Most security models were never designed for autonomous systems talking to each other.

They assume a human login, a session, a perimeter, and a moment where someone is done authenticating. That logic breaks down fast once you introduce autonomous agents that run continuously, make decisions without pause, and interact with other agents at machine speed.

I ran into this problem repeatedly while working through security architecture, AI systems, and Zero Trust theory. The controls existed, but they were scattered. Identity lived in one place. Authorization in another. Rate limiting somewhere else. Time based controls were often an afterthought, if they existed at all.

What bothered me was not that the ideas were missing. It was that nobody was putting them together into a system that assumed autonomy from the start.

That is why I wrote this book.

The core problem

AI to AI communication removes the human pause.

There is no login screen. No are you sure prompt. No natural delay where a mistake can be caught by a person. Once an agent is trusted, it acts. And if that trust is too broad, too long lived, or too static, the system fails quietly and completely.

Most Zero Trust discussions stop at identity and policy.

That is not enough for autonomous environments.

You also need to control when actions are allowed, how often they can occur, how disagreement is resolved, and how trust decays over time. You need systems that assume failure, drift, and compromise as normal operating conditions.

What the book actually does

11 Controls for Zero Trust Architecture in Multi-Agent AI-to-AI Systems is not a theory book. It is a control framework.

Each chapter focuses on a single control that answers a specific security question, such as:

• Who is this agent really?
• What is it allowed to do right now?
• How long should that permission exist?
• What happens if it starts behaving strangely?
• How does the system slow or stop damage without human intervention?

The controls are designed to stack.

• Identity alone is not trusted
• Authorization alone is not trusted
• Time alone is not trusted

The system only moves forward when multiple controls agree.

If one control fails, the others are meant to catch it.

Why I am sharing this now

I am currently preparing the book for release, and I am sharing excerpts and ideas publicly as part of that process. Not to hype it, but to pressure test it.

If these ideas resonate with you, great. If you disagree, even better. Autonomous systems are already here, and pretending traditional security models will stretch to fit them is wishful thinking.

This book exists because I could not find a single place where these controls were treated as a cohesive system instead of isolated best practices.

What is next

Over the next few weeks, I will be posting short essays and excerpts here that break down individual controls, failure modes, and design patterns for securing agent to agent communication.

If you are working with AI systems, automation, or distributed services, I think you will recognize the problems immediately.

And if you are building something that talks to itself, you probably already know why this matters.

Thanks for reading.

If you want to follow along as the book develops, connect with me directly on LinkedIn or through the other platforms I post on here as we go.

Pre-orders go live on Jan 15th 2026, with full release on Jan 31st 2026. Look for it on Amazon.

John R. Black III

Author, 11 Controls for Zero Trust in AI-to-AI Systems

Helios Techcomm