Steven H. McCown wrote:
The issue about security is that whoever creates this web server-based
application will be storing information about *minor children* (am I the
only one with this concern?) in a semi-public manner. Most websites that
store information have some clause that says something like no one under 18
without a parent's permission may use this website. Even Disney is
constantly saying "make sure you have your parent's permission...". That's
a lame phrase, but it does show this issue is real.
It is not like parents don't have to sign a stack of papers just so
Johnny can go to scout camp now. Getting parent's permission to track
their Son's scouting progress would just be yet another form.
Congress is, right now,
considering legislation to punish those websites who don't take 'sufficient
measures' to secure their website. What are the ramifications of that?
Since that thought is extremely subjective, the risk one would be taking is
completely unknown.
Visa recently created a security certification program for website
owners that do on-line transactions. I assume what the government is
considering is something similar. Anything that helps make on-line
security better is welcomed.
The other issue is what value would a centralized database really offer?
For day-to-day usage, it would offer zero value. If a scout moved wards, it
would allow his records to be transferred. However, much of that is
maintained by BSA, anyway. If local databases were used, then
'transferrable data objects' could be used to transfer information between
databases from the old ward to the new.
The database doesn't necessarily need to be centralized but being
on-line has many advantages. Many times I see records being lost
because people don't backup their laptops, new people are called and
the "hand off" of the records is not made, people move, etc.
The reason that I proposed the non-centralized storage option is that not
that security is more or less, but because attacks on very small databases
yield very small rewards. In contrast, attacks on highly-centralized
databases offer greater rewards for the attacker.
I don't see any reason for non-centralized storage myself. If the
software is open source then that means folks could run it anywhere and
not necessarily the Church's computers (which would most likely be the
case for non-LDS troops). I would suggest, however, that for LDS
troops that the Church does provide the hosting systems (and core
security, backups, etc).
I would suggest that on the Church's hosting servers they use OS-level
virtualization (see
http://en.wikipedia.org/wiki/Operating_system-level_virtualization) to
divide the system into virtual private servers for each troop. This way
each troop's data is isolated from other troops data. In fact, to the
troop it looks as if they are running on their own dedicated server.
Therefore, if one troop's server is compromised then all the other
troops data is still safe.
BTW, OS-level virtualization shouldn't be confused with other types of
virtualization. Software like VMware are actually emulators and not
very efficient. OS-level virtualization (e.g. "OpenVZ", "Virtuozzo",
"Solaris Containers", etc.) is much more efficient and can support on
the order of 100 Virtual Private Servers (VPS's) on a single physical
server.
The biggest problem with any tracking process is that the Scoutmasters are
usually quite lax about record keeping, in the first place. If one or
several parents abstained from allowing their children's information to be
stored on a website, then it would create *2 processes* for the Scoutmaster
to use for record keeping -- if they were to use the online system. Do you
think that they will use both? Having been a Scoutmaster, I would say no.
I haven't been a scoutmaster but I am an YM's President. If a parent
didn't want their Son's information kept online then I would recommend
that the parent track their Son's progress. I have seen some parents
that do a much better job tracking their Son's progress for both Scouts
and Duty to God that any of our YM leaders (including myself). These
parents are usually the ones that have the best YM.
That will cause the online system to suffer in favor of good ol' pencil and
paper. IOW, in order to make an online database about kids, it must be
really, really secure. My point is that you can't guarantee anything and is
it worth the risk...
-stacey.
_______________________________________________
Ldsoss mailing list
Ldsoss@lists.ldsoss.org
http://lists.ldsoss.org/mailman/listinfo/ldsoss
