Saturday 04 July 2026 13:47:26 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

KYA (Know Your Agent)

A proposed control approach for verifying an AI agent’s origin, authority, and trust changes over time.

KYA, or Know Your Agent, is a proposed security control for AI systems that act with delegated authority. It asks three basic questions: where did the agent come from, what is it allowed to do, and has its trust level changed since it was approved? In practice, KYA combines identity proofing, authorization limits, and continuous monitoring for autonomous or semi-autonomous agents.

This matters because AI agents can execute code, query tools, move data, and trigger workflows at machine speed. If an attacker hijacks an agent, swaps its model, injects malicious instructions, or expands its permissions, the compromise can spread faster than a human review cycle can detect it. Defenders can apply KYA by issuing agent-specific credentials, enforcing least privilege, logging every action, and revalidating trust after updates, policy changes, or suspicious behavior. In attacks, the weak point is often borrowed trust; in defense, KYA aims to make that trust explicit, limited, and auditable.

← WIKICROOK index