Interesting People mailing list archives
What price security?
From: Dave Farber <dave () farber net>
Date: Wed, 07 May 2003 09:02:07 -0400
------ Forwarded Message From: Peter Bachman <peterb () cequs com> Organization: Cequs Inc. Date: Wed, 07 May 2003 08:51:27 -0400 To: dave () farber net Subject: What price security? Dave, As part of the Clinger-Cohen act the public has not only a right, but a definite function in helping design and validate the Federal computer architecture. Citizen involvement is key to helping balance vendor bias, and there are multiple fora to do so. I would suggest starting at the OMB web site or http://www.feapmo.gov to begin to understand the entire Federal enterprise business architecture and the migration to e-government. There has been a traditional concern over the duplication and waste in maintaining multiple versions of systems within agencies that contain the same information. These are called "silos" of information because they only communicate within that silo and not to other systems. Without a consistent and common interface, agencies and companies create their own version of "you", each time you need to interact with a specific data system. This makes about as much sense as using different network protocols, since in essence you are networking your self into various systems. With an enterprise approach, there is simply one "you" that exists in all the different systems. The form that "you" take can exist in multiple formats as long as they remain unique. Since names are primarily local inventions, there has to be a way to sort out naming conflicts, and false identity. Does every system need your identity? Of course not...in those instances we can authenticate with sophisticated encrypted tokens or assertions that assert that we are entitled to access a specific service or resource. So in many systems, we want to remove the mindless gathering of personal information for common services and use something more secure. Thus you should insist on restricting the use of your social security number. Mark Forman, (who heads up the White House efforts on reforming overall Federal computer architecture and accountability with OMB) recently noted at the Secure E-Biz conference, the "government needs people who can not only understand the related effects of networks, and security, but also have the background of political and organizational theory". The problems are indeed complex, and do not admit to simplistic solutions, but here in the U.S. there is a significant, and deep dialogue as to how to move forward. The stereotype of software vendors toadying up to clueless federal bureaucrats may be appealing, but it's false. Both government and business, and end users want a consistent approach to this problem of authentication. It has to be secure, and risks need to be mitigated. Federal CIOs are applying the same methods which work within large scale multi-national enterprises, and participating in the same standards processes which everyone else is doing. The costs of duplication within multiple systems is simply too great to bear at this point, both within government, and within business. Also the success of TCP/IP indicates that efforts that are "farther up the protocol stack" may also be subject to increased optimization and standardization, as evidenced by the continued success of directory technologies in enterprise integration. The same approach that made TCP/IP a commodity, will also be applied to networked identity with equal success. There's little to encourage each agency to maintain a slightly different database format for people, but many reasons to construct logical firewalls so that types of information remain restricted to protect people's privacy. At the same time there are many different innovative approaches to publishing your digital persona into various computer systems, and thus authenticating yourself to use various services, such as crossing borders, paying taxes, etc. It's fairly important that we improve and reform current systems since the costs associated with identity theft are significant, and increasing. Whether the integration of this personal data is itself a greater risk, or the lack of integration of this data is a risk, will be significantly impacted on the ability to enforce the application of security to the data being shared, and constraints on how it it used, and by whom. For an intro into the difficulties in the problem, one can also look at Michael Froomkin's introductory look at the problem of national id. In many ways the spectre of national id, has obscured the equal, but less visible danger from virtual or default id. http://www.law.miami.edu/~froomkin/welcome.html Within the U.S. our national identity is an experiment that dates back to Franklin's time. How we choose to move forward with that experiment is within the hands of each subsequent generation, to re-invent it in each new context. Even in the context of national security, the most powerful element is that of citizens themselves who can spontaneously organize themselves to meet the situation at hand. Institutional responses are not always as flexible against threats that are dynamic, but with large scale systems, (such as millions of people travelling), one has to fairly question how one would deal with the problem space without resorting to common standards. Peter Bachman peterb () cequs com ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- What price security? Dave Farber (May 05)
- <Possible follow-ups>
- What price security? Dave Farber (May 07)