ChaptersEventsBlog
Join us on September 3rd for The Evolution of Cloud Network Security webinar. Register now!

Download Publication

Agentic AI Identity and Access Management: A New Approach
Agentic AI Identity and Access Management: A New Approach
Who it's for:
Who It’s For
  • Identity and access management professional
  • Security architects and engineers
  • AI and ML infrastructure teams
  • CISOs and cybersecurity leaders
  • Compliance and governance officers
  • Enterprise architects deploying Multi-Agent Systems

Agentic AI Identity and Access Management: A New Approach

Release Date: 08/18/2025

Agentic AI is pushing the boundaries of automation, autonomy, and decision-making at machine speed. But traditional identity and access management (IAM) protocols, designed for static applications and human users, can’t keep up.

This publication from the Cloud Security Alliance (CSA) introduces a purpose-built Agentic AI IAM framework that accounts for autonomy, ephemerality, and delegation patterns of AI agents in complex Multi-Agent Systems (MAS). It provides security architects and identity professionals with a blueprint to manage agent identities using Decentralized Identifiers (DIDs), Verifiable Credentials (VCs), and Zero Trust principles, while addressing operational challenges like secure delegation, policy enforcement, and real-time monitoring.

Readers will learn how to:
  • Identify shortcomings of OAuth 2.1, SAML, and OIDC in agentic environments
  • Define rich, verifiable Agent IDs that support traceable, dynamic authentication
  • Apply decentralized and privacy-preserving cryptographic architectures
  • Enforce fine-grained, context-aware access control using just-in-time credentials
  • Build zero trust IAM systems capable of scaling to thousands of agents

With detailed guidance on deployment models, governance consideration, and threat mitigation using the MAESTRO framework, this publication lays the foundation for secure identity and access in the next generation of AI systems.
Download this Resource

Prefer to access this resource without an account?
Download the publication. Download the presentation.

Bookmark
Share
Related resources
Zero Trust Guidance for Small and Medium Size Businesses (SMBs) - Korean Translation
Zero Trust Guidance for Small and Medium Size B...
Secure Agentic System Design: A Trait-Based Approach
Secure Agentic System Design: A Trait-Based App...
Healthcare Confidential Computing and the Trusted Execution Environment
Healthcare Confidential Computing and the Trust...
Achieving Resilience Through Zero Trust
Achieving Resilience Through Zero Trust
Published: 08/29/2025
The Emerging Identity Imperatives of Agentic AI
The Emerging Identity Imperatives of Agentic AI
Published: 08/28/2025
Introducing DIRF: A Comprehensive Framework for Protecting Digital Identities in Agentic AI Systems
Introducing DIRF: A Comprehensive Framework for Protecting Digital ...
Published: 08/27/2025
The Urgent Need for Hypervisor Security in Healthcare
The Urgent Need for Hypervisor Security in Healthcare
Published: 08/26/2025
Cloudbytes Webinar Series
Cloudbytes Webinar Series
January 1 | Virtual

Acknowledgements

Chris Hughes
Chris Hughes
Co-Founder and CISO at Aquia

Chris Hughes

Co-Founder and CISO at Aquia

Chris currently serves as the Co-Founder and CISO of Aquia. Chris has nearly 20 years of IT/Cybersecurity experience. This ranges from active duty time with the U.S. Air Force, a Civil Servant with the U.S. Navy and General Services Administration (GSA)/FedRAMP as well as time as a consultant in the private sector. In addition, he also is an Adjunct Professor for M.S. Cybersecurity programs at Capitol Technology University and University of...

Read more

John Yeoh
John Yeoh
Global Vice President of Research, CSA

John Yeoh

Global Vice President of Research, CSA

With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next generation technology (IoT, Big Data, SecaaS, Quantum). John specializes in risk management, third party assessment, GRC, data protection, incid...

Read more

Ken Huang
Ken Huang
CEO & Chief AI Officer, DistributedApps.ai

Ken Huang

CEO & Chief AI Officer, DistributedApps.ai

Ken Huang is an acclaimed author of 8 books on AI and Web3. He is the Co-Chair of the AI Organizational Responsibility Working Group and AI Control Framework at the Cloud Security Alliance. Additionally, Huang serves as Chief AI Officer of DistributedApps.ai, which provides training and consulting services for Generative AI Security.

In addition, Huang contributed extensively to key initiatives in the space. He is a core contribut...

Read more

Jayesh Dalmet
Jayesh Dalmet
Network Security Engineer L4 ( Sr. Security Engineer), NetApp

Jayesh Dalmet

Network Security Engineer L4 ( Sr. Security Engineer), NetApp

Responsible for leading the design, implementation, and maintenance of security tools, technologies, and solutions across the organization. In this senior-level leading role, I collaborate with cross-functional teams, provide technical guidance, and drive the strategic direction of security tooling initiatives to protect organization.

Read more

Eray Altili
Eray Altili
Cyber Security Architect

Eray Altili

Cyber Security Architect

Vineeth Narajala Headshot Missing
Vineeth Narajala

Vineeth Narajala

Jason Ross Headshot Missing
Jason Ross

Jason Ross

Mahesh Lambe Headshot Missing
Mahesh Lambe

Mahesh Lambe

Ramesh Ramani Headshot Missing
Ramesh Ramani

Ramesh Ramani

Ramesh Raskar Headshot Missing
Ramesh Raskar

Ramesh Raskar

Jerry Huang Headshot Missing
Jerry Huang

Jerry Huang

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training