One Leader’s Perspective on Identification and Access Control
One key leader in the field of security expressed his ideals on the direction identification and access control should take in the future and what we as security professional must do to secure individual identity and control access in key infrastructure systems.
In August of 2008 Michael Chertoff, then U.S. Secretary to the Department of Homeland Security, made a speech at the University of Southern California’s National Center for Risk and Economic Analysis of Terrorism Events. In his speech, Chertoff discussed his ideals on the protection of identity. He remarked that the protection of an individual’s identity is critical to national security and the security of financial markets.
“The Core of What We Do”
Chertoff stated, “The entirety of our economic livelihood in the twenty-first century is going to turn in large measure upon our ability to verify identity for those who want to transact business. And, finally, our reputation and our privacy depend on our ability to control our identity. If people can pretend to be us, if they can speak in our name in an unauthorized way, they can do great, perhaps irreversible, damage to our privacy or to our reputation; and this again, from a personal standpoint, suggests that identity is increasingly going to become the asset that we have to be most careful to protect in the twenty-first century where the ability to get information, move it around the world and store it indefinitely creates greater and greater risks to personal reputation and personal privacy.”
The Three Ds
As Chertoff stated in his speech, “The way forward is to work with all of these tools (the 3 Ds) in combination, to combine these together, and I can envision a time in the not-too-distant future where, in order to authenticate yourself – whether it’s for purposes of getting on an airplane, whether it’s for purposes of transacting business at a bank, whether it’s for purposes of gaining entry into a student dormitory – that you will have some kind of device; it may be electronic that will combine two or three of these three Ds, as I call them, to increase the ability to be secure in the knowledge that nobody else can duplicate your ability to identify yourself.”
Not Quite There
As leaders in the security field, it is our duty to take the lead in the development and promotion of the use of the 3-Ds in controlling access and establishing identity. The future of our nation may depend on our ability to develop and implement sound access control and identity systems within our financial and high risk infrastructures. It is time for all of us in the security field to work toward the goal of establishing workable, security identity management systems.