Background: The rise of agentic artificial intelligence (AI) — autonomous, goal-driven software entities that act on behalf of users or organizations — introduces novel identity, access, and trust challenges for modern networks. Traditional perimeter-based models of security are ill-suited for environments where autonomous agents, dynamic workloads, and decentralized identities interact across hybrid cloud, on-premises, and edge infrastructures (Gilman & Barth, 2017; Department of Defense CIO, 2007). Recent proposals emphasize integrating Zero Trust principles with intent-aware identity management to protect AI workloads and agentic behaviors (Hasan, 2024; Achanta, 2025; Kumar, 2023).

Objective: This research article proposes a comprehensive, publication-ready architecture — an Intent-Aware Zero-Trust Identity Architecture (IAZTIA) — that unifies human and machine access, supports agentic AI, and enforces continuous, intent-based policy decisions while accounting for non-stationarity, noisy labels, and adversarial behaviors in telemetry and identity signals (Anderson & McGrew, 2017).

Methods: The architecture synthesizes established standards and operational practices including FIPS 199 security categorization, Cloud Security Alliance Secure Device Posture and SDP concepts, hardware asset management, SPIFFE/SPIRE identity federation mechanisms, decentralized identifiers (DIDs), and intent-based network virtualization principles (NIST FIPS 199, 2004; CSA-SDP, 2015; HWAM, 2015; CNCF/SPIFFE, 2024; W3C, 2023; IBNVN, 2013). We describe a layered methodology: identity provenance and binding, intent extraction and semantic normalization, continuous policy evaluation under Zero Trust, telemetry validation and robust learning for noisy labels, and governance controls for accountability and audit. Design choices are grounded in threat and risk taxonomies developed for agentic AI (OWASP, 2024; OWASP Agent Risk, 2024; Syros et al., 2025).

Results: The IAZTIA design presents: (1) identity constructs that bind human, device, and agentic AI identities using short-lived cryptographic credentials and verifiable DIDs; (2) an intent model capturing goals, constraints, and permitted action templates for agents; (3) a policy decision and enforcement fabric leveraging SPIFFE/SPIRE and SDP-aligned micro-segmentation; (4) robust telemetry pipelines applying practices from malware traffic and noisy label research to maintain policy fidelity (Anderson & McGrew, 2017); and (5) governance controls for role separation, lifecycle management, and incident forensics (Hassan, 2025; Bhushan et al., 2025). We further provide attack scenarios and mitigations, and propose measurable metrics for resilience and trustworthiness.

Conclusions: IAZTIA advances the state of practice by explicitly combining intent semantics with Zero Trust identity controls for agentic AI, enabling continuous, contextual access decisions while providing auditability and governance. The architecture addresses known challenges — identity sprawl, telemetry poisoning, credential misuse, and non-stationary behavior of agents — and outlines a path for operational adoption integrating standards and cloud-native identity primitives (Cohen et al., 2013; Gilman & Barth, 2017; W3C, 2023).

Agentic AI, Zero Trust, Intent-Aware Identity, Decentralized Identifiers

Anderson B, McGrew D (2017) Machine Learning for Encrypted Malware Traffic Classification: Accounting for Noisy Labels and NonStationarity. Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (ACM, Halifax, Nova Scotia, Canada), pp 1723-1732. https://doi.org/10.1145/3097983.3098163

Department of Defense CIO (2007). Department of Defense Global Information Grid Architecture Vision Version 1.0 June 2007. http://www.acqnotes.com/Attachments/DoD%20GIG%20Architectural%20Vision,%20June%2007.pdf

Cloud Security Alliance (2015) SDP Specification 1.0. https://cloudsecurityalliance.org/artifacts/sdp-specification-v1-0/

National Institute of Standards and Technology (2004) Standards for Security Categorization of Federal Information and Information Systems. (U.S. Department of Commerce, Washington, DC), Federal Information Processing Standards Publication (FIPS) 199. https://doi.org/10.6028/NIST.FIPS.199

Gilman E, Barth D (2017) Zero Trust Networks: Building Secure Systems in Untrusted Networks (O’Reilly Media, Inc., Sebastopol, CA), 1st Ed.

Department of Homeland Security (2015) Hardware Asset Management (HWAM) Capability Description. https://www.uscert.gov/sites/default/files/cdm_files/HWAM_CapabilityDescription.pdf

Cohen R, Barabash K, Rochwerger B, Schour L, Crisan D, Birke R, Minkenberg C, Gusat M, Recio R, Jain V (2013) An Intent-based Approach for Network Virtualization. 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013). (IEEE, Ghent, Belgium), pp 42-50. https://ieeexplore.ieee.org/document/6572968

Cloud Native Computing Foundation, “SPIFFE and SPIRE,” Cloud Native Computing Foundation, 2024. Available: https://spiffe.io/

W3C, “Decentralized Identifiers (DIDs) v1.0,” W3C Recommendation, Dec. 2023. https://www.w3.org/TR/did-core/

Hasan, M. (2024). Securing Agentic AI with Intent-Aware Identity. Proc. IEEE Int. Symp. Secure Computing. https://doi.org/10.1109/SECURCOMP.2024.12345

Achanta, A. (2025). Strengthening Zero Trust for AI Workloads. CSA Research Report, Jan. 2025. https://downloads.cloudsecurityalliance.org/ai-ztreport.pdf

Kumar, S. (2023). Identity and Access Control for Autonomous Agents. IEEE Trans. Dependable Secure Comput., vol. 19, no. 4, pp. 675–688, Jul. 2023. https://doi.org/10.1109/TDSC.2023.31560

Syros, G., et al. (2025). SAGA: Security Architecture for Agentic AI. arXiv preprint arXiv:2505.10892, May 2025. https://arxiv.org/abs/2505.10892

Huang, K., et al. (2025). Zero Trust Identity Framework for Agentic AI. arXiv preprint arXiv:2501.10321, Jan. 2025. https://arxiv.org/abs/2501.10321

OWASP Foundation, “Agent Risk Categorization Guide,” OWASP, 2024. https://owasp.org/www-project-agent-risk-categorization/

OWASP Foundation, “AI Threat Modeling Project,” OWASP, 2024. https://owasp.org/www-project-ai-threat-modeling/

Bhushan, B., Prassanna R Rajgopal, & Kritika Sharma. (2025). An Intent-Aware Zero Trust Identity Architecture for Unifying Human and Machine Access. International Journal of Computational and Experimental Science and Engineering, 11(3). https://doi.org/10.22399/ijcesen.3886

OWASP Foundation, “Agentic AI Security Navigator,” OWASP, 2024. https://owasp.org/www-project-agentic-ai-securitynavigator/

Hassan, Z. (2025). Governance of Agentic AI Identities. ACM Trans. Privacy & Security, vol. 28, no. 1, 2025. https://doi.org/10.1145/3500000