Security Hardening

Best practices for securing your ACGP implementation.

Overview

Security is critical for AI agent governance. This guide covers essential security measures for ACGP deployments.

Authentication & Authorization

Steward Authentication

  • Use strong API keys or certificates
  • Rotate credentials regularly
  • Implement mutual TLS

Agent Identity

  • Assign unique identifiers
  • Verify agent identity on each request
  • Track agent lineage

Network Security

  • Use TLS 1.3 for all communications
  • Implement network segmentation
  • Whitelist steward endpoints
  • Rate limit requests

Audit Log Security

  • Use append-only storage
  • Implement cryptographic proofs
  • Regular backups
  • Tamper detection

Best Practices

Critical

  • Never expose steward APIs publicly
  • Always validate trace inputs
  • Implement defense in depth
  • Regular security audits

Detailed content coming soon

Performance Tuning See Security Spec