Re: SSN Conversion

[Graham Toal <gtoal () UTPA EDU>]

> We are looking strongly at 2 scenarios:
> Provide a file with SSN and New ID (no other information at
> all would be in the file) for administrators of ad hoc
> databases & spreadsheets.  This would be accompanied by user
> education as well.  The file would be on CD.  CD's would be
> numbered and signed for with agreement not to duplicate or
> communicate data in any fashion.  Once conversion is
> complete, CD's would be retrieved.
>
> OR
>
> Create a secure website for individual SSN / ID lookups.
>
> Do you see major security concerns with either approach,
> given that we have to accommodate these administrators?

The CDs are liable to get into the wrong hands.  Unless you
already have very strict inventory control on sensitive physical
items, I'd recommend against it.

We do have a web site where you can do lookups; it is restricted
by role, and logs extensively.  For example it will send an
email to your supervisor logging any lookups you make (your
supervisor's email address is extracted from a field in the LDAP
database) and the fields you are allowed to searchon or display
are also role-dependent.

But for bulk conversion, rather than hand out copies of the data,
we have a program on our VMS system which will translate data
files for you.  This is no problem for ascii text files, but in
fixed-format files such as spreadsheets (containing ASCII SSNs,
not binary integers) it'll work only if the output string is the
same length as the input string, so if your replacement ID is
longer than an SSN this generic approach won't work for you and
you'll have to write custom conversions for your various
different sorts of files.  This is was somewhat of a hack,
yet it lets us filter emails just as readily as HR reports.


Here's the code if it helps; you can just about put any kind of
file through this.  Any C programmer will be able to adapt
this easily to some other platform; the tricky part is all in
one procedure which is a state machine to recognise SSNs.

On VMS you can give the binary permission to access to the database,
while not allowing the user to access it directly, giving added
protection to your data.


Graham

Attachment: ssn2libidfilter.c
Description:

Attachment: manual.c
Description: