Monday, July 19, 2004, 1:43 AM

Evolution to Self-Secured Nodes

The reason why firewalls exist is because of an oversight in the design of the first generation of networked computers. We just did not expect computers would be connected to so many other computers and did not design them with sufficient security. As network access devices (PCs, laptops, PDAs, phones, etc.) get more mobile, the traditional way of securing them -- by putting them in a "secure" environment -- becomes unworkable.

As the future unfolds, network access devices will have to be built with protective shields (e.g. firewalls). All network access devices will have to become self-secured nodes.

The implication of this evolution is that access control will move from location to identity, from where to who. Strong digital identity becomes important for this to work.

Update (March 11, 2005):
It occurred to me that a simple way for an enterprise to transition to self-secured nodes is just to make sure all PCs have local firewalls turned on (running antivirus, antispam), and that the VPN is permenantly on. This "always-on" VPN approach allows enterprises to avoid worrying about mode-of-access (LAN, WAN, 802.11, Bluetooth, dial-ups, Internet) -- which is a huge problem today.

Resources (March 21, 2005):
The evolution has started. Joanne Cummings describes how it's happening with enterprise apps in Locking down apps (

Wednesday, July 07, 2004, 9:20 AM

Shekhar Jha's Intro to IAM

Noted. For those of you who want a more roll-up-your-sleeves introduction to identity and access management (IAM), Shekhar Jha has written a few articles that might help:

o Identity and Access Management - Part I Introduction
o Identity and Access Management - Part II - Identity Management
o Identity and Access Management - Part III Access Management