"All of these things have to work well together," he said. "The problem is getting people to look broad enough and deep enough, and not just at their agency. To look at the full dimensions of identity management and access to information -- not necessarily where we are today, but where we want to be 10 or 20 years in the future -- and then build a model to work toward that."
If that wasn't enough, agencies don't work in a vacuum, and they don't set their own rules. State legislatures set mandates for access to and movement of information between state agencies. Federal regulations prohibit a state agency from sharing data with agencies not within the same funding stream.
"Until we raise awareness of the people in the legislative and policy bodies to think about identity and access to information from all these different dimensions, it's going to take a while to overcome these roadblocks," Roth said.
Even though federal agencies -- such as the departments of education, transportation, and health and human services -- have begun making changes, those efforts create still another problem.
"We've got to find some way to allow all of these different approaches to look at what is a commonality, what are the ways we can keep from having to reinvent the wheel," he said. "What we're doing is creating new siloed security models at a higher level than we have before so the roadblocks to get across the silos actually get bigger instead of smaller over time."