Responding to my comments on Patrick Keefe's Village Voice “Darknet” piece, Todd Dailey writes:
“If your point is that better identity management would prevent phishing and other end-user identity theft attacks, I agree. However most of the techniques described in the article point to the need for better security, such as firewalls, virus protection, and software updates, not the need for better identity management. The only way identity management would solve this problem is if you had to identify yourself in some secure way before you were able to use the internet, perhaps a global 802.1x network. I think that's still a little way off. ”
I had said that Keefe's contention that the machines of unsuspecting consumers are being hijacked by sinister forces:
“… speaks directly to the urgency of the need for an identity system for the Internet: an identity system that people fully understand and are willing to buy into because it is designed in accordance with the laws of identity.”
Now I agree that fixing these problems requires better “firewalls, virus protection and software updates”. But what software is safe, and what isn't? Isn't identity required here – identity mechanisms that are understandable (i.e. in keeping with the sixth law, where the three foot channel between the computer and the individual's brain is a reliable one)? And exactly who should be allowed in through firewalls? So, solving this problem goes beyond ascertaining the identity of the computer user. It involves knowing the identity of organizations, and of the products they produce. It also includes various important intersections.
Multiple Intersecting Identities
As a user, for example, I should be able access my contact list. Since I use Outlook for mail, Outlook should be able to access my contact list when I am using it. But some attachment I download through Outlook shouldn't be able to access it.
There are many identities that need to work together in a harmonious system if we want to nail this scenario – my identity as a user of a computer, Microsoft's identity as a supplier of the software I use, Outlook's identity as a specific Microsoft product, the identity of my Contact List, and that of some policy which hooks them all together. And we need the right ways to “reify” these identities so they are easily understood.
Specific is Good
The idea of having some “secure identity” before gaining access the network won't in itself keep sinister forces at bay (they can be stolen and purchased). The best way to protect a resource is by making it necessary to have not only “some identity”, but a very specific identity. Then the only way for a sinister actor to obtain access to the resource is to procure one of the very specific identities which are able to access the resource. Doing this requires knowing what the specific set of identities is. The combined effect is a very high barrier.
Extrapolating a bit further, we need to get to the point where the only way you can get to resources on internet machines is to have the very specific identities which open those very specific resources. This approach, combined with the security measures you talk about, is the only road to progress on these problems.
What stands in our way?
Outside of the enterprise, current identity systems are too hard to deploy. They are too hard to understand. And too hard to use. The different systems exist in silos, making everything harder still, and the number of silos is likely to increase. Many people feel the only way to get anything done quickly is turn protection off – maybe with the intent of turning it on later… But if you forget, there is no way to know what you've left undone or who can access what.
All of this needs to be fixed. At the center of everything is the construction of a unifying and easily used identity system.