DecisionGraph Core
DecisionGraph CoreCore Concept

Graph Traversal Control

A Structural Approach to Access, Context, and Decision Boundaries

Overview

Graph Traversal Control is a core mechanism within the Causal Reachability Model (CRM).

It defines what is reachable in a system not by static permissions, but by controlled traversal over a structured graph.

Instead of granting access directly:

Systems define how traversal is allowed.

Core Principle

Access is not granted. Traversal is constrained.

A node is accessible only if it can be reached through a valid, policy-constrained path.

Formal Model

Reachable(node) =
  Traverse(
    start = case,
    edges = allowed(role, context),
    depth ≤ limit,
    ranked by weight,
    constraints = policy
  )

Key Dimensions

Graph traversal is governed by multiple orthogonal dimensions:

1. Role

Defines which types of edges are traversable.

role = Support

allowed_edges = {
  causes,
  affects,
  logs
}

2. Context

Modifies traversal behavior dynamically based on system state.

context = incident_mode

→ logs enabled
→ extended traversal allowed

3. Case (Starting Point)

Defines the origin of traversal.

case = Incident-42

→ traversal begins here

4. Depth

Limits traversal expansion to prevent explosion.

max_depth = 2

5. Weight (Ranking)

Controls traversal priority and result ordering.

weight = relevance | importance | trust

6. Policy Constraints

Defines additional rules that must be satisfied along traversal paths.

constraints:
  - requires approval
  - time-limited access
  - trust threshold

Traversal Process

Start Node (Case)
    ↓
Apply Role + Context → determine allowed edges
    ↓
Traverse graph (bounded by depth)
    ↓
Filter by constraints
    ↓
Rank nodes by weight
    ↓
Return reachable subgraph

Key Properties

  • No valid path → no access
  • Eliminates reliance on post-filtering
  • Access adapts to real-time conditions
  • Reachability is auditable and verifiable
  • Fine-grained edge-level control

Comparison with Traditional Models

RBAC / ACL
User → Permission → Resource

RAG Systems
Query → Retrieve → Filter

Graph Traversal Control (CRM)
Case → Constrained Traversal → Reachable Subgraph

Example

Incident Investigation

Incident A
 → caused_by → Deployment B
 → affects → Service C
 → logs → Log D

Without Traversal Control

Access Incident A only
→ Missing context

With Traversal Control

Start: Incident A

Allowed:
  causes, affects, logs
Depth: 2

→ B, C, D become reachable

Conceptual Shift

Traditional systems ask:
“Is this allowed?”

Graph Traversal Control asks:
“Is this reachable?”

Implications

  • AI-safe execution environments
  • Context-aware knowledge systems
  • Secure autonomous agents
  • Deterministic audit trails
  • Fine-grained compliance enforcement

Conclusion

Graph Traversal Control transforms access control into a deterministic, structural process.

Control the graph, and you control the system.