Paper

Authorization as a Missing Layer in Digital Systems

Mats Heming Julner • January 7, 2026

Modern digital systems execute continuously, yet rarely model authorization as explicit state. This paper argues that authorization must exist as a first-class, time-bounded, revocable object independent of execution.

Read the PDF Zenodo record SSRN (pending)

Archival reference: DOI 10.5281/zenodo.18175964

Diagram

Execution-centric versus authorization-centric systems

Machines tracked execution state. They never tracked authorization state.

Abstract

Digital systems have evolved increasingly powerful execution mechanisms without a corresponding authority layer. As a result, actions are routinely executed without explicit, time-bound authorization. This paper identifies authorization as a missing first-class layer beneath execution in digital systems, and argues that authorization should be modeled as an explicit, revocable, time-scoped object independent of execution.

Citation

APA

Julner, M. H. (2026). Authorization as a Missing Layer in Digital Systems. Zenodo. https://doi.org/10.5281/zenodo.18175964

BibTeX

@misc{julner2026authorization,
  title        = {Authorization as a Missing Layer in Digital Systems},
  author       = {Julner, Mats Heming},
  year         = {2026},
  month        = jan,
  publisher    = {Zenodo},
  doi          = {10.5281/zenodo.18175964},
  url          = {https://doi.org/10.5281/zenodo.18175964}
}

Zenodo record: 18175965