Educause Security Discussion mailing list archives
Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT
From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Tue, 1 Apr 2008 10:49:53 -0700
to proceed. If we eliminate in house Identifiers (Student IDs) as Directory information and then we go with a PIN or secret word for faculty who post grades (and many do - at least here at UC) how do we secure the identity of the PINs
The proposal is that *every* teacher assigns unique authenticators (pins, words, colors codes -- anything) to each student that is relevant for only that class, for that semester. It is certainly a secure method, and puts the onus on the faculty member.
if) stopping faculty from posting grades than FERPA regulation should simply mandate that this process stop or they will be out of compliance with FERPA.
That would be interesting, but probably untenable. I tend to think they are okay with posting, so long as it is reasonably secure.
point. One of the main reasons we (and I would assume others) went to a Student ID vs SSN was so that we had a way to identify students without giving up PII safeguards
Right, but they do have a fair point. Since the SID follows the student, as they point out, so long as you have the same class with the same student, you've figured out their SID. One-time authenticators, by contrast, don't have this problem. ~~~~~~~~~~~~~~~~~~ Brian Basgen Information Security Pima Community College
Current thread:
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Kevin Shalla (Apr 01)
- <Possible follow-ups>
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Mclaughlin, Kevin (mclaugkl) (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Basgen, Brian (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Michael R. Gettes (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Mclaughlin, Kevin (mclaugkl) (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Basgen, Brian (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Mclaughlin, Kevin (mclaugkl) (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Kevin Shalla (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Kevin Shalla (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Michael R. Gettes (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Basgen, Brian (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Charlie Prothero (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Chuck Dunn (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Basgen, Brian (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT David Lassner (Apr 01)
- Re: FERPA Notice of Proposed Rulemaking Addresses Changes in IT Drexel Atkinson (Apr 02)
(Thread continues...)