Securing the
Agentic Economy
The "Visa Model" for Autonomous Trust
Integrating Zscaler Zero Trust with SuilaAI Provenance to secure high-stakes autonomous transactions in the AI economy.
Zero Trust + Trust Scoring
Zscaler handles identity (AuthN), SuilaAI handles validity (AuthZ) — the complete trust stack
< 100ms Latency
Lightweight JSON handshake ensures real-time trust verification without blocking agent workflows
Resilience Matrix
L0-L3 tool classification with Fail Open/Fail Closed policies for business continuity
The "Visa Model"
Separating authentication from authorization — a battle-tested pattern for autonomous commerce
Securing the Agentic Economy
The "Visa Model" for Autonomous Trust: Integrating Zscaler Zero Trust with SuilaAI Provenance
SuilaAI Strategy Team | February 2026
Abstract
As autonomous agents (arXiv:2510.09244) begin to dominate digital commerce, traditional security models focused on identity are no longer sufficient. Agents require real-time verification of intent and provenance. This whitepaper outlines a unified architecture combining Zscaler's Zero Trust Exchange (The Terminal) with SuilaAI's Trust Oracle (The Network). We introduce a resilience-first framework — mirroring the global credit card system — to secure high-stakes, autonomous transactions.
1. The Business Analogy: The "Visa Model" for AI
To understand the necessity of this integration, we draw a parallel to the global payment network. In the credit card ecosystem, a transaction requires two distinct checks:
- Authentication (The Chip/PIN): Is this card real? Does it belong to this person?
- Authorization (The Network/Bank): Does this person have the funds? Is this transaction fraudulent based on location or velocity?
In the Agentic Economy, Zscaler acts as the Point of Sale (POS) terminal, verifying the agent's identity certificate (Authentication). However, Zscaler cannot know if the agent's request is a hallucination or a fraud. That requires SuilaAI, acting as the Credit Network (Authorization), to verify the provenance and trust score of the content itself.
| Role | Credit Card World | Agentic Economy |
|---|---|---|
| Authentication | Chip / PIN / CVV | Zscaler Zero Trust Exchange |
| Authorization | Visa / Mastercard Network | SuilaAI Trust Oracle |
| Transaction | Purchase at POS | Agent API Call to Enterprise |
| Risk Check | Fraud Detection (location, velocity) | Provenance + Trust Score |
| Decline | Insufficient funds / Suspicious activity | Low trust score / Anomaly pattern |
2. System Architecture: The "Truth Firewall"
The unified architecture positions Zscaler as the identity layer and SuilaAI as the validity layer. Traffic flows through Zscaler, which side-loads verification to SuilaAI before granting access to the Enterprise Sanctum.
Architecture Flow
┌─────────────────────────────────────────┐
│ UNIFIED TRUST LAYER │
│ │
│ ┌──────────────────┐ │
│ │ SuilaAI │ │
│ │ Trust Oracle │ │
│ │ (The Network) │ │
│ └────▲────────┬─────┘ │
│ │ │ │
│ 2. Verify 3. Trust │
│ Provenance Score │
│ │ │ │
┌──────────┐ │ ┌────┴────────▼─────┐ ┌──────────┐│
│ External │ 1. │ │ Zscaler │ 4. │Enterprise││
│ Agent │────────►│ Zero Trust │────────►│ Core ││
│(Proposer)│ API │ │ Exchange │Access│ (API/ ││
└──────────┘ Call │ │ (The Terminal) │Grant │ Data) ││
│ └──────────────────┘ └──────────┘│
└─────────────────────────────────────────┘
Step 1: An external AI agent makes an HTTPS API call to an enterprise resource.
Step 2: Zscaler authenticates the agent's identity (AuthN OK) and simultaneously sends the request metadata to SuilaAI for provenance verification.
Step 3: SuilaAI computes a real-time Trust Score based on the agent's history, content provenance, and behavioral patterns, returning the score to Zscaler.
Step 4: If the trust threshold is met, Zscaler grants access to the enterprise core. If not, the request is blocked.
3. Technical Implementation
3.1 The Trust Handshake (API)
The integration uses a lightweight JSON exchange to ensure low latency (< 100ms). Zscaler sends metadata to SuilaAI, which returns a decision.
SuilaAI Response Payload
{
"request_id": "tx-88392",
"trust_evaluation": {
"score": 45,
"threshold_met": false,
"risk_level": "HIGH"
},
"provenance_data": {
"is_hallucinated": false,
"source_verified": false,
"reason": "Agent ID matches recent anomaly pattern."
},
"policy_action": {
"verdict": "BLOCK",
"log_reason": "Low_Trust_Score_Policy_7"
}
}
Key Fields Explained
| Field | Description |
|---|---|
trust_evaluation.score | SuilaAI TrustRank score (300-850 range, normalized to 0-100 for policy engine) |
trust_evaluation.threshold_met | Whether score meets the enterprise-configured minimum |
trust_evaluation.risk_level | Categorical risk assessment: LOW, MEDIUM, HIGH, CRITICAL |
provenance_data.is_hallucinated | Whether the request content appears to be AI-hallucinated |
provenance_data.source_verified | Whether the cited sources have been verified against evidence vault |
policy_action.verdict | Final decision: ALLOW, BLOCK, CHALLENGE, or QUARANTINE |
3.2 When to Call the SuilaAI Trust API
The timing of SuilaAI API calls depends on whether Zscaler is deployed in the architecture.
With Zscaler (Recommended Production Architecture)
| Phase | Trigger | SuilaAI API Called? | Latency Budget |
|---|---|---|---|
| Pre-Authentication | Agent connects to Zscaler | No | 0ms |
| Post-AuthN | Identity verified by Zscaler | Yes — Trust Handshake | < 100ms |
| Pre-Authorization | Before granting resource access | Score already cached | 0ms (cached) |
| Transaction Time | High-value action (L2/L3 tool) | Yes — Re-verify if > 5min old | < 100ms |
| Post-Transaction | Audit and logging | Yes — Record provenance | Async (no blocking) |
Total added latency per request: < 100ms (single synchronous call + async logging)
Without Zscaler (Direct Integration)
| Phase | Trigger | SuilaAI API Called? | Latency Budget |
|---|---|---|---|
| Application Layer | Request hits your API gateway | Yes — Full trust evaluation | < 150ms |
| Per-Action | Each sensitive tool invocation | Yes — Real-time scoring | < 100ms |
| Periodic Refresh | Background re-scoring | Yes — Batch mode | Async |
Note: Without Zscaler, the application must handle both identity verification AND trust scoring, increasing complexity and latency.
3.3 API Integration Examples
Calling SuilaAI Trust API (Direct)
# Real-time trust verification
curl -X POST https://api.suilaai.com/v1/trust/verify \
-H "Authorization: Bearer $SUILA_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"agent_id": "agent-ext-9382",
"action": "database.write",
"tool_level": "L3",
"context": {
"content_hash": "sha256:ab3f...",
"cited_sources": ["arxiv:2510.09244"],
"session_duration_sec": 342
}
}'
Zscaler-Integrated Call (Via Policy Engine)
# Zscaler automatically calls SuilaAI during policy evaluation
# No application-level code changes required
# Configure in Zscaler Admin Console:
# Policy → Trust Verification → SuilaAI Integration
# Endpoint: https://api.suilaai.com/v1/trust/verify
# Timeout: 100ms
# Fallback: Apply tool-level default policy
4. Resilience & Fail-Over Strategy
To maintain business continuity, the system implements a "Floor Limit" strategy. If the SuilaAI service is unreachable (timeout), Zscaler applies a default policy based on the risk level of the tool being accessed.
Resilience Matrix
| Tool Level | Examples | Risk Profile | Timeout Policy | Action |
|---|---|---|---|---|
| L3 (Critical) | Wire Transfer, DB Delete | High | Fail Closed | BLOCK |
| L2 (Sensitive) | Send Email, Edit File | Medium | Fail Closed | BLOCK |
| L1 (Info) | RAG Query, Read Calendar | Low | Fail Open | ALLOW w/ Log |
| L0 (Public) | Web Search, Weather | None | Fail Open | ALLOW |
How This Works in Practice
Scenario: SuilaAI Unreachable (Network Partition)
- External agent requests wire transfer (L3 Critical)
- Zscaler authenticates agent identity — OK
- Zscaler calls SuilaAI Trust API — TIMEOUT after 100ms
- Zscaler checks tool level → L3 = Fail Closed
- Request BLOCKED — agent receives 503 with retry guidance
- Alert sent to SOC team for investigation
Scenario: SuilaAI Returns Low Score
- External agent requests to read calendar (L1 Info)
- Zscaler authenticates agent identity — OK
- Zscaler calls SuilaAI → Trust Score: 320 (below threshold)
- Tool level is L1 → Low risk → Fail Open policy
- Request ALLOWED with enhanced logging
- Anomaly flagged for human review
5. Transactional Workflow: Blocking a High-Risk Transaction
The sequence below details a blocked transaction (Fail Closed scenario). This demonstrates the "Safety Brake" mechanism for high-stakes agent actions.
Sequence Diagram
Ext. Agent Zscaler ZIA SuilaAI API Internal App
│ │ │ │
│ 1. HTTPS Request │ │ │
│ (Buy Order) │ │ │
│───────────────────►│ │ │
│ │ │ │
│ │ ┌──────────┐ │ │
│ │ │ AuthN OK │ │ │
│ │ └──────────┘ │ │
│ │ │ │
│ │ 2. Validate │ │
│ │ Transaction │ │
│ │───────────────────►│ │
│ │ │ │
│ │ │ ┌──────────────┐ │
│ │ │ │Compute Score │ │
│ │ │ │ Score: 320 │ │
│ │ │ │ < Threshold │ │
│ │ │ └──────────────┘ │
│ │ │ │
│ │ 3. Score < Thresh │ │
│ │◄╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌│ │
│ │ │ │
│ │ ┌──────────────┐ │ │
│ │ │Policy: BLOCK │ │ │
│ │ │ ✕ ✕ ✕ │ │ │
│ │ └──────────────┘ │ │
│ │ │ │
│ 4. 403 Forbidden │ │ │
│◄───────────────────│ │ │
│ │ │ │
Key Insight: The internal application never sees the blocked request. The "Safety Brake" operates entirely within the Unified Trust Layer, providing defense-in-depth without requiring application changes.
6. Performance Characteristics
| Metric | With Zscaler + SuilaAI | SuilaAI Direct | Without Trust Verification |
|---|---|---|---|
| Added Latency | < 100ms | < 150ms | 0ms |
| Throughput | 10,000+ req/sec | 5,000+ req/sec | Unlimited |
| Cache Hit Rate | ~85% (5min TTL) | ~70% (session-based) | N/A |
| False Positive Rate | < 0.1% | < 0.3% | N/A |
| Coverage | All agent traffic | Application-level only | None |
7. Conclusion
The integration of Zscaler and SuilaAI solves the O(N+M) complexity problem of agentic trust. By separating the transport layer from the truth layer, we create a scalable, resilient ecosystem where autonomous agents can operate safely.
This architecture provides the "Adult Supervision" necessary for enterprise adoption of Agentic AI:
- Zscaler handles the "Who" — identity, authentication, network security
- SuilaAI handles the "What" — provenance, trust scoring, content verification
- Together they form the complete trust infrastructure for autonomous commerce
The question is no longer "Should we let AI agents act autonomously?" but "How do we build the trust infrastructure to let them act safely?"
The Visa Model answers this question with a battle-tested pattern: separate authentication from authorization, implement resilience at every layer, and never let a high-stakes transaction proceed without verification.
Patent: Taiwan I892115 | US 12,505,169B2 SuilaAI — The Trust Infrastructure for the AI Economy
Ready to Secure Your Agentic Infrastructure?
Learn how SuilaAI's Trust Oracle integrates with your existing Zero Trust architecture