arXiv: Toward Securing AI Agents Like Operating Systems

This paper, published on arXiv, proposes a new framework for securing advanced AI agents by treating them like operating systems. It argues that current AI safety approaches are insufficient for autonomous agents that can execute actions, access external tools, and manage memory. The authors introduce a structured model with concepts like process isolation, permission systems, and audit logging, drawing direct parallels to how operating systems protect against malware and unauthorized access. This is not a regulation but a technical proposal that could influence future regulatory standards.

The primary audience is organizations developing or deploying autonomous AI agents, particularly in high-stakes sectors like finance, healthcare, critical infrastructure, and legal services. Any company using large language models with tool-use capabilities, autonomous decision-making, or persistent memory should pay attention. Regulators and compliance teams in the EU, especially those monitoring the AI Act’s evolving requirements for high-risk systems, will need to assess whether this OS-like security model becomes a de facto best practice.

Compliance teams should immediately review their current AI agent deployments for basic security hygiene: are agent actions logged, are permissions granularly controlled, and is there isolation between different agent instances? Begin mapping these technical controls to existing obligations under the EU AI Act, particularly around transparency, risk management, and human oversight. Engage with technical teams to pilot the proposed security model in sandbox environments, and prepare to update internal AI governance policies to reflect this emerging standard for agent safety.