Data-Centric Zero-Trust Architecture for Edge AI Systems

Abstract

Unparalleled safety troubles as a result of the explosive boom of aspect synthetic intelligence structures can not be properly dealt with through traditional perimeter-based protection paradigms. Modern TinyML deployments in IoT scenarios run under stringent resource limitations while handling confidential information on geographically dispersed, physically vulnerable devices. The inherent incompatibility between Zero-Trust security needs and limitations of edge computing calls for novel architectural approaches. A new data-centric Zero-Trust architecture overcomes these difficulties using risk-adaptive security controls that manipulate protection mechanisms dynamically as a function of data sensitivity and business value. The architecture realizes four pillars of foundation: exhaustive data-flow sensitivity classification, dynamic policy enforcement using declarative languages, verifiable integrity using hardware-rooted attestation, and granular network flow control using micro-segmentation. Implementation makes use of lightweight Kubernetes distributions, service mesh technology, and industry-standard hardware attestation modules to develop interoperable solutions. Performance measurement illustrates workable overhead with request latency growth proportional to policy complexity and retains sub-millisecond response time for regular operations. The design effectively neutralizes threats ranging from physical tampering, network attacks, to AI-vulnerable-based attacks through inseparable defense measures. Realistic deployment use cases confirm efficacy across various edge AI use cases, with scalability ensured by distributed policy engines and smart load balancing.