The Centrality of Identity
If we only run programs from entities we trust, then we won't have viruses. If we know exactly who is sending us every email, we won't have spam. If we know exactly who it is who's coming into our digital systems, we won't have as many breaches. If we have better control over the identities in our enterprises, integration of applications could be done a lot faster and cheaper. Buggy software is just about the only security problem that cannot be addressed with the help of strong digital identity.
Phil Becker writes most eloquently on this topic in Digital ID World. One of his predictions for 2005 is that "there will be almost no security problem left that isn't seen as really being an identity problem". Here are a few of his articles making the case:
Update (February 9, 2005):
o Predictions for Digital Identity in 2005 (January 6, 2005)
o Based on Ilya's comments, I'll change my claim: The root causes of vulnerability are usually in one of these three categories:
(a) bad security (buggy systems design; weak identity systems),
(b) bad software (buggy systems implementation), and,
(c) bad people (untrained or untrustable insiders).