AI Agent

Securing AI Agent Communication: Decentralized Identity & Protocol

14 March 2025

Securing AI Agent Communication: Decentralized Identity & Protocol

1. What are the biggest challenges in enabling AI agents to communicate securely across different enterprises? 

There are two important aspects to this communication:

·         Identity
·         Protocol

Let us do a deeper dive on each of these aspects.

IDENTITY

Today AI Agents are being built for use within enterprises and being built in such a manner that they are simply extensions of robotic process automation scripts.  This is a major flaw.  AI Agents have to have Permanent IDs because without identity there is no traceability or accountability as to who or what performed a particular task.  This accountability and traceability is there with Human operators because everyone has an Employee ID within an organization.  AI Agents have to accounted for from a security standpoint at the same level as humans and not as RPA scripts.  

The identity of an AI Agent within an organization can be tied to the Identity and Access Management system (IAM) of that enterprise which may Okta or Microsoft Active Directory etc.  In the real world this is tantamount to a Driver’s License for movement throughout America even for Domestic Air travel.

Now, if we extend the AI Agent’s reach outside of an Enterprise and need it to communicate with other AI Agents outside of the Enterprise, this crosses the Trust Boundaries governed by the IAM.  So, how can trust be established between two AI Agents across Enterprise or trust boundaries?  

A complex and unscalable approach would be the federation of IAMs between any two peering enterprises.  This is cumbersome and not scalable because it becomes a N(N-1)/2 problem.

Now, if we use a Decentralized Identity Access Management system (Registry) and a Decentralized ID then any Agent can discover, and authenticate any other Agent.  This is a scalable and inexpensive solution to a complex problem.  In the real world, this is tantamount to having to carry a Passport for International air travel.  This approach can also be used within an organization if an enterprise chooses to do so.

Another important aspect is how this Identity held is held by an AI Agent?

Each AI Agent whether operating internally within a trust boundary or between trust boundaries needs a receptacle to carry its identity.  In the real world, this is similar to how human’s carry a wallet with their Driver’s License, cash, credit cards, medical cards and more.  So a Wallet is needed to hold the identity of an Agent.

PROTOCOL

Once an AI Agent is equipped with a Decentralized ID, Wallet and is registered in a Registry, it is ready to communicate with other AI Agents.  But in order to do that, one needs a protocol – i.e. a way of communicating.  

This protocol needs two aspects – 

·         To authenticate the other agent(s) 
·         A vocabulary for communicating.

The authentication is common to any interaction as this is not context specific.

The communication vocabulary is however context specific.  

For instance, 

·         if two agents are trading with one another in the stock exchange, they are communicating about buying and selling equities at a given price.  

Whereas, 

·         if two agents are communicating on the topic of health insurance, they may be discussing ICD-10 and CPT codes appropriate for Medical billing.   

2. How can AI agent authentication and identity management prevent security risks?

Identity Management and Authentication are key building blocks in establishing trust between AI Agents.  As described earlier, one needs to have a decentralized ID, a Registry and a Protocol for communication to occur between any two AI Agents.

Now, the first half of that communication is to authenticate the other agent.  Say Agent A wishes to authenticate Agent B.  A number of trust factors would have to be established when each of these agents are initially registered on the Registry.

a. Provenance: 

Which entity created this agent ?  Are they legitimate?   An example of this is during App registration on the Apple App store, where Apple administers a rigorous background check on the entities attempting to submit a mobile application for listing.  Similar checks need to be done as part of the submission to the Registry. 

b. KYA:

To prove the legitimacy of an Agent, there needs to be a Know-Your-Agent (KYA) process established.  There will be background checks (police, Interpol, FBI and several other checks) similar to KYC/AML.

c. Secure Execution Environment: 

To avoid a legitimate agent being infected by malicious code that makes it behave in an improper manner, it is paramount that agents operate within a secure execution environment.

3. What industries are most likely to benefit first from widespread AI agent adoption?

There are many use cases for Agent to Agent communication that would improve efficiency and cost.  Let us describe a common one in Healthcare.

Healthcare

In a typical scenario when a patient arrives at a clinic for a health checkup, the patient presents their Health Insurance ID to the admin person.  The admin person then calls the Health Insurance company to verify the legitimacy of the Health Insurance ID.  This process is still done manually in most cases.  Upon completion of this check, the patient is admitted for consultation.  Upon completion, the notes are summarized, the Medical billing codes are then negotiated with the Health Insurance company.

If we decompose this example into a workflow, we can identity very easily the steps that can be solved by agents.

  • Insurance ID Verification – Verification Agentic (2 Party)
  • Consultation – Human
  • Transcription – Transcription Agent
  • Summarization  – Summarization Agent
  • Medical Billing – Billing Agent (2 Party)

4. How does AI agent interoperability impact regulatory compliance in industries like finance and healthcare?

In Healthcare and Finance there are compliance measures such as HIPAA and SOC2.   AI Agent communications are in fact safer than Human in the loop in many cases because AI Agents do not do the following:

  • Leave a paper trail e.g. writing critical info on Post-It Notes or notepads that Humans always do.
  • Talk loudly or spell out key information without realizing it could be recorded 
  • No audit trails for every interaction

Further measures include:

  • Protocols in Agent to Agent communication can be encrypted 
  • Storing information in repositories in a HIPAA or SOC2 compliant format
  • Masking Personally Identifying Information (PII) whenever needed 
  • Providing audit trails for every action and interaction with other agents or Humans

5. What ethical considerations come with AI agents handling autonomous transactions?

Ethical considerations are an important consideration when agents are used in workflows.  The state of the art AI Agents are still not at the maturity level industry wide to make ethical or moral decisions in our opinion.

To resolve this, when there are moral and ethical dilemmas, it is best to include Humans in the Loop as part of the decision making process.  If there are decisions that can be automated without such considerations, is when Agents can autonomously make decisions.  

In Autonomous agents, examples of such junction points where are ethical considerations can happen:

  • Healthcare – if a patient is issued an insurance denial by an Insurance bot , there need to be provisions for a Human in the Loop to review the case and make a decision as there may be life threatening issues.
  • Finance – a loan denial may involve a customer going through hardship.  Quite often hardships can be resolved with a payment plan and restructuring of finances.  Again, a Human in the Loop to show empathy  may be needed in a situation such as this.

6. How can businesses ensure AI agents remain aligned with human decision-making rather than operating independently?

Businesses can ensure AI Agents and Humans align on decision making by designing workflows with Human in the Loop.  This will ensure that there is oversight, traceability, accountability, observability and governance in all workflows.  

7. What role do decentralized architectures play in AI agent security and reliability?

As mentioned on the section on Identity and Access Management, Decentralized Architectures are key for establishing communication between Agents. 

Over time, we foresee all humans having their own Digital Twins.  These Digital Twins will operate on behalf of humans and carry out tasks such as shopping, searching, booking reservations, and more.

For this reason, unlike all other AI Agents, AI Agents made by Synergetics are NFTs from the ground up with Wallets and Identity-  ready to navigate the vast resources of the world wide web.

8. How will AI agents evolve from assisting human workflows to managing end-to-end processes autonomously?

In many enterprises, knowledge on work processes is buried with the staff working at these organizations.  We call this “Tribal Knowledge”.  

In order for enterprises to transition from AI Agent assisted human workflows to AI Agents operating workflows autonomously, it is necessary for enterprises to bring this tribal knowledge to the surface.

Once these workflows are are clearly understood, one can identify workflows that can be automated and run autonomously by AI Agents and those requiring human intervention.  

9. What lessons can enterprises learn from early adopters of AI-driven automation?

In this early stage, we are seeing a lot of companies claiming to have AI Agents but most are simply thin veneers on top of an LLM.

To have true AI Agents, one needs to consider:

  • Identity
  • Discoverability
  • Traceability, Observability, Accountability
  • Transaction Management, and more

These early AI Agents are simple Prototypes with very little thought given to long term considerations.  Hence, enterprises can learn from these experiences and evolve to more industrial-strength AI Agents which are more capable with sound engineering principles behind them.

10. What are the most common misconceptions about AI agents and their real-world applications?

Several common misconceptions are:

  1. Human job loss:  While there are concerns about some repetitive type work that can be easily automated, humans have always upskilled to better, higher value added work through multiple Industrial Revolutions of the past.  This time will be no different. In most complex workflows, there will be the need for Humans to be in the loop and so job loss fears are overblown.  New vocations will come about e.g. Prompt Engineer, and some older vocations would evolve e.g. Paralegal.
  2. Artificial General Intelligence:  In AI there are seven levels on evolution, and one of them is AGI.  Talk of AGI is again overblown because decision making in many cases is not simply the application of  logic to a problem.  It goes well beyond that.

    Other factors include:
  • Sentiment 
    • e.g. many a time humans are not logical but biological and decide based on the wisdom of the crowds
  • Emotions 
    • e.g. machines are not capable of emotions
  • Ethical considerations 
    • e.g. needs human in the loop
  • Moral considerations 
    • e.g. needs human in the loop
  • Sensory perception 
    • eg. automated car decides to take a turn based on the distance and speed of oncoming traffic


Raghu Bala is Founder of Synergetics.ai , an AI startup, based in Orange County, California.  He is an experienced technology entrepreneur and is an alumnus of Yahoo, Infospace, Automotive.com, PwC, and has had 4 successful startup exits.

Mr. Bala possesses an MBA in Finance from the Wharton School (University of Pennsylvania), an MS in Computer Science from Rensselaer Polytechnic Institute and a BA/BS in Math and Computer Science from the State University of New York at Buffalo.  He is the Head Managing Instructor at 2U and facilitates participants through MIT Sloan courses in Artificial Intelligence, Decentralized Finance and Blockchain.  He is also an Adjunct Professor at VIT (India), and an ex-Adjunct Lecturer at Columbia University, and a Deeptech Mentor at IIT Madras(India).

 He is a published author of books on technical topics and is a frequent contributor online for the last two decades.  His latest books include – co-author of “Handbook on Blockchain” for Springer-Verlag publications, and a Contributing Editor of “Step into the Metaverse” from John Wiley Press, and various technical articles on Medium.com.    

Mr Bala has spoken at several major conferences worldwide including IEEE Smartcomp – Blockchain Panel (Helsinki),  Asian Financial Forum in Hong Kong, Global Foreign Direct Investment Conference in Sydney (Australia) and Huzhou (China), Blockchain Malaysia, IoT India Congress, Google IO, and several more.  He is also served as a Board member of AIM – The global industry association that connects, standardizes and advances automatic identification technologies.

His current areas of focus include Product Development, Engineering and Strategy in the startups related to Agentic AI, Autonomous Agents, Generative AI, IoT, Artificial Intelligence, and the Metaverse.  His industrial domain knowledge spans Automotive, Retail, Supply Chain & Logistics, Healthcare, Insurance, Mobile & Wireless, and more.