Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery and Interoperability

Abstract: The proliferation of AI agents requires robust mechanisms for secure discovery. This paper introduces the Agent Name Service (ANS), a novel architecture based on DNS addressing the lack of a public agent discovery framework. ANS provides a protocol-agnostic registry infrastructure that leverages Public Key Infrastructure (PKI) certificates for verifiable agent identity and trust. The architecture features several key innovations: a formalized agent registration and renewal mechanism for lifecycle management; DNS-inspired naming conventions with capability-aware resolution; a modular Protocol Adapter Layer supporting diverse communication standards (A2A, MCP, ACP etc.); and precisely defined algorithms for secure resolution. We implement structured communication using JSON Schema and conduct a comprehensive threat analysis of our proposal. The result is a foundational directory service addressing the core challenges of secured discovery and interaction in multi-agent systems, paving the way for future interoperable, trustworthy, and scalable agent ecosystems.

• The paper introduces the ANS framework, merging DNS-like naming with PKI for secure agent registration and identity verification.
• The paper details a modular protocol adapter and structured JSON communication to enable seamless interoperability across diverse communication protocols.
• The paper conducts a comprehensive threat analysis, addressing issues like impersonation and DoS through digital signatures and robust mitigation strategies.

A Universal Directory for Secure AI Agent Discovery and Interoperability

The paper "Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery and Interoperability" introduces a novel framework for securely discovering and interacting with AI agents across different platforms and protocols.

Abstract and Key Contributions

The Agent Name Service (ANS) is proposed as a DNS-like system tailored for the dynamic, security-sensitive environment of Agentic AI. ANS integrates a secure directory service with public key infrastructure (PKI) to facilitate verifiable agent identities, trust, and seamless interoperability across various communication protocols. This framework addresses fundamental challenges in multi-agent systems (MAS), such as agent registration, identity verification, and capability-aware resolution. The paper presents a detailed architecture that incorporates DNS-inspired naming, a modular protocol adapter layer, and JSON Schema-based structured communication, all fortified by a comprehensive threat analysis.

Architecture Overview

The ANS architecture encompasses several core components:

• Agent Registry: Acts as a central database for storing agent-related data, including credentials and decentralized identifiers (DID). It handles agent capabilities, security policies, and metadata.
• Certificate Authority (CA) and Registration Authority (RA): These entities manage certificate issuance, renewal, and verification, forming the backbone of agent identity and lifecycle management.
• Protocol Adapter Layer: A modular interface that allows for seamless integration with various agent communication protocols, such as Agent2Agent (A2A), Model Context Protocol (MCP), and Agent Communication Protocol (ACP).
• ANS Naming System: Provides a structured, human-readable identifier (ANSName) for agents, facilitating discovery and capability-based resolution.
• Secure Resolution and Communication: Ensures that agent interactions are both authenticated and encrypted by leveraging PKI and digital signatures.

  Figure 1: ANS Architecture. Illustrates the interaction between Agent, ANS Service, Agent Registry, CA, RA, and Protocol Adapter Layer.

Agent Registration and Renewal

The agent registration process involves multiple steps to ensure security and compliance:

1. Registration Request: Agents submit requests containing metadata, protocol details, and a Certificate Signing Request (CSR).
2. Validation: The RA verifies the provided information against established policies.
3. Certificate Issuance: A digital certificate is issued by the CA and stored in the registry.
4. Renewal: Periodic renewal requests are required to maintain active registration, ensuring compliance with security policies.

   Figure 2: Agent Registration Process.

Security and Threat Analysis

The paper provides a thorough threat analysis using the MAESTRO framework to identify potential vulnerabilities and mitigation strategies:

• Impersonation: Mitigated with PKI-based identity verification and digital signature validation.
• Registry Poisoning: Prevented through strict RA validation and secure resolution responses.
• Man-in-the-Middle Attacks: Addressed via signed communication and secure transport protocols.
• Denial of Service (DoS): Combated with distributed design and standard DDoS protection measures.

Implementation Considerations

The paper outlines several implementation strategies for the Agent Registry, ranging from centralized systems to distributed hash tables (DHT) and blockchain solutions:

• Centralized: Offers simplicity but lacks resilience and scalability.
• Distributed (Cassandra/DHT): Provides higher scalability and fault tolerance.
• Blockchain: Ensures high security and auditability but may incur higher latency and costs.

A modular Protocol Adapter Layer ensures that the registry remains protocol-agnostic, allowing easy integration and evolution alongside emerging communication standards.

Conclusion

The Agent Name Service (ANS) offers a robust platform for secure, scalable, and interoperable AI agent ecosystems. By integrating PKI, structured communication, and a universal naming system, ANS addresses critical challenges in Agentic AI. The framework paves the way for future developments in AI marketplaces, autonomous systems, and secure multi-agent interactions, fostering innovation and trust across the AI landscape.