2007-13--04 Security Link Of The Day
By alecm on Apr 12, 2007
The issue of identity has been bothering me for a while. While identity can clearly be applied to human consumers of services - and expressed as a subset of information held about them in various places - I've started wondering how the concept of identity could be used for various other entities, and indeed how the properties of identity as applied to humans could potentially be mapped onto them.
Hence the table below, which is my rather crude first shot at this mapping for files, running processes, OS instances, zones, hardware domains and services. Cells with question marks in them are areas where I currently don't see a mapping - this could mean that a mapping is not appropriate, or that an appropriate technology does not exist today, and could point the way for a bit of fundamental research.
I suspect I'm heading down a path which has been well-trodden already, but you might find some parts of this amusing. I'd be happy to bounce ideas around, or become clueful on what current thinking in this area actually is.
I'm hoping to get Dave blogging here more directly, soon, so keep an eye open.
Treating processes (ie: computer programs, live and running on a CPU) as if they were people, is not necessarily as easy as you might think - but then given how easily some people can be socially engineered maybe it's not so bad an analogy after all.