The Agent’s Identity Must Be Separate from the User

Agents acting as the user erase attribution and make revocation, limits and investigation harder.

The answer

Delegated automation often borrows the human’s token. Logs show the user even when the agent selected the action. Issue distinct agent identities with narrower scopes and explicit sponsorship.

Delegated automation often borrows the human’s token.

Where this breaks

Logs show the user even when the agent selected the action.

The operating move

Issue distinct agent identities with narrower scopes and explicit sponsorship.

Value object — The operational card

- Agent identity

- Human sponsor

- Permitted tools

- Expiry

The test

Revoke the agent without disrupting the user. If impossible, their authorities were never separated.

Sources

  1. NIST: AI Risk Management Framework — Generative AI ProfileNIST: AI Risk Management Framework

    Primary authority

  2. Swiss FDPIC: AI and data protectionSwiss FDPIC: AI and data protection

    Primary authority

  3. NIST SP 800-207: Zero Trust ArchitectureNIST SP 800-207: Zero Trust Architecture

    Primary authority

Adam J. De CollibusFounding Partner, Svperior / Systems Engineering

Jonathan P. De Collibus

Jonathan co-founded Svperior in 2014 and leads its cyber practice. His work sits where adversarial pressure, technical architecture, and consequential decisions meet, with experience across clinical, financial, public-sector, and private-client systems where confidentiality, continuity, and technical correctness carry material consequences.

Cyber strategy / Adversarial assessment / Security architecture / Private systems

Need to apply this to a specific situation?

Send us the initial context. If the matter fits, we will respond directly.

Send private inquiry
The Agent’s Identity Must Be Separate from the User \