Zero-Trust for Agents: Capability Grants, Tripwires, Immutable Logs
DOI:
https://doi.org/10.31224/5792Keywords:
ai agents, ai governance, ai risk management, anomaly detection, capability security, digital assurance, immutable logs, human oversightAbstract
Agentic AI systems can plan and act across tools, raising novel safety and governance risks in production. This preprint proposes a Zero-Trust architecture for agents built on three pillars: capability grants (scoped, short-lived permissions that enforce least privilege), tripwires (runtime policy checks and anomaly detectors that gate or halt actions), and immutable logs (append-only evidence to support oversight, forensics, and rollback). We map each control to EU AI Act Article 14 human-oversight obligations and the NIST AI RMF (Govern/Map/Measure/Manage), and provide a control-to-requirement matrix and KPI/SLOs (e.g., p95 override latency, % gated actions, log completeness, incident MTTR). An ASCII reference diagram and a capability-grant matrix make the design deployable; a compact threat model and micro-evaluation (using OWASP LLM01/LLM06 and Salesforce-style prompt-injection patterns) demonstrate how the control plane contains direct and indirect attacks. The result is a practical blueprint that lets organizations adopt AI agents with verifiable guardrails-meeting emerging regulatory expectations while preserving velocity.Downloads
Download data is not yet available.
Downloads
Posted
2025-11-12
License
Copyright (c) 2025 Kostakis Bouzoukas
This work is licensed under a Creative Commons Attribution 4.0 International License.
