C14 Layer 4 - Orchestration & Ecosystem

Secure Multi-Agent Protocols

Multi-agent message envelopes with signature, nonce, version, expiry. Replay attacks fail; cross-agent calls are subject to the same policy boundary as tool calls.

Why

  • Multi-agent systems increase complexity and attack surface. If agents exchange free-form text, you get ambiguity, spoofing, and privilege escalation.

What

  • A strict protocol envelope that provides: authenticated sender identity
  • canonical serialization
  • schema validation
  • payload signatures
  • nonce replay protection
  • capability negotiation and versioning

How

  • define a stable envelope schema
  • reject messages without valid signature/nonce/schema
  • include capability negotiation to prevent unsafe downgrades
  • treat all agent outputs as untrusted until validated

Evidence

  • schema validation rejects
  • signature verification logs
  • replay attack attempts detected

Failure modes

  • free-text inter-agent communication
  • no sender verification
  • protocol version drift without compatibility tests

NIST AI RMF alignment

C14 maps to MANAGE. See the framework paper for the specific subcontrol mappings.

ISO/IEC alignment

C14 maps to ISO/IEC 27001. Typical evidence: see the Evidence section above.

Contents
On this page
Why What How Evidence Failure modes NIST AI RMF ISO/IEC Related controls
All controls
Layer 1 - Identity & Integrity
C01 Workload Identity C02 Confidential Execution C03 Artifact Integrity C04 Agent Lifecycle C17 Agent Discovery
Layer 2 - Runtime Enforcement
C05 Tool Gateway C06 Circuit Breakers C07 Resource Governance C08 Injection Defense C09 Invariant Enforcement C18 Data Quality Gates
Layer 3 - Observability & Forensics
C10 Deterministic Replay C11 Audit Ledger C12 Signed Actions C13 Semantic Tracing C19 Behaviour Monitoring
Layer 4 - Orchestration & Ecosystem
C14 Multi-Agent Protocols C15 Orchestration Plane C16 Adversarial Validation