Proof-of-Concept Conducted on Access Control for AI Agents Using Verifiable Credentials
Campus Create Co., Ltd. conducted a proof-of-concept on access control for AI agents using Verifiable Credentials (VC), leveraging "VESS AIdentity," an AI agent access management system developed by VESS Labs Co., Ltd. This initiative, part of promoting the social implementation and widespread adoption of VCs in collaboration with VESS Labs, aims to materialize a killer use case of "VC x AI Agents" within the "Innovative Digital Technology Utilization Ecosystem" concept. The demonstration technically validated measures for AI operations managers to safely and securely utilize AI agents.
📋 Article Processing Timeline
- 📰 Published: May 9, 2026 at 00:53
- 🔍 Collected: May 8, 2026 at 16:32
- 🤖 AI Analyzed: May 8, 2026 at 16:47 (15 min after Collected)
Campus Create Co., Ltd. (Chofu, Tokyo) has conducted a proof-of-concept on access control for AI agents using Verifiable Credentials (VC), leveraging "VESS AIdentity," an access management system for AI agents being developed by VESS Labs Co., Ltd. In collaboration with VESS Labs, our company is promoting the social implementation and widespread adoption of VCs, and this demonstration is part of an effort to materialize a killer use case of "VC x AI Agents" within the "Innovative Digital Technology Utilization Ecosystem" concept. Through this demonstration, we confirmed the technical basis for measures enabling corporate AI operations managers to safely and securely utilize AI agents.
Reference: Press release regarding trademark application for "Innovative Digital Technology Utilization Ecosystem"
https://prtimes.jp/main/html/rd/p/000000395.000031052.html
■ Background
Enterprise adoption of generative AI and AI agents is rapidly progressing. However, as AI agents increasingly access corporate chat tools, email, file storage, and various SaaS, operating autonomously, new risks are emerging that cannot be handled by traditional ID and authorization models designed for humans. These include leakage of API keys and access tokens given to AI, AI hijacking through external prompt injection, and AI unintentionally deleting important files or making unnecessary purchases.
This presents a concrete barrier for companies attempting to integrate generative AI into their operations, making it difficult to fully trust AI agents with tasks. A structural gap is emerging between the speed of advanced AI technology evolution and the control and governance required by organizations and society on the ground.
As a wide-area TLO, our company's core mission is to bridge the gap between societal challenges and technology utilization in such advanced technology domains, and AI agent access management is positioned as a critical theme to which this methodology should be applied.
■ Overview of the Demonstration Experiment
Our company demonstrated access control for AI agents via Verifiable Credentials using "VESS AIdentity," developed by VESS Labs Co., Ltd., within our own operational environment.
VESS AIdentity employs a gateway-type architecture that issues and verifies authorization proofs indicating "what, to what extent, and for how long" an AI agent is permitted to execute, without directly providing authentication information to the AI agent itself.
The demonstration was conducted in the following steps:
Pre-setting Permissions: Permissions for operations executable by the AI agent were configured by connecting to Slack via the VESS AIdentity management screen. Specifically, multiple permission levels were defined for tasks on a specific channel, such as "permissions allowing the AI agent to execute freely" and "permissions allowing execution only under the condition of a human confirmation flow."
Connecting with AI Agent: Claude and Slack were connected via the Claude management screen, and VESS AIdentity was integrated as Claude's MCP (Model Context Protocol) server.
Task Request: A task to perform specific processing on a Slack channel was requested from the AI agent via the Claude management screen. This task was pre-set with "permissions allowing execution only under the condition of a human confirmation flow."
Intervention of Approval Flow: A notification appeared on the Claude management screen indicating that human confirmation was required via the VESS AIdentity management screen. An approval operation was performed on the VESS AIdentity management screen.
Execution within Permissions: The approved AI agent executed the task on the Slack channel.
This confirmed that a series of flows could be established where AI agents perform only necessary operations under human supervision, without directly possessing authentication information.
■ Significance of this Demonstration
AI agent access management is an extremely crucial element in organizational AI governance. The access control mechanism confirmed in this demonstration can technically and forcibly prevent actions not expected by humans, such as an AI agent deleting important files, running web advertisements without a spending limit, or making unnecessary purchases from an e-commerce site. It also contributes to reducing risks such as AI agent impersonation and hacking, which have become growing concerns in recent years. This allows corporate AI operations managers to consider safely and securely utilizing AI agents.
Reference: Press release regarding trademark application for "Innovative Digital Technology Utilization Ecosystem"
https://prtimes.jp/main/html/rd/p/000000395.000031052.html
■ Background
Enterprise adoption of generative AI and AI agents is rapidly progressing. However, as AI agents increasingly access corporate chat tools, email, file storage, and various SaaS, operating autonomously, new risks are emerging that cannot be handled by traditional ID and authorization models designed for humans. These include leakage of API keys and access tokens given to AI, AI hijacking through external prompt injection, and AI unintentionally deleting important files or making unnecessary purchases.
This presents a concrete barrier for companies attempting to integrate generative AI into their operations, making it difficult to fully trust AI agents with tasks. A structural gap is emerging between the speed of advanced AI technology evolution and the control and governance required by organizations and society on the ground.
As a wide-area TLO, our company's core mission is to bridge the gap between societal challenges and technology utilization in such advanced technology domains, and AI agent access management is positioned as a critical theme to which this methodology should be applied.
■ Overview of the Demonstration Experiment
Our company demonstrated access control for AI agents via Verifiable Credentials using "VESS AIdentity," developed by VESS Labs Co., Ltd., within our own operational environment.
VESS AIdentity employs a gateway-type architecture that issues and verifies authorization proofs indicating "what, to what extent, and for how long" an AI agent is permitted to execute, without directly providing authentication information to the AI agent itself.
The demonstration was conducted in the following steps:
Pre-setting Permissions: Permissions for operations executable by the AI agent were configured by connecting to Slack via the VESS AIdentity management screen. Specifically, multiple permission levels were defined for tasks on a specific channel, such as "permissions allowing the AI agent to execute freely" and "permissions allowing execution only under the condition of a human confirmation flow."
Connecting with AI Agent: Claude and Slack were connected via the Claude management screen, and VESS AIdentity was integrated as Claude's MCP (Model Context Protocol) server.
Task Request: A task to perform specific processing on a Slack channel was requested from the AI agent via the Claude management screen. This task was pre-set with "permissions allowing execution only under the condition of a human confirmation flow."
Intervention of Approval Flow: A notification appeared on the Claude management screen indicating that human confirmation was required via the VESS AIdentity management screen. An approval operation was performed on the VESS AIdentity management screen.
Execution within Permissions: The approved AI agent executed the task on the Slack channel.
This confirmed that a series of flows could be established where AI agents perform only necessary operations under human supervision, without directly possessing authentication information.
■ Significance of this Demonstration
AI agent access management is an extremely crucial element in organizational AI governance. The access control mechanism confirmed in this demonstration can technically and forcibly prevent actions not expected by humans, such as an AI agent deleting important files, running web advertisements without a spending limit, or making unnecessary purchases from an e-commerce site. It also contributes to reducing risks such as AI agent impersonation and hacking, which have become growing concerns in recent years. This allows corporate AI operations managers to consider safely and securely utilizing AI agents.