Zero-Trust Architecture (ZTA)

security

A security model in which no component, user, or service is inherently trusted — regardless of its position within the network. Every request must be authenticated, authorized, and validated before being processed.

In shiftagent, zero-trust is applied specifically to the AI layer. The LLM is treated as an untrusted component that never holds real credentials. All secrets are stored as vault aliases, resolved only by the forward proxy at the network boundary. Each tier in the multi-tenant hierarchy inherits and can only tighten the security posture of the tier above it. This approach achieves PCI DSS compliance by architecture rather than by policy.

Related terms

AI Agent CIBA (CIBA) Forward Proxy
← Back to Glossary