Static ACLs make a fixed allow or deny decision based on identity or role. Context-based access control adds runtime signals such as data sensitivity, origin, posture, and intended action. The result is a more precise decision that can change as the workflow changes, which is essential for MCP and other agentic systems.
Why This Matters for Security Teams
Static ACLs are simple, but they are also blunt. They answer a narrow question: “Is this identity on the approved list?” That works for stable workloads with predictable paths, but it breaks down when access depends on what data is being touched, where the request originates, and what the workload is trying to do right now. For NHI programs, that gap often shows up in service accounts, API keys, and agentic workflows that accumulate access over time. The risk profile is well documented in the Ultimate Guide to NHIs, which notes that 97% of NHIs carry excessive privileges, broadening the attack surface.
Context-based access control changes the decision point from “who is this?” to “what is happening, now?” That matters when the same workload may need read-only access in one step and no access in the next. It also aligns better with Zero Trust thinking, where trust is continuously evaluated rather than granted once and reused. Guidance from the OWASP Non-Human Identity Top 10 and PCI DSS v4.0 both reinforce the need to reduce standing access and tighten control over sensitive transactions. In practice, many security teams encounter over-permissioned access only after a workflow has already touched data it should never have been able to reach.
How It Works in Practice
Static ACLs are usually enforced at provisioning time. An identity is added to a list, a role is assigned, or a group membership is approved, and the decision remains in place until someone changes it. That model is efficient for administration, but it is not expressive enough for runtime conditions. Context-based access control inserts a policy layer that evaluates signals at the moment of access: data classification, source IP or workload origin, device or container posture, request time, action type, and sometimes the current step in a workflow.
For NHI environments, that often means pairing least privilege with short-lived credentials and policy-as-code. A workload can present a cryptographic workload identity, then receive access only if the request matches the expected context. The 52 NHI Breaches Analysis shows why this matters: compromised non-human identities are frequently used as a bridge into broader environments, especially when secrets are long-lived or broadly reusable. In parallel, the Ultimate Guide to NHIs — Key Challenges and Risks highlights how visibility and rotation gaps compound that exposure.
- Use static ACLs only for coarse baseline allow or deny decisions.
- Use context-based rules for sensitive data, privileged actions, and temporary workflows.
- Require runtime evaluation before each high-risk request, not just at login or token issuance.
- Bind access to workload identity and current posture rather than to a permanent membership list.
- Revoke or shorten access when the workflow changes, completes, or deviates from expected behaviour.
This control model is strongest when paired with NHI inventory, rotation, and offboarding discipline, because policy alone cannot compensate for stale secrets or unknown service accounts. These controls tend to break down in legacy systems that cannot pass runtime context or enforce policy checks at the transaction layer because the application only understands static group membership.
Common Variations and Edge Cases
Tighter context-based control often increases engineering overhead, requiring organisations to balance security precision against integration complexity. That tradeoff is especially visible in older applications, partner integrations, and distributed pipelines where every request cannot easily carry full context. Best practice is evolving, and there is no universal standard for every environment yet, so teams usually start with the highest-risk paths rather than attempting full coverage on day one.
One common variation is to keep static ACLs for low-risk internal actions while adding context checks for anything that touches regulated data, production systems, or privileged APIs. Another is to combine RBAC with JIT access so the role defines a broad entitlement, but the actual permission is issued only for a narrow window and only after policy checks succeed. That approach is often more realistic than replacing ACLs entirely. The Ultimate Guide to NHIs — What are Non-Human Identities is useful for grounding these patterns in the broader NHI lifecycle, while the Ultimate Guide to NHIs — Standards section helps teams map practice to governance expectations.
For agentic systems, the edge case is more serious: an autonomous agent may chain tools, change intent mid-task, or request access outside the original plan. In that environment, static ACLs become especially risky because they cannot distinguish a legitimate next step from unexpected lateral movement. That is why current guidance increasingly favours intent-aware authorisation, short-lived secrets, and continuous evaluation over permanent standing permission.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Addresses excessive privileges and stale access on non-human identities. |
| NIST CSF 2.0 | PR.AC-4 | Fits context-aware authorization and ongoing access control decisions. |
| OWASP Agentic AI Top 10 | A-04 | Relevant where autonomous agents need runtime policy checks and bounded tool use. |
Replace standing permissions with least-privilege, short-lived NHI access and rotate credentials regularly.
Related resources from NHI Mgmt Group
- What is the difference between context-based authentication and static access control?
- What is the difference between static IAM and intent-based security for agents?
- What is the difference between governing human access and governing AI agent access?
- What is the difference between just-in-time access and role-based access control?
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on May 30, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
