Deepu

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue

Is your RAG system secretly leaking sensitive data to your LLM? Learn how to stop it with fine-grained authorization before it goes rogue.

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
#1about 4 minutes

Understanding the current state of AI security challenges

AI systems often have poor judgment, and the security domain is playing catch-up with the rapid evolution of AI agents and protocols.

#2about 3 minutes

Focusing on key OWASP Top 10 risks for developers

Application developers should focus on mitigating sensitive information disclosure and excessive agency, as these have a large attack surface under their control.

#3about 3 minutes

Why traditional RBAC fails for RAG systems

Traditional role-based access control (RBAC) is insufficient for RAG systems due to dynamic context and complex data relationships, necessitating a fine-grained authorization (FGA) approach.

#4about 5 minutes

Implementing OpenFGA to secure RAG data access

OpenFGA uses authorization models and relationship tuples to filter documents from a vector store, ensuring the LLM only receives data the user is permitted to see.

#5about 2 minutes

Mitigating excessive agency with zero trust tool access

Control an AI agent's tool access at the code level using zero trust principles, applying standard RBAC for simple cases and FGA for granular, user-dependent permissions.

#6about 1 minute

Securing third-party API calls using OAuth federation

Use OAuth 2.0 federation to allow AI agents to call third-party APIs on a user's behalf without handling raw credentials, using a broker to manage access tokens.

#7about 1 minute

Adding human guardrails with asynchronous authorization

Implement human-in-the-loop approvals for high-stakes actions by using the CIBA flow to send asynchronous authorization requests to users for confirmation.

#8about 5 minutes

Demoing step-up authorization and system architecture

A live demo showcases step-up authorization where an agent requests user consent before accessing sensitive data, followed by an overview of the application's architecture.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

The security challenges of building AI browser agents
06:33 MIN

The security challenges of building AI browser agents

AI in the Open and in Browsers - Tarek Ziadé

Exploring the role and ethics of AI in gaming
14:06 MIN

Exploring the role and ethics of AI in gaming

Devs vs. Marketers, COBOL and Copilot, Make Live Coding Easy and more - The Best of LIVE 2025 - Part 3

The security risks of AI-generated code and slopsquatting
05:55 MIN

The security risks of AI-generated code and slopsquatting

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Prompt injection as an unsolved AI security problem
07:39 MIN

Prompt injection as an unsolved AI security problem

AI in the Open and in Browsers - Tarek Ziadé

How AI-generated content is overwhelming open source maintainers
06:46 MIN

How AI-generated content is overwhelming open source maintainers

WeAreDevelopers LIVE – You Don’t Need JavaScript, Modern CSS and More

Using AI agents to modernize legacy COBOL systems
06:28 MIN

Using AI agents to modernize legacy COBOL systems

Devs vs. Marketers, COBOL and Copilot, Make Live Coding Easy and more - The Best of LIVE 2025 - Part 3

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Crypto crime, EU regulation, and working while you sleep
01:15 MIN

Crypto crime, EU regulation, and working while you sleep

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

Featured Partners

Related Videos

See all videos
GenAI Security: Navigating the Unseen Iceberg24:33

GenAI Security: Navigating the Unseen Iceberg

Maish Saidel-Keesing

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails29:00

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Alex Soto

The State of GenAI & Machine Learning in 202526:47

The State of GenAI & Machine Learning in 2025

Alejandro Saucedo

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

On a Secret Mission: Developing AI Agents29:03

On a Secret Mission: Developing AI Agents

Jörg Neumann

AI & Ethics28:27

AI & Ethics

PJ Hagerty

Tackling the Risks of AI - With AI29:28

Tackling the Risks of AI - With AI

Kai Grunwitz, Klaus Bürg & Tomislav Tipurić

From A2A to MCP: How AI’s “Brains” are Connecting to “Arms and Legs”24:12

From A2A to MCP: How AI’s “Brains” are Connecting to “Arms and Legs”

Brad Axen

Related Articles

View all articles

From learning to earning

Jobs that call for the skills explored in this talk.