Thursday, April 24, 2008


Spring in Canada is not just about dog feces peeping through the melting snow - another sure sign is when you see your first motorcycle.

Motorcycles and cars differ in the security model they offer their riders - bikes offer increased 'primary security', i.e. the ability to avoid accidents through greater braking, greater manoeuverability, etc; cars offer increased 'secondary security', i.e. the ability of the driver to survive an accident should one occur (through airbags, passenger cage, crumple zones, etc).

Is there an analogy for identity systems, i.e. some identity systems offer increased protection against 'accidents' (through strong crypto, privacy features, etc), whilst others offer increased survivability for such accidents by minimizing the damage that occurs (through support for audit & forensic mechanisms)?

1 comment:

Anonymous said...

A missed opportunity to use the $/hr enhancing phrase "reduced attack surface area."