Information interchange, whether intentional or inadvertent, authorized or unauthorized, malicious or benign, has become a prime concern for executives and government decision-makers in today's environment of digital information, instant global distribution, and cyber-crime. Security alone is not a sufficient condition to control or motivate information sharing in today's distributed systems environment.
With respect to information control, it may be just as important to get information into the right hands, as it is to keep information out of the wrong hands. For example, the 9/11 Commission concluded that it was not the security of information, but the inability for government agencies to easily share information, that hampered prevention. Accordingly, the 9/11 Commission directed the President to implement a “trusted information network”. This need for trust equally applies in today's regulated world, where governments, medical centers, universities, and businesses alike have a real need to share data with principals who are trusted and appropriately authorized.
Exchanging sensitive information across organizational boundaries requires that data be controlled, managed, and limited in its access and distribution. Over the years, this has led to the development of more sophisticated and robust processes in the physical world, driving the creation and success of overnight delivery services and the acceptance of the facsimile for business use. In today's environment, government agencies and enterprises recognize the value of electronic communication as a faster and more convenient means of doing business, but security and trust remain elusive.
The challenge for organizations is how to exchange sensitive or valuable data without losing control of it or having it end up in the wrong hands. It is very important that the mutual trust between agencies and government departments, as well as between enterprises, is preserved, as is the confidentiality of the digital content being exchanged.