§15 · Lane 1 — Rules-as-Code / Law-as-Code
Cedar — Verifiable Authorization Language
Cutler et al. (2024) · PACMPL 8, OOPSLA1
Bibliographic data
- Title
- Cutler et al. (2024) — Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization
- Authors / Issuing body
- Joseph W. Cutler, Craig Disselkoen, Aaron Eline, Shaobo He, Kyle Headley, Michael Hicks, Kesha Hietala, John Kastner, Anwar Mamat, Matthew McCutchen, Neha Rungta, Bhakti Shah, Emina Torlak, Andrew Wells. Amazon Web Services authorship.
- Venue / Publisher
- Proceedings of the ACM on Programming Languages 8, OOPSLA1 (April 2024), Article 119
- Year
- 2024
- Designation
- Academic
- Licence
- DOI — refer to publisher for full licence terms.
- Canonical link
- https://doi.org/10.1145/3649835
How to cite
Cutler et al. (2024). Cutler et al. (2024) — Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization. Proceedings of the ACM on Programming Languages 8, OOPSLA1 (April 2024), Article 119. https://doi.org/10.1145/3649835.
The reference paper for Amazon's Cedar policy language. Combines role-based and attribute-based access control with formal analysis so that authorisation policies can be verified statically before deployment.
Why it matters for NETEVO
Cedar is the load-bearing technical anchor for the engineered half of the Implicit Authority Cascade (IAC) framing. Where the AI audit and accountability literature in NETEVO's substrate names the failure modes from the outside, Cedar specifies how the inside of an agentic system can be built so those failure modes are prevented at policy-evaluation time rather than discovered after the fact.
A verifiable policy language, not ad-hoc code. Cedar's safe and analyzable property — the language is designed so that policies can be statically checked against analyst questions of the form no policy grants delete to a user outside the owner group — provides the academic warrant for NETEVO's position that authorisation decisions in agentic systems should be expressed in a verifiable policy language rather than scattered through application code. The audit-side literature anchors what auditors inspect; Cedar anchors the policy-side artefact that auditors can inspect.
Pairing with APRA CPS 230. Cedar is the natural technical reference for the forthcoming CPS 230 executable-edge-controls insight. APRA's CPS 230 places operational risk controls at the front line; Cedar specifies what those controls can look like as machine-readable policy decisions at runtime. The pairing turns a regulator-readable architecture into an enforceable one.
Board-to-runtime accountability. Cedar populates a slot the Authority Register coinage names. Where ISO/IEC 38507 governs how a board delegates authority into AI systems, Cedar provides the engineered runtime form that delegation takes. NETEVO cites the two together to close the accountability path from boardroom decision to runtime policy evaluation.