Trusted AI Agents in the Cloud

Teofil Bodea; Masanori Misono; Julian Pritzi; Patrick Sabanic; Thore Sommer; Harshavardhan Unnibhavi; David Schall; Nuno Santos; Dimitrios Stavrakakis; Pramod Bhatotia

arXiv:2512.05951·cs.CR·December 16, 2025

Trusted AI Agents in the Cloud

Teofil Bodea, Masanori Misono, Julian Pritzi, Patrick Sabanic, Thore Sommer, Harshavardhan Unnibhavi, David Schall, Nuno Santos, Dimitrios Stavrakakis, Pramod Bhatotia

PDF

Open Access 1 Models

TL;DR

Omega is a system that enhances trust, security, and supervision for AI agents in the cloud by leveraging confidential hardware and policy enforcement, enabling secure multi-agent deployments.

Contribution

The paper introduces Omega, a novel platform combining confidential VMs and GPUs with trust establishment and policy enforcement for secure, multi-agent AI cloud environments.

Findings

01

Omega achieves end-to-end isolation and trust verification.

02

It supports high-density, policy-compliant multi-agent deployments.

03

The system maintains high performance on AMD and NVIDIA hardware.

Abstract

AI agents powered by large language models are increasingly deployed as cloud services that autonomously access sensitive data, invoke external tools, and interact with other agents. However, these agents run within a complex multi-party ecosystem, where untrusted components can lead to data leakage, tampering, or unintended behavior. Existing Confidential Virtual Machines (CVMs) provide only per binary protection and offer no guarantees for cross-principal trust, accelerator-level isolation, or supervised agent behavior. We present Omega, a system that enables trusted AI agents by enforcing end-to-end isolation, establishing verifiable trust across all contributing principals, and supervising every external interaction with accountable provenance. Omega builds on Confidential VMs and Confidential GPUs to create a Trusted Agent Platform that hosts many agents within a single CVM using…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Models

🤗
AbdulElahGwaith/AI-Infra-Guard
model

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSecurity and Verification in Computing · Cloud Data Security Solutions · Access Control and Trust