Lafayette
Mon Sep 28 | 9:30am
Autonomous AI agents are rapidly evolving into primary consumers of enterprise data, operating across distributed computing environments where they plan tasks, invoke tools, and coordinate across clustered runtimes, network fabrics, and storage back ends at machine speed. As agents increasingly act as users of infrastructure rather than passive workloads, they introduce a new class of security challenges that remain poorly understood and insufficiently addressed. In this work, we analyze the emerging security implications of agent interoperability protocols, including Model Context Protocol (MCP), Agent-to-Agent (A2A), and agent commerce interfaces. We show that the combination of natural-language-driven control and machine-speed execution creates novel control-plane risks that existing runtime and infrastructure defenses are not designed to mitigate.
We identify a set of critical vulnerability classes spanning both control and data planes, including protocol-level weaknesses in MCP and A2A, cross-protocol trust boundary failures, identity ambiguity at the data layer, privilege overreach at scale, audit and lineage gaps, and control-plane blindness under high-speed autonomous operation. Some of these risks are inherited from traditional distributed systems, while others are fundamentally amplified, or newly introduced, by agentic behavior. As agentic workloads become dominant consumers of enterprise storage and data, their security can no longer be addressed solely within AI model or application layers. Instead, it demands coordinated attention from storage and networking architects who define how data is accessed, governed, and secured at the infrastructure level.
This session frames these challenges as an open problem space for SNIA developers and infrastructure architects, highlighting the need for new abstractions, controls, and standardization efforts at the storage and fabric layers. Join us for an interactive discussion on these emerging threats with agentic data access and the requirements to protect enterprise systems as agents become first-class actors in distributed environments.
The blurring of the lines between data centers and automobiles continues to grow fuzzier. This talk explores the trends in automotive fabrics tying together a wild array of sensors, displays, processors, memory, and storage. Another data center trend that may actually appear first in cars is the need for post-quantum security algorithms, preventing malicious intruders from steering our cars off bridges.
Storage developers need to understand that the algorithms and protocols used for data protection are in the midst of significant changes. This is driven by increases in the size of storage devices, the complexity of large data storage systems, discoveries of weaknesses, and improvements in attacks on encryption. Storage devices are seeing changes in block encryption algorithms and in implementations of those algorithms. Post-quantum cryptographic (PQC) algorithms will improve resistance to attacks using quantum computers, and a new timeline is in effect for adoption of those algorithms. Various protocols are being updated to use the new algorithms and to manage the transition to PQC.
DMTF’s Security Protocol and Data Model (SPDM) protocol is a widely used set of standards that enable secure communication and device authentication for platform-level security. This session will give an update on major developments by the SPDM Working Group, and where the group is going over the next year. In the past year, DMTF has released SPDM version 1.4, the first version to support CNSA 2.0 algorithms for post-quantum cryptography. This was added to the specification in a way that maintains backwards compatibility with existing deployments and enables platforms to adopt forward-looking requirements. The SPDM to Storage binding (version 1.0) was also released, enabling SPDM to secure a broad range of storage transports using a common command set. This release enables SPDM across a variety of storage protocols using a broadly compatible command set.
DMTF has also released the SPDM Authorization specification, which adds access policies on top of SPDM. The authorization specification leverages the capabilities of SPDM to bring access control, credential provisioning, and policy management to modern platforms, including support for CXL. The session will conclude with a look at the SPDM Working Group’s roadmap, including anticipated enhancements and potential new use cases.