Filippo Scaramuzza

Filippo Scaramuzza, Renato Cordeiro Ferreira, Giovanni Quattrocchi et al.

Classical software verification and validation techniques, such as procedural audits, formal methods, or model documentation, are the traditional mechanisms used to achieve the verifiable accountability now required by regulations like the EU AI Act. These methods are either expensive or heavily manual, and ill-suited for the opaque, "black box" nature of most Artificial Intelligence (AI) models. A conflict arises: high auditability and verifiability are required by law, but such transparency conflicts with the need to protect the assets being audited (e.g., confidential data and proprietary models). This paper introduces ZKMLOps, an \ac{MLOps} verification framework that operationalizes Zero-Knowledge Proofs (ZKPs) within Machine-Learning Operations lifecycles; a ZKP allows a prover to convince a verifier that a statement is true without revealing any information about the statement itself. By integrating ZKP with established software engineering patterns, ZKMLOps provides a modular and repeatable process for generating verifiable cryptographic evidence-proofs of well-defined computational statements about the audited model and its inputs-that auditors can use as input to a regulatory compliance determination. We evaluate the framework along two dimensions. First, framework viability: orchestration overhead is bounded and stable across architecturally heterogeneous ZKP backends and models of increasing size. Second, cost-versus-assurance trade-offs: the audit-on-demand setting is the regime in which full zero-knowledge auditing is the appropriate tool, where it provides confidentiality and integrity guarantees that lighter-weight alternatives cannot match.

Marco Tonnarelli, Filippo Scaramuzza, Simon Harrer et al.

Computational data governance aims to make the enforcement of governance policies and legal obligations more efficient and reliable. Recent advances in natural language processing and agentic AI offer ways to improve how organizations share and use data. But many barriers remain. Today's tools require technical skills and multiple roles to discover, request, and query data. Automating data access using enterprise AI agents is limited by the means to discover and autonomously access distributed data. Current solutions either compromise governance or break agentic workflows through manual approvals. To close this gap, we introduce Data Product MCP integrated in a data product marketplace. This data marketplace, already in use at large enterprises, enables AI agents to find, request, and query enterprise data products while enforcing data contracts in real time without lowering governance standards. The system is built on the Model Context Protocol (MCP) and links the AI-driven marketplace with cloud platforms such as Snowflake, Databricks, and Google Cloud Platform. It supports semantic discovery of data products based on business context, automates access control by validating generated queries against approved business purposes using AI-driven checks, and enforces contracts in real time by blocking unauthorized queries before they run. We assessed the system with feedback from n=16 experts in data governance. Our qualitative evaluation demonstrates effectiveness through enterprise scenarios such as customer analytics. The findings suggest that Data Product MCP reduces the technical burden for data analysis without weakening governance, filling a key gap in enterprise AI adoption.