Twenty-five years ago, the industry faced a fundamental shift when enterprise applications moved to the web. At the time, many organizations assumed each application would simply handle its own authentication and authorization. It didn’t take long to realize that model would not scale. 

Applications multiplied, identity stores became fragmented, and embedded security logic created operational complexity. Not to mention all-too-familiar user friction with redundant sign-ins. The architectural breakthrough was recognizing that identity and access policy had to move out of individual applications and into a shared infrastructure layer. 

This realization led to the development of web access management platforms like Netegrity SiteMinder, where user authentication and authorization were externalized and enforced through a unified policy architecture.

That shift became the foundation of enterprise web security. As a witness to the early days of web-scale application security, the architectural signals we’re seeing around AI systems today feel remarkably similar.

Large language models as a new runtime tier

Today’s conversation around AI often focuses on models, copilots, and developer productivity. But the deeper change is architectural. Large language models (LLMs) aren’t replacing enterprise applications—they’re becoming a new runtime tier within the application stack. 

For decades, enterprise applications behaved deterministically. Developers defined execution logic in advance, such as how the application should behave in different scenarios. Security teams could then review those code paths and enforce controls around largely predictable behavior. 

That model no longer holds. As LLMs become runtime decision engines inside applications, logic that determines what happens next moves from code into reasoning. Which systems to access, which APIs to call, and what data to retrieve can now be determined dynamically at execution time by a model, or by an agent using that model.

This break from deterministic systems shows enterprises are moving toward AI-orchestrated systems. And from there, toward multi-agent ecosystems where software entities reason, delegate, and act across systems

Agents authenticate to services, retrieve data, call APIs, spawn sub-agents, and interact with other agents across organizational boundaries. Increasingly, software will operate other software on behalf of users and business processes. 

When governance becomes the control point

As this shift unfolds, the security model that governed the previous generation of enterprise applications begins to break. The central problem is not simply authentication—it’s governance at runtime. 

When an autonomous system decides what systems to access, what data to retrieve, what tools to invoke, and what actions to take, the security question changes. It’s no longer enough to ask whether an identity can access a resource. The question becomes whether the agent’s objectives and behavior remain within its authorized boundaries.

As I explore in the accompanying white paper, Broadcom Agentic Identity Fabric: Securing the Agentic AI Enterprise, every major transition in enterprise computing moves the security perimeter. The web moved it to the session. The federation moved it to the assertion. APIs moved it to the token. Agentic AI moves it again—this time from human users with deterministic applications to autonomous entities making runtime decisions at machine speed.

That shift requires a new governance layer capable of managing identity, authorization, delegation, and observability across the full execution path of an AI system.

This governance layer emerges from the same architectural principles that secured previous generations of computing: identity as the control plane, policy as the decision engine, and distributed enforcement points across the infrastructure where actions occur. Together, these components form what I describe as an Agentic Identity Fabric: a unified trust layer governing how autonomous systems interact with enterprise capabilities. 

The next evolution in authorization

Traditional policy systems were designed for applications accessing resources in predictable ways. Autonomous agents behave differently—they pursue goals, interpret context, and dynamically decide how to accomplish tasks. One of the most important implications of today’s agentic architectures is that authorization itself must evolve. 

And we’ve only just scratched the surface here. To dive deeper into the architecture and design patterns behind the Agentic Identity Fabric, read the full whitepaper.

In a follow-up whitepaper, I’lll explore why policy management in the agentic enterprise must move beyond resource authorization and begin governing intent—and why it may become the most important revolution in enterprise authorization.