So Bill Gates has also discovered that Digital Rights Management “is not where it should be” according to reports from a group of influential bloggers he invited to Redmond. ”We don't have the right thing here in terms of simplicity or interoperability” he is quoted as saying. And what should people do who want to transfer songs across systems? “Buy a CD and rip it.”
So much for progress. The whole future of IT Security hinges on our ability to safeguard data at rest and in flight across multiple applications and infrastructures. This does not need rocket science. Just sensible application of well-established security technologies.
But expectations need to be kept in check. After all we still haven’t got fit-for-purpose access control systems. ACLs don’t cut it. And Role-Based Access models are not rich enough to meet the real-world requirements of a normal organization. Nor are they agile enough to keep up with the wholesale restructuring that’s part and parcel of normal modern business life.
Researchers and vendors need to do a lot more to develop more imaginative frameworks and management tools to sort out Identity and Access Control and to get DRM working. That’s why I’m backing the Jericho Forum.