Educause Security Discussion mailing list archives
Re: SSN Conversion
From: Graham Toal <gtoal () UTPA EDU>
Date: Wed, 22 Mar 2006 14:43:43 -0600
We are looking strongly at 2 scenarios: Provide a file with SSN and New ID (no other information at all would be in the file) for administrators of ad hoc databases & spreadsheets. This would be accompanied by user education as well. The file would be on CD. CD's would be numbered and signed for with agreement not to duplicate or communicate data in any fashion. Once conversion is complete, CD's would be retrieved. OR Create a secure website for individual SSN / ID lookups. Do you see major security concerns with either approach, given that we have to accommodate these administrators?
The CDs are liable to get into the wrong hands. Unless you already have very strict inventory control on sensitive physical items, I'd recommend against it. We do have a web site where you can do lookups; it is restricted by role, and logs extensively. For example it will send an email to your supervisor logging any lookups you make (your supervisor's email address is extracted from a field in the LDAP database) and the fields you are allowed to searchon or display are also role-dependent. But for bulk conversion, rather than hand out copies of the data, we have a program on our VMS system which will translate data files for you. This is no problem for ascii text files, but in fixed-format files such as spreadsheets (containing ASCII SSNs, not binary integers) it'll work only if the output string is the same length as the input string, so if your replacement ID is longer than an SSN this generic approach won't work for you and you'll have to write custom conversions for your various different sorts of files. This is was somewhat of a hack, yet it lets us filter emails just as readily as HR reports. Here's the code if it helps; you can just about put any kind of file through this. Any C programmer will be able to adapt this easily to some other platform; the tricky part is all in one procedure which is a state machine to recognise SSNs. On VMS you can give the binary permission to access to the database, while not allowing the user to access it directly, giving added protection to your data. Graham
Attachment:
ssn2libidfilter.c
Description:
Attachment:
manual.c
Description:
Current thread:
- SSN Conversion Chad McDonald (Mar 22)
- <Possible follow-ups>
- Re: SSN Conversion Aaron Lafferty (Mar 22)
- Re: SSN Conversion Gary Flynn (Mar 22)
- Re: SSN Conversion Buz Dale (Mar 22)
- Re: SSN Conversion Graham Toal (Mar 22)