A Data ID

It sounds good. A universal ID that can be used for your identifiable data, in case you happen to lose your paperwork. Paperwork? When will that term become lost to history? These days, less and less of anything is available as a physical media, and if it is, it’s often because someone generates a copy from a printer. How secure or valid is that? After all, with Photoshop and other tools, we can reproduce almost anything that’s indistinguishable from the original.

The UN wants a universal ID for humanitarian reasons. In case you can’t get your personal documents because you’re a refugees. They’re lost, they’re stolen, or just still in the desk drawer because you had to flee your residence. Digital representations of these papers might be the only way for many people to prove anything about their lives. Certainly a concern in today’s world.

As we should know by now, anything that can be built in the digital world can be stolen. In fact, I’m fairly convinced that the vast majority of people that come up with good ideas don’t know how to evaluate them in terms of the horrible ways that others will abuse the system. Creators are optimistic and look to solve problems. They’re not nearly devious enough to think of the various permutations that a hacker mind might envision.

A universal way to track and verify identity information would be great. I already worry about losing track of digital assets, and some way to query a number of systems to verify I own them would be great. However, the security aspects worry me. Even having governments or the UN provide digital lockers that entail backups of records is problematic. Any centralized system can be abused, and certainly this data would be abused. Or leaked. We see data breaches from government all the time. Can you imagine losing control of passport verification at a large scale?

Each individual needs to come up with their own backup of precious documents, in a way that ensures they are encrypted and protected. However, we do need ways to authenticate and verify these digital assets. Maybe free signing certificates should be used when assets are provided to individuals, with public keys being disclosed by the government and escrowed by the UN, or maybe every other government. We ought to be able to verify a digital document in an open, transparent way, while leaving the storage to the individual. That would allow us to develop ways to protect our own assets, but ensure multiple entities can verify authenticity.

Steve Jones

The Voice of the DBA Podcast

Listen to the MP3 Audio ( 3.7MB) podcast or subscribe to the feed at iTunes and Libsyn.

About way0utwest

Editor, SQLServerCentral
This entry was posted in Editorial and tagged , . Bookmark the permalink.