Related papers: Trusted Identities for AI Agents: Leveraging Telco-Hosted eSIM Infrastructure

Trusted Identities for AI Agents: Leveraging Telco-Hosted eSIM Infrastructure

URL: http://arxiv.org/abs/2504.16108v1
Date: Thu, 17 Apr 2025 15:36:26 GMT
Title: Trusted Identities for AI Agents: Leveraging Telco-Hosted eSIM Infrastructure
Authors: Sebastian Barros,
Abstract summary: We propose a conceptual architecture that leverages telecom-grade eSIM infrastructure.<n>Rather than embedding SIM credentials in hardware devices, we envision a model where telcos host secure, certified hardware modules.<n>This paper is intended as a conceptual framework to open discussion around standardization, security architecture, and the role of telecom infrastructure in the evolving agent economy.
Score: 0.0
License: http://creativecommons.org/licenses/by-sa/4.0/
Abstract: The rise of autonomous AI agents in enterprise and industrial environments introduces a critical challenge: how to securely assign, verify, and manage their identities across distributed systems. Existing identity frameworks based on API keys, certificates, or application-layer credentials lack the infrastructure-grade trust, lifecycle control, and interoperability needed to manage agents operating independently in sensitive contexts. In this paper, we propose a conceptual architecture that leverages telecom-grade eSIM infrastructure, specifically hosted by mobile network operators (MNOs), to serve as a root of trust for AI agents. Rather than embedding SIM credentials in hardware devices, we envision a model where telcos host secure, certified hardware modules (eUICC or HSM) that store and manage agent-specific eSIM profiles. Agents authenticate remotely via cryptographic APIs or identity gateways, enabling scalable and auditable access to enterprise networks and services. We explore use cases such as onboarding enterprise automation agents, securing AI-driven financial systems, and enabling trust in inter-agent communications. We identify current limitations in GSMA and 3GPP standards, particularly their device centric assumptions, and propose extensions to support non-physical, software-based agents within trusted execution environments. This paper is intended as a conceptual framework to open discussion around standardization, security architecture, and the role of telecom infrastructure in the evolving agent economy.

Related papers

SAGA: A Security Architecture for Governing AI Agentic Systems [13.106925341037046]
Large Language Model (LLM)-based agents increasingly interact, collaborate, and delegate tasks to one another autonomously with minimal human interaction. Industry guidelines for agentic system governance emphasize the need for users to maintain comprehensive control over their agents. We propose SAGA, a Security Architecture for Governing Agentic systems, that offers user oversight over their agents' lifecycle.
arXiv Detail & Related papers (2025-04-27T23:10:00Z)
Establishing Workload Identity for Zero Trust CI/CD: From Secrets to SPIFFE-Based Authentication [0.0]
CI/CD systems have become privileged automation agents in modern infrastructure, but their identity is still based on secrets or temporary credentials passed between systems.<n>This paper describes the shift from static credentials to OpenID Connect (OIDC) federation, and introduces SPIFFE as a platform-neutral identity model for non-human actors.
arXiv Detail & Related papers (2025-04-20T23:06:03Z)
Infrastructure for AI Agents [3.373674048991415]
AI systems can plan and execute interactions in open-ended environments, such as making phone calls or buying online goods.<n>Current tools are largely insufficient because they are not designed to shape how agents interact with existing institutions.<n>We propose the concept of agent infrastructure: technical systems and shared protocols external to agents.
arXiv Detail & Related papers (2025-01-17T10:58:12Z)
Authenticated Delegation and Authorized AI Agents [4.679384754914167]
We introduce a novel framework for authenticated, authorized, and auditable delegation of authority to AI agents.<n>We propose a framework for translating flexible, natural language permissions into auditable access control configurations.
arXiv Detail & Related papers (2025-01-16T17:11:21Z)
Combined Hyper-Extensible Extremely-Secured Zero-Trust CIAM-PAM architecture [0.0]
This paper introduces the Combined Hyper-Extensible Extremely-Secured Zero-Trust (CHEZ) CIAM-PAM architecture.<n>The framework addresses critical security gaps by integrating password-less authentication, adaptive multi-factor authentication, microservice-based PEP, multi-layer RBAC and multi-level trust systems.<n>It also includes end-to-end data encryption, and seamless integration with state-of-the-art AI-based threat detection systems.
arXiv Detail & Related papers (2025-01-03T09:49:25Z)
Internet of Agents: Weaving a Web of Heterogeneous Agents for Collaborative Intelligence [79.5316642687565]
Existing multi-agent frameworks often struggle with integrating diverse capable third-party agents. We propose the Internet of Agents (IoA), a novel framework that addresses these limitations. IoA introduces an agent integration protocol, an instant-messaging-like architecture design, and dynamic mechanisms for agent teaming and conversation flow control.
arXiv Detail & Related papers (2024-07-09T17:33:24Z)
Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
A Universal System for OpenID Connect Sign-ins with Verifiable Credentials and Cross-Device Flow [4.006745047019997]
Self-Sovereign Identity (SSI) is a new and promising identity management paradigm. We propose a comparatively simple system that enables SSI-based sign-ins for services that support the widespread OpenID Connect or OAuth 2.0 protocols.
arXiv Detail & Related papers (2024-01-16T16:44:30Z)
The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
arXiv Detail & Related papers (2024-01-03T07:47:22Z)
Smart Home, security concerns of IoT [91.3755431537592]
The IoT (Internet of Things) has become widely popular in the domestic environments. People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed. Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
arXiv Detail & Related papers (2020-07-06T10:36:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.