Fortifying the Agentic Web: A Unified Zero-Trust Architecture Against Logic-layer Threats
This addresses security vulnerabilities in agent-based web systems, offering a forward-looking blueprint for a secure ecosystem, though it appears incremental as it builds on existing zero-trust and identity concepts.
The paper tackles the problem of logic-layer threats in the Agentic Web by proposing a Unified Zero-Trust Architecture, which provides provable security guarantees against LPCI attacks with bounded probability of success.
This paper presents a Unified Security Architecture that fortifies the Agentic Web through a Zero-Trust IAM framework. This architecture is built on a foundation of rich, verifiable agent identities using Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs), with discovery managed by a protocol-agnostic Agent Name Service (ANS). Security is operationalized through a multi-layered Trust Fabric which introduces significant innovations, including Trust-Adaptive Runtime Environments (TARE), Causal Chain Auditing, and Dynamic Identity with Behavioral Attestation. By explicitly linking the LPCI threat to these enhanced architectural countermeasures within a formal security model, we propose a comprehensive and forward-looking blueprint for a secure, resilient, and trustworthy agentic ecosystem. Our formal analysis demonstrates that the proposed architecture provides provable security guarantees against LPCI attacks with bounded probability of success.