InfrastructureSentinel: Policy Enforced Guardrails for Secure MCP-driven Infrastructure Agents

Authors

  • Tarun Kumar Hewlett Packard Enterprise
  • Aalap Tripathy Hewlett Packard Enterprise
  • Gayathri Saranathan Hewlett Packard Enterprise
  • Martin Foltin Hewlett Packard Enterprise
  • Suparna Bhattacharya Hewlett Packard Enterprise
  • Scott Hinchley Hewlett Packard Enterprise
  • Donald M Bahls Hewlett Packard Enterprise
  • David Brookshire Hewlett Packard Enterprise
  • Larry Kaplan Hewlett Packard Enterprise
  • Robert W. Wisniewski Hewlett Packard Enterprise

DOI:

https://doi.org/10.1609/aaai.v40i47.41468

Abstract

The proliferation of Model Context Protocol (MCP) servers in enterprise infrastructure management has revolutionized AI-driven automation while introducing critical multi-layered security vulnerabilities that traditional cybersecurity frameworks cannot adequately address. This paper presents a comprehensive intelligent guardrail system that addresses the unique security challenges of MCP-driven infrastructure management through a novel four-layer defense architecture. Our solution employs a dedicated guardian LLM that interprets natural language policies and applies contextual reasoning to complex infrastructure scenarios, providing dynamic policy enforcement that adapts to user roles, operational timing, and system context. Unlike existing rule-based security systems, our approach implements guardrails at four distinct control points: input message filtering, tool selection validation, execution-time verification, and post-action auditing. The system addresses critical gaps in existing security solutions by providing infrastructure-specific threat modeling, real-time policy adaptation, and comprehensive audit trails with explainable decision-making through confidence scores and detailed reasoning. Our evaluation demonstrates the system's effectiveness in preventing command injection, privilege escalation, and tool poisoning attacks across various enterprise infrastructure scenarios while maintaining operational agility essential for modern data center management.
AAAI-26 / IAAI-26 / EAAI-26 Proceedings Cover

Downloads

Published

2026-03-14

How to Cite

Kumar, T., Tripathy, A., Saranathan, G., Foltin, M., Bhattacharya, S., Hinchley, S., … Wisniewski, R. W. (2026). InfrastructureSentinel: Policy Enforced Guardrails for Secure MCP-driven Infrastructure Agents. Proceedings of the AAAI Conference on Artificial Intelligence, 40(47), 40295–40301. https://doi.org/10.1609/aaai.v40i47.41468

Issue

Vol. 40 No. 47: AAAI-26 New Faculty Highlights, Journal Track, IAAI-26 and EAAI-26 Main Track

Section

IAAI Technical Track on Emerging Applications of AI