Beyond Fear: Thinking sensibly about security in an uncertain world

May. 25th, 2005 09:11 am
purpletigron: In profile: Pearl Mackie as Bill Potts from Dr Who (sam_sg1)
[personal profile] purpletigron
National ID card systems are very complex - compulsory schemes exist in about 100 countries. Four major components are required:
  1. A physical card with personal information, and anti-counterfeiting measures
  2. A database of card numbers and identities, accessible to authorized persons
  3. A system to check cards against the database, such as wireless terminals
  4. Registration procedures to verify applicant identities
We need to ask five questions about any proposed 'security' measure, such as a national ID card scheme:
  1. What assets are we trying to protect?
  2. What are the risks to those assets?
  3. How well does our proposal mitigate those risks?
  4. What security problems does our proposal cause?
  5. What trade-offs would our proposal require?
Schneier's analysis:
  1. Assets? We are trying to 'prevent crime and terrorism', so there's no specific answer.
  2. Risks? All kinds of crime and terror
  3. Mitigation? The Sept 11 terrorists all showed ID - real and forged - before boarding their planes. ID cards have many failure modes: no ID card has been created which can't be counterfeited; security personal are human, so will make mistakes; there will always be innocent people without cards, making it impossible for ID to be always compulsory. The weakest point in the system will be the database: it will always contain some outdated or erroneous entries; it's impossible to have a perfect 'database of bad guys'; registration and verification can fail; biometric information can be added to counterfeit cards.
  4. Problems? Blind trust in the system; enables identity theft and makes it more damaging; all Government databases are subject to misuse e.g. police officers illegally checking the criminal records of their neighbours; communications between user terminal and central database can be intercepted.
  5. Trade-offs Combined cost of cards, databasing, registration, maintainance and terminal installations will be billions of pounds; Social costs are higher - national ID systems routinely abused; Not an effective way to spend money

    6. Updated: Problems and trade-offs - more details.

    Summary: There are no specific risks which ID cards can effectively mitigate, and they create many new, serious risks. A national ID card and database system is extremely costly both financially, and in civil liberties terms.
  • Current Mood: working
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2005-05-25 09:28 am (UTC)
mylescorcoran: (Default)
From: [personal profile] mylescorcoran
Go Bruce! I listened to this interview with Schneier and found him insightful and full of good sense.

http://www.itconversations.com/shows/detail119.html

Date: 2005-05-25 10:17 am (UTC)
From: [identity profile] vgnwtch.livejournal.com
And is there any way to effectively secure a system that must be accessed from so many points (police stations, airports, government buildings, etc.)?

Date: 2005-05-25 02:00 pm (UTC)
From: [identity profile] vgnwtch.livejournal.com
The BBC website is currently debating this in its 'Have Your Say' pages: http://news.bbc.co.uk/2/hi/talking_point/4578223.stm
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

purpletigron: In profile: Pearl Mackie as Bill Potts from Dr Who (Default)
purpletigron

April 2017

S M T W T F S
      1
2345678
9 10 1112131415
1617181920 2122
23242526272829
30      

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Dec. 25th, 2025 04:14 am
Powered by Dreamwidth Studios