Technical Whitepaper

Securing the
Agentic Economy

The "Visa Model" for Autonomous Trust

Integrating Zscaler Zero Trust with SuilaAI Provenance to secure high-stakes autonomous transactions in the AI economy.

15 min read
February 2026
Architecture & Security

Zero Trust + Trust Scoring

Zscaler handles identity (AuthN), SuilaAI handles validity (AuthZ) — the complete trust stack

< 100ms Latency

Lightweight JSON handshake ensures real-time trust verification without blocking agent workflows

Resilience Matrix

L0-L3 tool classification with Fail Open/Fail Closed policies for business continuity

The "Visa Model"

Separating authentication from authorization — a battle-tested pattern for autonomous commerce

Securing the Agentic Economy

The "Visa Model" for Autonomous Trust: Integrating Zscaler Zero Trust with SuilaAI Provenance

SuilaAI Strategy Team | February 2026


Abstract

As autonomous agents (arXiv:2510.09244) begin to dominate digital commerce, traditional security models focused on identity are no longer sufficient. Agents require real-time verification of intent and provenance. This whitepaper outlines a unified architecture combining Zscaler's Zero Trust Exchange (The Terminal) with SuilaAI's Trust Oracle (The Network). We introduce a resilience-first framework — mirroring the global credit card system — to secure high-stakes, autonomous transactions.


1. The Business Analogy: The "Visa Model" for AI

To understand the necessity of this integration, we draw a parallel to the global payment network. In the credit card ecosystem, a transaction requires two distinct checks:

  • Authentication (The Chip/PIN): Is this card real? Does it belong to this person?
  • Authorization (The Network/Bank): Does this person have the funds? Is this transaction fraudulent based on location or velocity?

In the Agentic Economy, Zscaler acts as the Point of Sale (POS) terminal, verifying the agent's identity certificate (Authentication). However, Zscaler cannot know if the agent's request is a hallucination or a fraud. That requires SuilaAI, acting as the Credit Network (Authorization), to verify the provenance and trust score of the content itself.

RoleCredit Card WorldAgentic Economy
AuthenticationChip / PIN / CVVZscaler Zero Trust Exchange
AuthorizationVisa / Mastercard NetworkSuilaAI Trust Oracle
TransactionPurchase at POSAgent API Call to Enterprise
Risk CheckFraud Detection (location, velocity)Provenance + Trust Score
DeclineInsufficient funds / Suspicious activityLow trust score / Anomaly pattern

2. System Architecture: The "Truth Firewall"

The unified architecture positions Zscaler as the identity layer and SuilaAI as the validity layer. Traffic flows through Zscaler, which side-loads verification to SuilaAI before granting access to the Enterprise Sanctum.

Architecture Flow

                    ┌─────────────────────────────────────────┐
                    │         UNIFIED TRUST LAYER              │
                    │                                          │
                    │    ┌──────────────────┐                  │
                    │    │    SuilaAI        │                  │
                    │    │  Trust Oracle     │                  │
                    │    │  (The Network)    │                  │
                    │    └────▲────────┬─────┘                  │
                    │         │        │                        │
                    │    2. Verify  3. Trust                    │
                    │    Provenance  Score                      │
                    │         │        │                        │
  ┌──────────┐     │    ┌────┴────────▼─────┐     ┌──────────┐│
  │ External │ 1.  │    │     Zscaler       │ 4.  │Enterprise││
  │  Agent   │────────►│  Zero Trust       │────────►│  Core   ││
  │(Proposer)│ API  │  │  Exchange         │Access│  (API/   ││
  └──────────┘ Call │  │  (The Terminal)   │Grant │   Data)  ││
                    │    └──────────────────┘      └──────────┘│
                    └─────────────────────────────────────────┘

Step 1: An external AI agent makes an HTTPS API call to an enterprise resource.

Step 2: Zscaler authenticates the agent's identity (AuthN OK) and simultaneously sends the request metadata to SuilaAI for provenance verification.

Step 3: SuilaAI computes a real-time Trust Score based on the agent's history, content provenance, and behavioral patterns, returning the score to Zscaler.

Step 4: If the trust threshold is met, Zscaler grants access to the enterprise core. If not, the request is blocked.


3. Technical Implementation

3.1 The Trust Handshake (API)

The integration uses a lightweight JSON exchange to ensure low latency (< 100ms). Zscaler sends metadata to SuilaAI, which returns a decision.

SuilaAI Response Payload

{
  "request_id": "tx-88392",
  "trust_evaluation": {
    "score": 45,
    "threshold_met": false,
    "risk_level": "HIGH"
  },
  "provenance_data": {
    "is_hallucinated": false,
    "source_verified": false,
    "reason": "Agent ID matches recent anomaly pattern."
  },
  "policy_action": {
    "verdict": "BLOCK",
    "log_reason": "Low_Trust_Score_Policy_7"
  }
}

Key Fields Explained

FieldDescription
trust_evaluation.scoreSuilaAI TrustRank score (300-850 range, normalized to 0-100 for policy engine)
trust_evaluation.threshold_metWhether score meets the enterprise-configured minimum
trust_evaluation.risk_levelCategorical risk assessment: LOW, MEDIUM, HIGH, CRITICAL
provenance_data.is_hallucinatedWhether the request content appears to be AI-hallucinated
provenance_data.source_verifiedWhether the cited sources have been verified against evidence vault
policy_action.verdictFinal decision: ALLOW, BLOCK, CHALLENGE, or QUARANTINE

3.2 When to Call the SuilaAI Trust API

The timing of SuilaAI API calls depends on whether Zscaler is deployed in the architecture.

With Zscaler (Recommended Production Architecture)

PhaseTriggerSuilaAI API Called?Latency Budget
Pre-AuthenticationAgent connects to ZscalerNo0ms
Post-AuthNIdentity verified by ZscalerYes — Trust Handshake< 100ms
Pre-AuthorizationBefore granting resource accessScore already cached0ms (cached)
Transaction TimeHigh-value action (L2/L3 tool)Yes — Re-verify if > 5min old< 100ms
Post-TransactionAudit and loggingYes — Record provenanceAsync (no blocking)

Total added latency per request: < 100ms (single synchronous call + async logging)

Without Zscaler (Direct Integration)

PhaseTriggerSuilaAI API Called?Latency Budget
Application LayerRequest hits your API gatewayYes — Full trust evaluation< 150ms
Per-ActionEach sensitive tool invocationYes — Real-time scoring< 100ms
Periodic RefreshBackground re-scoringYes — Batch modeAsync

Note: Without Zscaler, the application must handle both identity verification AND trust scoring, increasing complexity and latency.

3.3 API Integration Examples

Calling SuilaAI Trust API (Direct)

# Real-time trust verification
curl -X POST https://api.suilaai.com/v1/trust/verify \
  -H "Authorization: Bearer $SUILA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "agent-ext-9382",
    "action": "database.write",
    "tool_level": "L3",
    "context": {
      "content_hash": "sha256:ab3f...",
      "cited_sources": ["arxiv:2510.09244"],
      "session_duration_sec": 342
    }
  }'

Zscaler-Integrated Call (Via Policy Engine)

# Zscaler automatically calls SuilaAI during policy evaluation
# No application-level code changes required
# Configure in Zscaler Admin Console:
#   Policy → Trust Verification → SuilaAI Integration
#   Endpoint: https://api.suilaai.com/v1/trust/verify
#   Timeout: 100ms
#   Fallback: Apply tool-level default policy

4. Resilience & Fail-Over Strategy

To maintain business continuity, the system implements a "Floor Limit" strategy. If the SuilaAI service is unreachable (timeout), Zscaler applies a default policy based on the risk level of the tool being accessed.

Resilience Matrix

Tool LevelExamplesRisk ProfileTimeout PolicyAction
L3 (Critical)Wire Transfer, DB DeleteHighFail ClosedBLOCK
L2 (Sensitive)Send Email, Edit FileMediumFail ClosedBLOCK
L1 (Info)RAG Query, Read CalendarLowFail OpenALLOW w/ Log
L0 (Public)Web Search, WeatherNoneFail OpenALLOW

How This Works in Practice

Scenario: SuilaAI Unreachable (Network Partition)

  1. External agent requests wire transfer (L3 Critical)
  2. Zscaler authenticates agent identity — OK
  3. Zscaler calls SuilaAI Trust API — TIMEOUT after 100ms
  4. Zscaler checks tool level → L3 = Fail Closed
  5. Request BLOCKED — agent receives 503 with retry guidance
  6. Alert sent to SOC team for investigation

Scenario: SuilaAI Returns Low Score

  1. External agent requests to read calendar (L1 Info)
  2. Zscaler authenticates agent identity — OK
  3. Zscaler calls SuilaAI → Trust Score: 320 (below threshold)
  4. Tool level is L1 → Low risk → Fail Open policy
  5. Request ALLOWED with enhanced logging
  6. Anomaly flagged for human review

5. Transactional Workflow: Blocking a High-Risk Transaction

The sequence below details a blocked transaction (Fail Closed scenario). This demonstrates the "Safety Brake" mechanism for high-stakes agent actions.

Sequence Diagram

  Ext. Agent          Zscaler ZIA         SuilaAI API        Internal App
      │                    │                    │                    │
      │  1. HTTPS Request  │                    │                    │
      │    (Buy Order)     │                    │                    │
      │───────────────────►│                    │                    │
      │                    │                    │                    │
      │                    │  ┌──────────┐      │                    │
      │                    │  │ AuthN OK │      │                    │
      │                    │  └──────────┘      │                    │
      │                    │                    │                    │
      │                    │  2. Validate        │                    │
      │                    │     Transaction    │                    │
      │                    │───────────────────►│                    │
      │                    │                    │                    │
      │                    │                    │  ┌──────────────┐  │
      │                    │                    │  │Compute Score │  │
      │                    │                    │  │  Score: 320  │  │
      │                    │                    │  │  < Threshold │  │
      │                    │                    │  └──────────────┘  │
      │                    │                    │                    │
      │                    │  3. Score < Thresh  │                    │
      │                    │◄╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌│                    │
      │                    │                    │                    │
      │                    │  ┌──────────────┐  │                    │
      │                    │  │Policy: BLOCK │  │                    │
      │                    │  │    ✕ ✕ ✕     │  │                    │
      │                    │  └──────────────┘  │                    │
      │                    │                    │                    │
      │  4. 403 Forbidden  │                    │                    │
      │◄───────────────────│                    │                    │
      │                    │                    │                    │

Key Insight: The internal application never sees the blocked request. The "Safety Brake" operates entirely within the Unified Trust Layer, providing defense-in-depth without requiring application changes.


6. Performance Characteristics

MetricWith Zscaler + SuilaAISuilaAI DirectWithout Trust Verification
Added Latency< 100ms< 150ms0ms
Throughput10,000+ req/sec5,000+ req/secUnlimited
Cache Hit Rate~85% (5min TTL)~70% (session-based)N/A
False Positive Rate< 0.1%< 0.3%N/A
CoverageAll agent trafficApplication-level onlyNone

7. Conclusion

The integration of Zscaler and SuilaAI solves the O(N+M) complexity problem of agentic trust. By separating the transport layer from the truth layer, we create a scalable, resilient ecosystem where autonomous agents can operate safely.

This architecture provides the "Adult Supervision" necessary for enterprise adoption of Agentic AI:

  • Zscaler handles the "Who" — identity, authentication, network security
  • SuilaAI handles the "What" — provenance, trust scoring, content verification
  • Together they form the complete trust infrastructure for autonomous commerce

The question is no longer "Should we let AI agents act autonomously?" but "How do we build the trust infrastructure to let them act safely?"

The Visa Model answers this question with a battle-tested pattern: separate authentication from authorization, implement resilience at every layer, and never let a high-stakes transaction proceed without verification.


Patent: Taiwan I892115 | US 12,505,169B2 SuilaAI — The Trust Infrastructure for the AI Economy

Ready to Secure Your Agentic Infrastructure?

Learn how SuilaAI's Trust Oracle integrates with your existing Zero Trust architecture