Two more thoughts to keep in mind, both from David Gelernter
http://www.edge.org/documents/archive/edge70.html

First, in terms of where SOA and Web 2.0 are leading:

“If a million people use a Web site simultaneously, doesn’t that mean that we must have a heavy-duty remote server to keep them all happy? No; we could move the site onto a million desktops and use the internet for coordination. The “site” is like a military unit in the field, the general moving with his troops (or like a hockey team in constant swarming motion). (We used essentially this technique to build the first tuple space implementations. They seemed to depend on a shared server, but the server was an illusion; there was no server, just a swarm of clients.) Could Amazon.com be an itinerant horde instead of a fixed Central Command Post? Yes.”

Next, further amplification of the matrix problem you stated:

“If you have three pet dogs, give them names. If you have 10,000 head of cattle, don’t bother. Nowadays the idea of giving a name to every file on your computer is ridiculous.”

I did a podcast with Gary McGraw which is available here. Gary’s questions were great, I could have written a ten page whitepaper in response to most of them, but tried to sum up my thoughts on “what is security”, and how you might approach security…