Perimeter Defenses


Peter Coffee wrote an article referencing my book, Digital Identity.

It's hard to admit that you've been doing things wrong, especially when you've gotten really good at it. When a company--or even an entire industry--gets built on the foundation of a fatally flawed idea, something really big and obvious may need to happen before people are willing to move together toward a different approach.

I found an excellent example of this behavior in Phillip Windley's newly published book, "Digital Identity," from O'Reilly Media. Most good computer security metaphors have been overused to the point of dreary familiarity, but Windley critiques the current computer security paradigm with a comparison I haven't seen before--and one that I hope will prove persuasive in changing the terms of debate.
From Don't Wait for the Walls to Fall
Referenced Tue Oct 11 2005 13:13:03 GMT-0600 (MDT)

Peter goes on to discuss the difference between perimeter security based on keeping the bad guys out and identity-based security. My message boils down to a recognition that new business requirements (like working with customers using Web services) are knocking holes in our perimeter defenses and we need a new way to think about security.