Thinking About Identity, Security & The Human Factor

November 27 2006 by The Systemic Analyst.

Based on a presentation made at the annual CACR Conference and published as is here originally in The Walsingham Papers by The Walsingham Institute.

The entire world around is essentially a matter of how we view it. Our perspective is only a series of lenses – the filters of education, of culture, of religion, of sex, of language – that all color our outlook of the outside world and our reality.

These same lenses and perspectives color not just our view of the world but also of ourselves – and in essence our identity. If identity is so vulnerable to circumstances – is it really a viable base for security measures?Let’s take the concept of identity - Identity is itself a very fluid concept. We create it and feed it by our affirmations and the reflections of other people.

When existence was only about survival – getting though the day with enough food, water, finding shelter, identity was most likely not paramount. Even in Elizabethan times children were dressed the same until at least the age of 5 when they had survived the most precarious period of infancy in order to minamalize the sense of loss of an individual – they were in essence merely a child or being, and not yet a person.

The more leisure time was gained and movement away from subsistence living, identity became a much larger issue. Indeed – with increased travel after the industrial revolution– people started to pick up and migrate. Our communities began to form, reform and fragment. We live in a transient world. This not necessarily negative but it does mean we have altered the notion of how we construct our identity. This feeds our need to identify people – that urge to pinpoint people, to label and identify and categorize.

Before this – when minimal travel had occurred – it was sufficient to identify individuals based on what someone else we knew could verify about the person in question.But what is identity now? Identity is really only a set of attributes – our hair color, eye color, height, profession, ethnicity, mother tongue, gender, education etc. – they are a set of constructs and lenses. And easily fabricated – anyone can invent a good degree of these attributes to generate a persona or identity. We can even go so far as to alter physical attributes with plastic surgery – making identity not an entirely permanent standard for authentication.

We also make the mistake of presuming that our western lenses are the same as other cultures - we think Africa views identity as we do – we think that Asia views identity as we do. We are under the illusion that all other societies view identity as being on par with our interpretation of identity. An interesting example can be found in Nigeria. Facial scarring became a prevalent way to identify a member of a particular tribe or community. The purpose of the facial disfigurement was to offer a tangible way to prove where someone came from in the event of death in battle or if someone was taken as a slave.And with our 20th century and beyond lenses we turn to identity, this fragile concept, as some sort of tangible method to build security systems and initiatives around.

Sometimes, this isn’t necessarily a bad way to go about things. Indeed, identity management systems in a corporate environment are a helpful tool in increasing security. They allow firms and organizations to track who has access to what information and resources at what time – in this example the individuals in question are already somewhat identifiable and tangible, or at least we hope so if they were working for a company.

But we tend to believe that in tying security to something what we consider to be so personal or private – such as identity – that we can keep people safe from what they really fear – themselves and each other. After all, identity management systems have only been created to do just that – not to protect us from outside intruders, but other humans.

That’s just the problem – we want so badly to rely on technology to answer our problems. If technology could just take the burden off of us – then we would no longer have to assess whether a person really was of the character they claim to be.

The real issue we face is ourselves – it’s our nature. And all of the best technological security systems will continue to prove it as humans (and likewise government and corporate systems) fall victim to human nature. The best attacks and scams have prayed on greed, laziness – endemics of our species, regardless of lenses.

Until we begin to address the root issues – the causes that have led to the increase in crime and terror or the reasons why humans are so susceptible to resorting to such acts – and begin to develop tangible measures to change humankind’s current course no amount of technology should be expected to save us. Indeed, we might first consider changing our perspective to see technology as a tool to protect us from ourselves.

Clearly we need to think in depth about the measures we often come to rely upon – and ultimately are disappointed by when they fail. It is paramount that we consider measures from many different perspectives – understanding as much as possible the lenses that we looked through when conceiving every measure we consider implementing to protect our society, understanding at every point the human element that touches everything we create and embark upon.

Posted in Identity Management | No Comments »