diff --git a/intents/core/1_protectAsset.yaml b/intents/core/1_protectAsset.yaml
new file mode 100644
index 00000000..9d7d6e29
--- /dev/null
+++ b/intents/core/1_protectAsset.yaml
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: [intent-name]
+  namespace: [intent-namespace]
+spec:
+  selector:
+    match:
+      any:
+        - resources:
+            names: [target-name]
+            kinds: [target-kind]
+            namespaces: [target-namespace]
+            matchLabels:
+              [key: value]
+    cel:
+    - xxxx 
+  intent:
+    group: core
+    ID: protectFile
+    params:
+        - path: /etc/shadow
+        - AllowBinary:
+          - /free5gc/webconsole
+          - /free5gc/webApp
\ No newline at end of file
diff --git a/intents/core/2_protectPort.yaml b/intents/core/2_protectPort.yaml
new file mode 100644
index 00000000..6fc49d88
--- /dev/null
+++ b/intents/core/2_protectPort.yaml
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: [intent-name]
+  namespace: [intent-namespace]
+spec:
+  selector:
+    match:
+      any:
+        - resources:
+            names: [target-name]
+            kinds: [target-kind]
+            namespaces: [target-namespace]
+            matchLabels:
+              [key: value]
+    cel:
+    - xxxx 
+  intent:
+    group: core
+    ID: protectPort # will generate rules for all protocols
+    params:
+        - port: 5000
+        - AllowBinary
+          - /free5gc/webconsole
+          - /free5gc/webapp
\ No newline at end of file
diff --git a/intents/core/3_ownnerOnly.yaml b/intents/core/3_ownnerOnly.yaml
new file mode 100644
index 00000000..1c49a768
--- /dev/null
+++ b/intents/core/3_ownnerOnly.yaml
@@ -0,0 +1,25 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: [intent-name]
+  namespace: [intent-namespace]
+spec:
+  selector:
+    match:
+      any:
+        - resources:
+            names: [target-name]
+            kinds: [target-kind]
+            namespaces: [target-namespace]
+            matchLabels:
+              [key: value]
+    cel:
+    - xxxx 
+  intent:
+    group: core
+    ID: ownerOnly #  The executable in the path can be invoked by ownerOnly
+    params:
+        - path: /home/5gc/myexec
\ No newline at end of file
diff --git a/intents/core/4_blockAsset.yaml b/intents/core/4_blockAsset.yaml
new file mode 100644
index 00000000..01ea1e27
--- /dev/null
+++ b/intents/core/4_blockAsset.yaml
@@ -0,0 +1,25 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: [intent-name]
+  namespace: [intent-namespace]
+spec:
+  selector:
+    match:
+      any:
+        - resources:
+            names: [target-name]
+            kinds: [target-kind]
+            namespaces: [target-namespace]
+            matchLabels:
+              [key: value]
+    cel:
+    - xxxx 
+  intent:
+    group: core
+    ID: blockAsset #  Nobody can access below paths
+    params:
+        - path: /home/5gc/
\ No newline at end of file
diff --git a/intents/core/5_blockRawSocket.yaml b/intents/core/5_blockRawSocket.yaml
new file mode 100644
index 00000000..865ec220
--- /dev/null
+++ b/intents/core/5_blockRawSocket.yaml
@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: [intent-name]
+  namespace: [intent-namespace]
+spec:
+  selector:
+    match:
+      any:
+        - resources:
+            names: [target-name]
+            kinds: [target-kind]
+            namespaces: [target-namespace]
+            matchLabels:
+              [key: value]
+    cel:
+    - xxxx 
+  intent:
+    group: core
+    ID: blockRawSocket #  No raw sockets can be accessed
\ No newline at end of file
diff --git a/intents/template-intent.yaml b/intents/template-intent.yaml
new file mode 100644
index 00000000..faad72a0
--- /dev/null
+++ b/intents/template-intent.yaml
@@ -0,0 +1,24 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: [intent-name]
+  namespace: [intent-namespace]
+spec:
+  selector:
+    match:
+      any:
+        - resources:
+            names: [target-name]
+            kinds: [target-kind]
+            namespaces: [target-namespace]
+            matchLabels:
+              [key: value]
+    cel:
+    - xxxx 
+  intent:
+    group: oran/core
+    ID: protectFile, protectPort, ownerOnly, blockAsset, blockRawsocket
+    params:
\ No newline at end of file