DEV Community

Cover image for Proving You Are You, Again and Again
Shenali Jayakody
Shenali Jayakody

Posted on

Proving You Are You, Again and Again

#programming #identity #futurechallenge #ai

Dynamic Identity, Continuous Trust, and the Future of IAM in a Post-Biological World

“It has been said that something as small as the flutter of a butterfly’s wing can ultimately cause a typhoon halfway around the world.” — The Butterfly Effect

When countless threads are woven together in perfect harmony to form a single piece of fabric, we often overlook the fact that a fabric is nothing more than threads and connections between threads 🧶. Similarly, the creator/event that brought the universe into existence perfectly masked all the complexities and microscopic connections to the point that we don’t even believe the disturbance of air caused by butterfly wings could actually create a tornado. (🦋 after all, butterflies are not that harmless)

One day, if we have to depend on a network of events, incidents, and resources (let’s call this network of trust) to prove our identity instead of a password, a passkey, or a fingerprint, we would have to be very mindful about the subtle connections that make up the network. Otherwise, a nano-scale interference to the network of trust (done by a hacker) could mess up a series of undetectable nano-scale connections one by one over the course of 5 years, and finally, during a thunderstorm, you’d get locked out of your own smart home 💥. The “smart” home does not believe your identity and thinks that you are actually not the person you claim to be.

But why would we need a network of trust 🤔💭

Network of Trust

💡We need a network of trust when a single event/resource of trust is not enough. A single source of trust becomes inadequate when evil people acquire the ability to impersonate (clone) your identity. A few years ago, this challenge emerged, and in response, we created multi-factor authentication. Until you prove your identity three (two or more) consecutive times, your smart home will not let you in. The first version of this problem was basic enough to be solved by adding two or more layers (factors) of authentication based on the requirements. But NOW we have digital clones, digital twins, AI avatars, AI-generated deepfakes, and all the other non-human digital identities. These will be elevated to levels you and I couldn’t possibly imagine, through the terrifyingly beautiful progress made in the field of quantum computing 🧙🏻‍♀️🧹.

And soon, n* number of sequential proofs of identity will be insufficient. No matter how hard you try and good your intentions are, you can’t prove your identity, engaging in a number of proof mechanisms arranged one after the other.

📌 *n is any whole number between 2 and infinity.

Naturally (and historically), when a sequential approach does not do the job, we turn towards the non-sequential, unordered, and chaotic approach, aka a network. When the digital identity of humans becomes powerful enough to threaten the real identity of humans (i.e., your AI avatar is trying to prove it is the real you, and the real you is locked out), then a simple network of trust would still be inadequate. Likewise, in a post-biological world, you and I and your avatars, and my avatars 😵‍💫 would have to prove each of our identities with a network consisting of infinite connections. The connections are packed perfectly inside the network; it almost looks like a fabric, a fabric that keeps actively growing in real-time, and this is the Continuous Trust Fabric.

🌍 🌎 Post-biological world: a world where humans merge with machines to achieve digital immortality. Learn More

The Paradigm Shift

We realized that, just like in real life, access to digital resources must be secured by proving identity, and we’ve come a long way since.

In a world where humans are living along with non-human artificial intelligence or in a world where humans have merged with artificial intelligence to amplify human intelligence, the Identity and Access Management (IAM) domain would play a more vital role. When the digital presence becomes more prominent than the physical presence, IAM evolves into the new passport of existence. It would be the primary safeguard of identity and rights. This calls for stronger IAM approaches and demands us to rethink the current approaches.

In a post-biological world,

  1. IAM is Existence: Your brainprint is not just your login, it is your existence, it is YOU. Now your fingerprint is just a part of you, but your brainprint would be the whole you. In fact, it would be the only thing that proves who you are both to the outside world and to also to yourself. Now, if your fingerprint is forged or spoofed, you will only lose a part of your identity (often reversible), but if you lose your brainprint, you will lose your existence. Because IAM is Existence.

  2. IAM is Dynamic: When everyone knows everything and anyone can replicate anything, proving you are who you claim to be is almost impossible. A static authentication mechanism that proves your identity at a static point in your ‘life’ would not be enough. In such a world, proving your identity is a dynamic process. In post-biological identity verification, everything that has happened in your ‘life’ actively decides the result at any given point in time. IAM would look more like a daemon thread that runs along the main system, throughout the lifetime, blending in and going unnoticed until it fails.

  3. IAM is Probabilistic: When Identity and Access Management becomes nearly impossible, grounding the result to either “access granted” (1) or “access denied” (0) could be way more harmful. Therefore, we would have to rely on a probabilistic approach to prove our identity. In a post-biological world, you would never be fully authenticated, maybe just a percentage. Higher percentages would let you access more secure data.

The Quantum Leap in Identity

There is a strong likelihood that the post-biological era would overlap with the post-quantum era, which makes the future even more uncertain and unsettling. When conventional hacking is outdated, the new black-hat community would be driven by the inspiration of tampering with minute “threads” in your Continuous Trust Fabric.

If the identity is dynamic and probabilistic, identity itself would look more like a quantum state. We could assume that the trust is in a superposition, and identity verification would collapse the probabilistic trust state into a decision. But unlike classical IAM, that collapse would be temporary; a nanosecond later, the probabilities shift again, and you’re re-evaluated.

This leads us to so many questions. It has been about 80 years since we first stumbled upon the idea of a “computer”. Today, we are standing at the verge of Technological Singularity. Would it be an overstatement to say that the next would be a “Trust Singularity”, where IAM systems themselves gain consciousness and decide who gets to be “real”?

In a world where you still get to be the real YOU, do not forget to keep your head straight and prove who you are.

Happy Coding 👩🏻‍💻

The Blog #1 - https://medium.com/identity-beyond-borders/proving-you-are-you-when-theres-no-you-cf46026396cb

Top comments (0)