemas/aiep-os-spec-template/v1.0.1

Field of the Invention

[0001] The disclosure relates to access control and permission management systems for evidence artefacts in computing environments.

[0002] More particularly, the disclosure concerns an evidence access control and permission protocol for use within an Architected Instruction and Evidence Protocol (AIEP) system, governing which principals may read, cite, modify, retract, or federate specific evidence artefacts based on classification labels, sensitivity tiers, and principal capability grants.

Framework Context

[0003] This invention operates within an Architected Instruction and Evidence Protocol (AIEP) environment as defined in United Kingdom patent application number GB2519711.2, filed 20 November 2025, the entire contents of which are incorporated herein by reference.

Summary of the Disclosure

[0004] A computer-implemented evidence access control and permission protocol comprises: classifying each evidence artefact with a SensitivityTier drawn from {PUBLIC, INTERNAL, RESTRICTED, SOVEREIGN}; defining an EvidencePermissionMatrix mapping (principal_type, capability) → allowed_tier_ceiling; evaluating all evidence access requests against the EvidencePermissionMatrix before state changes are permitted; generating an AccessDeniedRecord when a request fails authorisation, including requesting_principal_id, requested_artefact_id, requested_capability, and denial_timestamp; logging all authorised accesses as EvidenceAccessAuditRecords in the provenance chain; and preventing SOVEREIGN-tier evidence from leaving the originating deployment node without an explicit SovereignExportAuthorisationRecord signed by a governance-authorised principal.

[0005] SensitivityTier cannot be downgraded at runtime — only upgraded.

[0006] The technical effect is modification of computing system behaviour by enforcing capability-based access control on evidence artefacts, providing audit trails and preventing unauthorised cross-node evidence flows.

Claims

[0007] A computer-implemented method for evidence access control and permission management comprising: classifying evidence artefacts by SensitivityTier; evaluating access requests against an EvidencePermissionMatrix; logging AccessDeniedRecords on failed authorisation; maintaining EvidenceAccessAuditRecords in provenance chains; and blocking SOVEREIGN-tier export without explicit authorisation records.

[0008] A system for evidence access control and permission management comprising one or more processors and a non-transitory computer-readable medium storing instructions to execute the method of claim 1.

Published as open-source prior art under Apache License 2.0. All rights reserved by Phatfella Ltd. Patent application rights reserved.

This specification is published as open-source prior art under the Apache License 2.0. Copyright 2026 Protocol Owner. Inventor: Protocol Architect.

Patent information · Licensing · All open specifications