Runtime Attestation and Provenance Tracking for Autonomous AI Agents: A Zero Trust Framework for Agentic Workflows
Center for Cybersecurity, University of Tampa, 401 W Kennedy Blvd, Tampa, FL, United States.
Review Article
World Journal of Advanced Research and Reviews, 2022, 16(01), 1273-1306
Article DOI: 10.30574/wjarr.2022.16.1.0983
Publication history:
Received on 25 August 2022; revised on 22 October 2022; accepted on 28 October 2022
Abstract:
The proliferation of autonomous artificial intelligence agents across critical infrastructure and industrial systems necessitates robust security frameworks capable of verifying agent behavior and tracking decision provenance throughout their operational lifecycle. Nevertheless, growing independence of these systems poses a serious security challenge especially regarding runtime integrity assurance, behavioural responsibility and provenance tracing through workflows involving multi agents. The presented paper offers an elaborate zero trust system that is tailored to autonomous AI agents working within a distributed context. The model combines attestation measures in runtime, ongoing provenance, and cryptographic verification measures to guarantee trusted agent execution during their execution life cycle. Based on the existing attestation procedures, principles of the zero-trust architecture and provenance systems based on blockchains, this study fulfils the key gaps in securing agentic workflows. The suggested framework uses the trusted execution environments, physically attested hardware, and distributed ledger technologies to ensure the verifiable records of agent actions, decisions, and state transitions. This paper introduces a complete taxonomy of security requirements in autonomous agent systems by systematically studying the existing attestation protocols and provenance tracking systems. The framework illustrates the operationalization of the continuous cheque, limited privilege access, and explicit trust assessment concept in agentic architectures. Its application in a variety of deployment environments and settings, however, is empirically tested and shows that the proposed solution preserves the level of security at an acceptable performance cost. The study is relevant to the trustworthy AI movement by offering practical recommendations to apply zero trust principles to autonomous agent systems and thus proceeds with the safe implementation of AI agents in the critical infrastructure, healthcare, finance, and other high-stakes fields.
Keywords:
Runtime attestation; Provenance tracking; Autonomous AI agents; Zero-trust architecture; Agentic workflows; Blockchain provenance; Distributed artificial intelligence; Hardware attestation.
Full text article in PDF:
Copyright information:
Copyright © 2022 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0