Published February 24, 2026 | Version v1
Technical note Open

Project Navi LLC Response to "Accelerating the Adoption of Software and AI Agent Identity and Authorization"

Authors/Creators

  • 1. Project Navi LLC

Contributors

Research group:

Description

This document is Project Navi LLC’s response to the NIST National Cybersecurity Center of Excellence (NCCoE) concept paper “Accelerating the Adoption of Software and AI Agent Identity and Authorization” (February 2026). The response focuses on Sections 4 (Authorization), 5 (Auditing and Non-Repudiation), and 6 (Prompt Injection Prevention and Mitigation) for autonomous software-development agents. It proposes the IronClaw architecture: a three-container trust model (untrusted agent, hardened broker, privileged runner), a capability-lease data model, and an informed consent flow for human-in-the-loop authorization. The design is intended to align with OAuth 2.0/2.1, NIST SP 800-207 Zero Trust Architecture, and the Model Context Protocol (MCP), and is based on implementation experience within the navi-os platform.

Files

ProjectNavi-NCCoE-AgentIdentity-Response-2026.pdf

Files (313.4 kB)

Name Size Download all
md5:53c32f3ea709806fa72b93ee753e908d
313.4 kB Preview Download

Additional details

Identifiers

Other
NCCoE concept paper: Accelerating the Adoption of Software and AI Agent Identity and Authorization

Related works

Is referenced by
Technical note: 10.5281/zenodo.18341455 (DOI)
Is supplement to
Report: https://www.nccoe.nist.gov/sites/default/files/2026-02/accelerating-the-adoption-of-software-and-ai-agent-identity-and-authorization-concept-paper.pdf (URL)

References

  • NIST NCCoE, "Accelerating the Adoption of Software and AI Agent Identity and Authorization," February 2026.
  • NIST Special Publication 800-207, "Zero Trust Architecture."
  • NISTIR 8587, "A Framework for Trustworthy and Responsible AI."
  • NCCoE project portfolio, January 2026.