Governing Actions, Not Agents: Institutional Attestation as a Governance Model for Autonomous AI Systems
Governing Actions, Not Agents: Institutional Attestation as a Governance Model for Autonomous AI Systems
治理行为而非代理:机构认证作为自主 AI 系统的治理模型
Abstract: Autonomous AI agents may begin to perform consequential, irreversible actions such as clinical prescribing and production software deployment. This paper observes that human institutions have governed powerful autonomous actors not by monitoring their reasoning but by requiring independently attested evidence at the point of consequential action.
摘要: 自主 AI 代理可能开始执行具有重大后果且不可逆转的操作,例如临床处方开具和生产环境软件部署。本文观察到,人类机构治理强大的自主行为体时,并非通过监控其推理过程,而是在关键操作节点要求提供经独立认证的证据。
We formalise this institutional pattern as a computational governance model for AI agent systems. Under the proposed model, an agent retains full autonomy over planning and reasoning but holds no execution authority over designated high-risk actions.
我们将这种制度模式形式化为一种针对 AI 代理系统的计算治理模型。在该模型下,代理在规划和推理方面保持完全自主,但在指定的各类高风险操作上不具备执行权限。
Execution is conditional on preconditions that are each independently attested by a separate authoritative source, cryptographically bound to a declared intent, and evaluated by a deterministic policy. Decisions are recorded in a tamper-evident log amenable to independent re-verification.
执行的前提条件是:每一项操作都必须由独立的权威来源进行认证,通过加密方式绑定到声明的意图上,并由确定性策略进行评估。所有决策均记录在防篡改日志中,以便进行独立的重新验证。
We present a proof-of-concept implementation and illustrate the model with examples from software deployment and clinical prescribing.
我们展示了一个概念验证实现,并通过软件部署和临床处方开具的案例说明了该模型。
Paper Details:
- Authors: Jakob Salfeld-Nebgen
- arXiv ID: 2606.26298
- Date: 24 Jun 2026
- Subjects: Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR)
论文详情:
- 作者: Jakob Salfeld-Nebgen
- arXiv ID: 2606.26298
- 日期: 2026 年 6 月 24 日
- 学科: 人工智能 (cs.AI);密码学与安全 (cs.CR)