Gather Tags: Innovation, Computer Security, Internet, Blog, Privacy, Digital, Aura
How to identify ourselves in the very near future...
Something that I have been thinking about and talking recently has been the concept of a "Digital Aura". I think this is a new concept for those in the security, identity management and authentication space. We have long had problems in identifying ourselves, whether it was with physically identifying someone to complex B2B & C2B interactions we have today.
Before I get to the Digital Aura concept, there is a little background needed here.
I have always been a proponent of the bastion host & transaction tracking philosophy. For those that don't know what that is, think of how you would buy something in a foreign country, and have it shipped here. A good example would be buying computers from Asia. If you were to buy a shipment of computers, it would be foolish to pay for the whole shipment up front. If you did that your shipment would most likely be hijacked, causing you to be out of your shipment, and your money as well. With these types of longitudinal transactions, payments are made to the seller by you at certain milestones as your shipment traverses the globe on your way to you. To do this, it is imperative that the locations, shipment, vehicle, account, receivers are all highly identified and can be verified. This paradigm exists for our current B2B and C2B transactions we have. The simplest example is a credit card transaction made at a store - for instance - at your local Apple Store. Since you get the product in your hand, you then hand over your credit card to the Apple Store employee, who then (as you watch your card) swipes it with their hand-held machine, and e-mails you the receipt. At all times during that transaction the shipment, location, receivers, vehicle, account, etc. are validated. I think you can see that a credit card transaction done over the Internet have similar challenges.
Bastion This!
A bastion host is also another component. It is a component of validation that is needed to make this all work. If your computer system (or "location") cannot be validated, how can any transaction be 100% guaranteed? The IP address of your PC (or most likely your home or business router) will be required to ensure the transtaction has integrity. Many sites now track the IP address with the transaction for future reference, in case there may be fraud. It is critical then for people to safeguard their digital identity, by simply ensuring they have their own computer or for lack of a better term "IP". To ensure your computer works well on the Internet, it cannot be hidden, or translated well behind firewalls to protect its identity. It needs to become a bastion host, where it is open and available for inspection which would speed the validation / identification process. Although your system would be open to hacking attacks, software does exist to make bastion hosts reliable and feature rich, and in my opinion, something that would help reduce hacking. If everyone was identifiable on the Internet - how could anyone reliably hack? Think of this concept like having a car with a license plate, as it travels the road, it's identity can be determined, and who owns it. There are very few cars out there on the road without a license plate. Unfortunately, on the Internet - there are no license plates except for a few bastion hosts.
How is this going to be part of a Digital Aura? I can now explain in some detail how this system would work for us.
A Digital Aura is something that (like a personal aura - an electrical energy field) is specific to each one of us. There are components to the aura that make us who we are. Extrapolating this to the digital world is easy. I carry a Blackberry (blue tooth), a Motorola H12 blue tooth headset and an iPhone (also blue tooth). I also can remember a PIN. In addition to this, I have the IP address of my computer, and it may also be blue tooth as well (for instance - most laptops are all blue tooth). It would seem like the technology is already here for us to begin setting up a Digital Aura. The signals all provided by my headset, Blackberry, iPhone and my MacBookPro are blue tooth, and eminate around me for up to 20 feet (or more). Blue tooth detection would be available on the computing devices (i.e. Blackberry, iPhone and the MacBookPro). If I entered transactions onto my computer - validation via a 3rd party software for the blue tooth devices I am carrying, along with a simple PIN (like a credit card PIN) would validate me as me on the Internet. It would be extremely difficult to duplicate that Aura at any other location, as the signal strength can also place a role in authentication.
We can also take this system further for tagging of important digital information that only the intended receiver should receive. If I tag the information with a PGP type process using the Digital Aura, my intended recipient would just have to enter the PIN I communicate publicly with into the message or webpage to unlock the content. It could even go as far as "... I would like all iPhone users with H12 headsets to be able to read my content.". It is a scalable design and system that would make people be more secure, and to then have control over their Digital Persona (another idea - more on that later).
... wait! A digital persona? I can't wait for that!
Having this Digital Aura now makes validation and tracking very easy in the virtual world of the Internet. It would also speed the processing of locational and contextual information (for instance, walking next to a digital sign - it posts information that the top 10 people next to it prefer) in the real world. It protects the individual - using current technologies. It is also very scalable, as phone networks and the Internet have been in the past.
I look forward to people's comments and ideas!
http://www.mymryk.com
http://www.linkedin.com/in/johnmymryk
http://hkvp.yelp.com
http://jmymryk.blogspot.com
