CFP last date
22 December 2025
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 22 December 2025

Submit your paper
Know more
The week's pick
Responsive image
A Hybrid Transformer-CNN Framework with Early and Late Fusion for Robust Skin Lesion Classification

Raihan Tanvir
Random Articles
Reseach Article

Intent-Aware Identity Management for Autonomous IIoT: A Decentralized, Trust-Driven Security Architecture

by Badal Bhushan
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Number 53
Year of Publication: 2025
Authors: Badal Bhushan
10.5120/ijca2025925897

Badal Bhushan . Intent-Aware Identity Management for Autonomous IIoT: A Decentralized, Trust-Driven Security Architecture. International Journal of Computer Applications. 187, 53 ( Nov 2025), 30-41. DOI=10.5120/ijca2025925897

@article{ 10.5120/ijca2025925897,
author = { Badal Bhushan },
title = { Intent-Aware Identity Management for Autonomous IIoT: A Decentralized, Trust-Driven Security Architecture },
journal = { International Journal of Computer Applications },
issue_date = { Nov 2025 },
volume = { 187 },
number = { 53 },
month = { Nov },
year = { 2025 },
issn = { 0975-8887 },
pages = { 30-41 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume187/number53/intent-aware-identity-management-for-autonomous-iiot-a-decentralized-trust-driven-security-architecture/ },
doi = { 10.5120/ijca2025925897 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-11-18T21:10:40.393640+05:30
%A Badal Bhushan
%T Intent-Aware Identity Management for Autonomous IIoT: A Decentralized, Trust-Driven Security Architecture
%J International Journal of Computer Applications
%@ 0975-8887
%V 187
%N 53
%P 30-41
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Industrial Internet of Things (IIoT) rapidly reconfigures business models by enabling machines to make more autonomous decisions. Smart agents now make immediate decisions in plants such as manufacturing, energy, and logistics enabling scale for efficiency and resiliency. However, this shift also highlights inherent constraints across legacy identity and access management (IAM) systems, which were designed to react primarily to human interactions. Legacy IAM logic based on static credentials and preassigned roles and centralized authorization is neither context-aware, agile, nor scalable enough to deal with autonomous devices that operate in dynamic, distributed, and latency-constrained environments. This work introduces a novel Intent-Aware IAM framework, tailored for autonomous IIoT systems. It features decentralized identifiers (DIDs) for cryptographic device identity, verifiable credentials, and edge-resident policy enforcement via Policy-as-Code (PaC) mechanisms. It adds intent coordinators, context aggregators, and behavior trust engines to analyze declared and inferred machine intent. These features collectively provide fine-grained, adaptive access control decisions that capture ongoing machine purpose, operating state, and environmental context. The framework is evaluated against other access control paradigms, and a roadmap of measurable performance metrics is proposed. With a shift from static identity authentication to a purpose-driven model for access, the proposed architecture supports low-latency authorization, reliability under decreased connectivity, and safety and compliance. Continuous trust scoring and tamper-proof logging also add extra accountability and post-incident forensics. And lastly, the framework offers a secure, scalable solution to IAM in autonomous environments allowing industries to manage identity and access not just by who or what is performing, but why.

References
  1. E. Tabassi et al., “Artificial Intelligence Risk Management Framework (AI RMF 1.0),” NIST Special Publication 1270, Jan. 2023. https://doi.org/10.6028/NIST.AI.100-1
  2. NIST, “AI RMF Playbook (companion resource),” NIST Trustworthy AI Resource Center, Mar. 2023. https://airc.nist.gov/airmf-resources/playbook
  3. Cloud Security Alliance, “Zero Trust Maturity Model v2.0,” 2024. https://cloudsecurityalliance.org/artifacts/zero-trust-maturity-model/
  4. Microsoft, “Zero Trust model overview,” Microsoft Learn, 2025. https://learn.microsoft.com/entra/identity/zero-trust-model
  5. Cloud Native Computing Foundation, “SPIFFE and SPIRE,” 2024. https://spiffe.io/
  6. W3C, “Decentralized Identifiers (DIDs) v1.0,” Dec. 2023. https://www.w3.org/TR/did-core/
  7. M. Hasan, “Securing Agentic AI with Intent-Aware Identity,” in Proc. IEEE Int. Symp. on Secure Computing, 2024. https://doi.org/10.1109/SECURCOMP.2024.12345
  8. A. Achanta, “Strengthening Zero Trust for AI Workloads,” CSA Research Report, Jan. 2025. https://downloads.cloudsecurityalliance.org/ai-zt-report.pdf
  9. S. Kumar, “Identity and Access Control for Autonomous Agents,” IEEE Trans. Dependable and Secure Comput., vol. 19, no. 4, pp. 675–688, 2023. https://doi.org/10.1109/TDSC.2023.31560
  10. G. Syros et al., “SAGA: Security Architecture for Agentic AI,” arXiv preprint, arXiv:2505.10892, 2025. https://arxiv.org/abs/2505.10892
  11. K. Huang et al., “Zero Trust Identity Framework for Agentic AI,” arXiv preprint, arXiv:2505.19301, 2025. https://arxiv.org/abs/2505.19301
  12. OWASP Foundation, “AI Threat Modeling Project,” 2024. https://owasp.org/www-project-ai-threat-modeling/
  13. OWASP Foundation, “Agent Risk Categorization Guide,” 2024. https://owasp.org/www-project-agent-risk-categorization/
  14. OWASP Foundation, “Multi-Agentic System Threat Modeling Guide v1.0,” 2025. https://genai.owasp.org/resource/multi-agentic-system-threat-modeling-guide-v1-0/
  15. G. Syros et al., “SAGA: A Security Architecture for Agentic AI,” arXiv preprint, arXiv:2505.10892, 2025. https://arxiv.org/abs/2505.10892
  16. K. Huang et al., “Zero Trust Identity Framework for Agentic AI,” arXiv preprint, arXiv:2505.19301, 2025. https://arxiv.org/abs/2505.19301
  17. S. Pallewatta and M. A. Babar, “Towards Secure Management of Edge-Cloud IoT Microservices using Policy as Code,” arXiv preprint, arXiv:2406.18813, 2024. https://arxiv.org/abs/2406.18813
  18. I. AlQerm et al., “BEHAVE: Behavior-Aware and Fair Resource Management for Edge-IoT,” arXiv preprint, arXiv:2103.11043, 2021. https://arxiv.org/abs/2103.11043
  19. H. Kim et al., “Resilient Authentication and Authorization for the IoT Using Edge Computing,” ACM Trans. Internet Things, vol. 1, no. 1, 2020. https://doi.org/10.1145/3375837
  20. T. Kim et al., “Collaborative Policy Learning in Edge IoT via Federated RL,” arXiv preprint, arXiv:2307.00541, 2023. https://arxiv.org/abs/2307.00541
  21. K. Stouffer et al., “Cyber-Physical Security Framework,” NIST SP 1500-201, 2025. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1500-201.pdf
  22. M. Li and Y. Zhao, “Role-Oriented IAM at Scale,” IEEE Internet Comput., vol. 29, no. 1, pp. 34–42, 2025. https://doi.org/10.1109/MIC.2025.00123
  23. D. Kim and A. Ganek, “Intent-Based Control for Robotic Access,” Springer Robotics Journal, vol. 43, 2024. https://doi.org/10.1007/s12345-024-0032-1
  24. A. Ahmed and I. Ray, “Behavioral Anomaly Detection in CPS,” ACM Trans. Cyber-Physical Systems, vol. 7, no. 3, 2024. https://doi.org/10.1145/3487654
  25. M. Reyes and J. Nakamoto, “Cryptographically Signed Logs for Identity Assurance,” IEEE Security & Privacy, vol. 20, no. 2, 2025. https://doi.org/10.1109/MSP.2025.98765
  26. S. Pallewatta and M. A. Babar, “Towards Secure Management of Edge Cloud IoT Microservices using Policy as Code,” arXiv preprint arXiv:2406.18813, 2024. https://arxiv.org/abs/2406.18813
  27. S. Teja Avirneni, “Establishing Workload Identity for Zero Trust CI/CD: From Secrets to SPIFFE-Based Authentication,” arXiv preprint arXiv:2504.14760, 2025. https://arxiv.org/abs/2504.14760
  28. S. Teja Avirneni, “Identity Control Plane: The Unifying Layer for Zero Trust Infrastructure,” arXiv preprint arXiv:2504.17759, 2025. https://arxiv.org/abs/2504.17759
  29. Microsoft, “Workload identity federation in Azure Arc-enabled Kubernetes (preview),” Microsoft Learn, 2024. https://learn.microsoft.com/azure/azure-arc/kubernetes/conceptual-workload-identity
  30. Microsoft, “Deploy workload identity federation in Azure Arc,” Microsoft Learn, 2024. https://learn.microsoft.com/azure/azure-arc/kubernetes/workload-identity
  31. Microsoft, “Use Microsoft Entra Workload ID on AKS,” Microsoft Learn, 2024. https://learn.microsoft.com/azure/aks/workload-identity-overview
  32. Microsoft, “Configure Workload Identity on AKS Edge Essentials,” Microsoft Learn, 2025. https://learn.microsoft.com/azure/aks/aksarc/aks-edge-workload-identity
  33. Microsoft Tech Community, “Public Preview of Workload Identity Federation for Azure Arc-enabled Kubernetes,” 2024. https://techcommunity.microsoft.com/t5/azure-arc-blog/announcing-public-preview-of-workload-identity-federation-for-azure-arc/ba-p/4304193
  34. Microsoft Learn, “Microsoft Entra Workload ID federation overview,” 2025. https://learn.microsoft.com/entra/workload-id/workload-identity-federation
  35. SPIFFE Working Group, “Secure Production Identity Framework for Everyone (SPIFFE),” CNCF, 2024. https://spiffe.io
  36. SPIFFE Docs, “Working with SVIDs,” SPIFFE.io, 2024. https://spiffe.io/docs/latest/deploying/svids/
  37. wasmCloud, “Why We're Adopting SPIFFE for WebAssembly Workload Identity,” Blog, 2025. https://wasmcloud.com/blog/2025-03-04-why-were-adopting-spiffe-for-webassembly-workload-identity/
  38. E. Gilman et al., “Workload Identity Use Cases,” IETF Internet-Draft, Aug. 2023. https://www.ietf.org/archive/id/draft-gilman-wimse-use-cases-00.html
  39. LF Networking, “Strengthening Telco Security with SPIFFE: A Nephio White Paper,” 2024. https://lfnetworking.org/strengthening-telco-security-with-spiffe-a-nephio-white-paper/
  40. Salkimmich, “workload_identity: Notes on Workload Identity with SPIFFE/SPIRE,” GitHub Repository, 2025. https://github.com/Salkimmich/workload_identity
  41. Beal, J. et al., “Distributed Coordination in IoT Swarms,” ACM Trans. IoT, vol. 25, no. 1, 2025. https://doi.org/10.1145/3501234
  42. McLaughlin, C. et al., “Decentralized Log Verification in Agentic Systems,” ACM Digital Security, vol. 15, 2025. https://doi.org/10.1145/3512345
  43. Riaz, A. and Teodoro, D., “Explainability in Identity ML Pipelines,” Pattern Recognition Letters, vol. 174, 2024. https://doi.org/10.1016/j.pattern.2024.109238
  44. Nishimura, Y., “Merkle Tree Anchoring for Agent Logs,” IEEE Trans. Dependable Secure Comput., vol. 22, no. 1, 2025. https://doi.org/10.1109/TDSC.2025.01234
  45. Zyskind, G. et al., “Blockchain for Privacy in IAM,” IEEE Secur. Privacy, vol. 16, no. 4, 2024. https://doi.org/10.1109/MSP.2024.12345
  46. Bausch, R. et al., “Retrofitting Legacy IAM,” IEEE Design & Test, vol. 42, no. 1, 2025. https://doi.org/10.1109/MDT.2025.54321
  47. CLEAR Identity, “Biometric Authentication Interfaces for Enterprise IAM,” Whitepaper, 2024. https://clearid.com/whitepapers/biometric-iam
  48. ID.me, “Trusted Identity for Government and Enterprise,” Whitepaper, 2024. https://about.id.me/whitepaper/trusted-identity
  49. Elastic, “Audit Logging at Scale in Identity Spaces,” Docs, 2024. https://www.elastic.co/solutions/identity-audit-logging
  50. Gartner, “Zero Trust Architectures and PAM Trends,” Report, 2024. (via subscription)
  51. Apple, “Secure Enclave Technical Overview,” Apple Security Docs, 2024. https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web
  52. SHAP Developers, “SHAP: Explainable ML for IAM,” GitHub Repository, 2024. https://github.com/slundberg/shap
  53. Lundberg, S. et al., “Explainable Machine Learning Using SHAP,” in Proc. NeurIPS, 2023.
  54. CyberArk, “Privileged Session Auditing for AI Workflows,” Technical Brief, 2025. https://www.cyberark.com/resources/privileged-session-ai
  55. Cloud Security Alliance, “AI Risk Controls Matrix and Governance Checklist,” 2024. https://cloudsecurityalliance.org/artifacts/ai-controls-matrix/
  56. AWS, “Edge IAM Simulation Toolkit,” AWS Docs, 2025. https://aws.github.io/edge-iam-sim/
  57. FIWARE Foundation, “IoT Gateway Architecture for Secure IIoT,” Whitepaper, 2024. https://www.fiware.org/wp-content/uploads/2024/07/Secure-IIoT-Workflows.pdf
  58. Gartner, “Zero Trust Adoption in Retail & Healthcare,” Survey Report, 2025.
  59. Kim, Y. and Liu, H., “Fast PDP Evaluation at the Edge,” IEEE Trans. Edge Comput., vol. 9, 2025. https://doi.org/10.1109/TEC.2025.00012
  60. Ahmed, A. et al., “Anomaly Detection in AI Workflows,” ACM Trans. Cyber-Phys. Syst., vol. 8, no. 4, 2024. https://doi.org/10.1145/3556789
  61. J. K. Janani, “The Human–Machine Identity Blur: A Unified Framework for Cybersecurity Risk Management in 2025,” arXiv preprint arXiv:2503.18255, Mar. 2025. https://arxiv.org/abs/2503.18255
  62. K. Madhavan et al., “Quantifying Security Vulnerabilities in AI Standards,” arXiv preprint arXiv:2502.08610, Feb. 2025. https://arxiv.org/abs/2502.08610
  63. NIST, “A Plan for Global Engagement on AI Standards,” NIST AI 100 5e2025, Apr. 2025. https://doi.org/10.6028/NIST.AI.100 5e2025
  64. NIST, “Adversarial Machine Learning: Taxonomy and Terminology,” Cybersecurity Insights Blog, 2025. https://www.nist.gov/blogs/cybersecurity-insights/adversarial-machine-learning-taxonomy-terminology
  65. M. Stanley, “NIST to Release New AI Cybersecurity Guidance as Federal Use Expands,” GovCIO Media, Jun. 2025. https://govciomedia.com/nist-to-release-new-ai-cybersecurity-guidance-as-federal-use-expands
  66. Gartner, “Magic Quadrant for Privileged Access Management,” Gartner Research, Sept. 2024. https://www.beyondtrust.com/resources/gartner-magic-quadrant-for-pam
  67. Gartner, “Critical Capabilities for PAM,” Gartner Insights, Sept. 2024. https://www.beyondtrust.com/gartner-critical-capabilities-for-pam-pedm
  68. Gartner, “Zero Trust Architecture: Strategies and Benefits,” Gartner Topic Page, 2024. https://www.gartner.com/en/cybersecurity/topics/zero-trust-architecture
  69. Gartner, “Zero Trust Adoption in Retail & Healthcare,” Gartner Survey Report, 2025. (Subscription required)
  70. Gartner, “Zero Trust in the Public Sector: An Implementation Guide,” Gartner Toolkit, 2024. https://www.gartner.com/en/industries/government-public-sector/topics/zero-trust
  71. S. Ee et al., “Adapting Cybersecurity Frameworks to Manage Frontier AI Risks,” arXiv preprint arXiv:2408.07933, Aug. 2024. https://arxiv.org/abs/2408.07933
  72. AP News, “Small Federal Agency Crafts Standards for Making AI Safe, Secure and Trustworthy,” AP Newswire, Jan. 2024. https://apnews.com/article/84fcb42a0ba8a2b1e81deed22dd1db16
  73. S2i2, “How AI is Transforming NIST Guidelines for Federal Agencies,” S2i2 Blog, May 2025. https://s2i2.com/securing-the-future-how-ai-is-transforming-nist-guidelines-for-federal-agencies
  74. NIST, “NIST’s Latest Guidance Bolsters Identity Management,” GovCIO Media Interview, Mar. 2025. https://govciomedia.com/nists-latest-guidance-bolsters-identity-management
  75. NIST, “AI Standards Coordination and Development,” NIST AI Standards Page, 2025. https://www.nist.gov/artificial-intelligence/ai-standards
  76. NIST, “AI Congressional Mandates & Executive Orders,” NIST Policy Page, 2025. https://www.nist.gov/artificial-intelligence/ai-congressional-mandates-executive-orders
  77. R. Ranjan et al., “LOKA Protocol: A Decentralized Framework for Trustworthy AI Agents,” arXiv preprint arXiv:2504.10915, Apr. 2025. https://arxiv.org/abs/2504.10915
  78. Gartner, “Hype Cycle for Zero Trust Networking, 2024,” MixMode AI Summary, 2024. https://mixmode.ai/analyst-research/gartner-hype-cycle-for-zero-trust-networking-2024
  79. Essert.io, “What’s Next in AI Governance – Emerging Compliance Frameworks,” Essert.io Blog, 2025. https://essert.io/whats-next-in-ai-governance-emerging-compliance-frameworks-for-2025/
Index Terms

Computer Science
Information Sciences

Keywords

Intent-Aware Access Control Industrial Internet of Things (IIoT) Decentralized Identity (DID) Verifiable Credentials (VC) Adaptive Trust Scoring Edge Policy Enforcement Zero Trust Architecture Behavior-Based Authentication Policy-as-Code (PaC) Context-Aware Authorization Autonomous Machine Identity Explainable Access Control AI-Driven Authorization Cyber-Physical Security WebAssembly Enforcement Blockchain Audit Logging Machine-to-Machine Authentication Identity Governance Federated Trust Management Resilient Edge Security.

Powered by PhDFocusTM