Discussion draft / mesh-of-meshes study

Governance and Identity Fabric

A proposed control plane for the seams between service mesh, data mesh, and the emerging agent mesh.

Identity spine
Purpose policy
Auditable seams

Thesis

The hard part is not the meshes. It is the seams.

A mesh of meshes should not become a fourth mesh. It should be a thin governance-and-identity fabric that makes service, data, and agent meshes interoperable through governed interactions.

Every human, service, data, or agent call carries identity, delegation, purpose, a policy decision, and a correlated audit event. Governance is coordinated centrally and enforced locally.

Five pillars

A fabric that governs interaction, not ownership.

The design constraint is practical: centralize identity, policy, and telemetry; keep enforcement close to the workload, data product, or tool broker.

Unified identity with delegation

Every human, service, data product, and agent is a verifiable principal. Purpose and on-behalf-of delegation travel across the chain so an agent cannot act with more authority than the person or workflow that invoked it.

Policy authored centrally, enforced locally

One purpose-aware authorization model can be distributed to service sidecars, data-product gateways, and agent tool brokers. The fabric coordinates decisions without becoming a runtime chokepoint.

Contract and semantic registry

APIs, events, data products, and agent tools need shared contracts and vocabulary. Student should mean the same thing to a service, projection, and governed AI tool.

End-to-end lineage and audit

A correlation, causation, and purpose trail follows the interaction so the institution can answer who did what, on whose authority, against which data, and why.

Agent-specific trust controls

Agents are probabilistic and prompt-injectable, so the fabric scopes tools, limits blast radius, requires human approval for high-impact actions, and structurally separates private data from exfiltration paths.

Credibility map

Be precise about what is proven and what is frontier.

Capability
Status
What it takes
Workload and human-to-service identity
Solvable now
SPIFFE/SPIRE plus OAuth token exchange patterns.
Policy-as-code with local enforcement
Solvable now
OPA or Cedar enforced at sidecars, gateways, and tool brokers.
End-to-end lineage and audit
Solvable now
OpenTelemetry-style propagation extended with purpose and data/agent hops.
Agent identity and multi-hop delegation
Frontier
Buildable with token exchange and custom claims while standards mature.
Unified cross-plane semantics
Frontier
Contracts plus active ontology and governance work, not a one-time product install.
Prompt injection and probabilistic actors
Contain only
Sandbox, scope, approve, monitor, and break unsafe data/tool/input combinations.

WGU lighthouse

Prove the fabric on one student-personalization seam.

The most useful MVP is not a big-bang platform. It is one governed path: an AI tutor or mentor assistant reaching the Unified Student Object through delegated identity, purpose policy, lineage, and human approval.

0

Lighthouse seam

Tutor agent to Unified Student Object with identity, purpose, policy, lineage, and human approval.

1

Paved road

Self-serve identity issuance, policy SDKs, reusable audit hooks, and two or three more onboarded seams.

2

Federated governance

Domain-owned policies inside global guardrails, with shared contract and semantic registries.

3

Agent mesh scale

Agent registry, blast-radius controls, injection monitoring, drift telemetry, and lifecycle governance.

Receipts

Ground the thesis in systems already built.

Abstract governance control plane connecting agents, events, and audited tool calls

Sentinel

A concrete AI trust layer pattern: agents reach systems through scoped, audited tools rather than raw vendor credentials.

GreenixOS

Domain-owned operational truth exposed through event streams, projections, contracts, and anti-corruption adapters.

Merlin

A governed software-factory pattern: quality gates, provenance, human review, and auditable delivery for AI-assisted engineering.

Target shape

Thin overlay, identity spine, governed agent traffic.

Thin federated overlay: the recommended core because it reuses existing mesh investment and keeps enforcement local.

Portable identity spine: purpose-carrying identity tokens become the backbone for policy and audit decisions.

Governance broker for high-risk agent traffic: the Sentinel pattern, kept off latency-critical hot paths.

Policy at the data: student-data products enforce identity and purpose at access time.

Adoption

The fabric only wins if it becomes the paved road.

Earn adoption seam by seam instead of mandating a platform rewrite.

Keep brokers off latency-critical paths and make local enforcement the norm.

Treat prompt injection as a condition to contain and monitor, not a solved problem.

Curate contracts and semantics continuously because they drift when ownership gets vague.

BMOZI Technical

A thesis for partnership, not a claim of ownership.