Information banking
Feb. 9th, 2007 05:23 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
dickensListening to MPR this afternoon I heard
http://www.npr.org/templates/story/story.php?storyId=7320258 "Your life preserved in a chip in your heel."
He talks about how much one can lose if you lose a laptop (heck, if a government agency loses a laptop) the "modern Achilles' heel".
It reminded me of a bit of economics/history. People used to carry around all they owned. Rulers traveled with huge retinues of guards and all their treasure because they could not trust it to be secure if it was not with them. A single well-planned attack could cripple you financially. Later they built fortresses to secure treasure, but then how do you spend it?
The advent of banking, depositing money securely and drawing it out at will, changed civilizations greatly because it allowed you to stop worrying about all your stuff.
So back to laptops. The analogy isn't perfect, data can be backed up, encrypted, or otherwise protected... But a lot of people still 'carry their treasure with them'.
What would an information bank look like? An info ATM?
http://www.npr.org/templates/story/story.php?storyId=7320258 "Your life preserved in a chip in your heel."
He talks about how much one can lose if you lose a laptop (heck, if a government agency loses a laptop) the "modern Achilles' heel".
It reminded me of a bit of economics/history. People used to carry around all they owned. Rulers traveled with huge retinues of guards and all their treasure because they could not trust it to be secure if it was not with them. A single well-planned attack could cripple you financially. Later they built fortresses to secure treasure, but then how do you spend it?
The advent of banking, depositing money securely and drawing it out at will, changed civilizations greatly because it allowed you to stop worrying about all your stuff.
So back to laptops. The analogy isn't perfect, data can be backed up, encrypted, or otherwise protected... But a lot of people still 'carry their treasure with them'.
What would an information bank look like? An info ATM?
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2007-02-09 11:44 pm (UTC)"identity management" is a big thing in the IT industry at the moment. Getting multiple identity consumers to use a common source is a very complex task. We need standards here. Those are not likely to be developed soon, or simply. The company that managed to patent the technology that ends up being the defacto transaction standard for identity exchanges will have a license to tax every single identity transaction in the world. How it is done right now shows how the 'single source' idea is greatly flawed.
Right now enterprise identity consumers are legion. Email. Login systems (many login system). Company directory. Regulatory filing. Customer databases. Supplier databases. Insurance and benefit records. Every single one has different requirements for the identity information it uses, and in most cases each stores its own copy. Identity Management software these days is the glue that propegates identity information between 'authoritative' sources and consumers. Translation tables and routines convert formats to be palatable by each consumer. Fields are concatenated and broken apart according to the needs of the consumer. What ends up happening is that things like FIRSTNAME and LASTNAME are held in umpteen different copies, and automation is responsible to propegating changes.
In order for Information Banking to work, identity consumers need to be redesigned to use pluggable identity sources. Many systems these days will use LDAP as an identity source... given that the LDAP directory is configured right; a step in the right direction but we're not there yet. Identity consumers ask for identity information from sources, and sources provide it with an access control list. Consumers may not store the data, but may use the data; a distinction that will be hard to enforce. Down-chain consumers will have to query the identity source to validate the information provided by up-chain consumers. All of this assumes ubiquitous connectivity, a PKI system that actually works, robust standards widely adopted by industry, and big bats for those who fail to comply.
I'm wrong. We're closer to 15-20 years away from a robust system like that.
no subject
Date: 2007-02-10 12:02 am (UTC)I think it's because of the lack of a transparent, high-performance, and ubiquitous infrastructure for accessing those services.
Storing all your email on an IMAP server or webmail account works great--- until you step on a plane. Running queries across an SQL database in the data center is painless from the home office but not from Pnom Phen. And so on. Until network resources are transparently accessible, people will continue to create ad hoc local caches (or maybe have smart software do it for them)---- and we end up with data sitting where it shouldn't.
no subject
Date: 2007-02-10 05:20 am (UTC)Despite all the very thoughtful things you said, it's late enough that my only mental image is of a small rodent preparing for winter.
no subject
Date: 2007-02-10 05:32 am (UTC)Or like a balloon... and something bad happens!