Automation Report No. 01-01
Date: April 20, 2001
Subject: NLS WebNet Security
NLS WebNet is a new web-based service that will allow
network libraries to submit CMLS, BPHICS, and MMR
transactions over the web and to view the contents of the
CMLS and BPHICS databases. The development project for NLS
WebNet is nearing completion and the service should be
available this summer. CMLS contains sensitive, private
patron data that needs to be protected from unauthorized
access. Both CMLS and BPHICS must be protected from
unauthorized update. Network libraries need to be aware of
the security issues before requesting web access to their
data. NLS needs to know of any network library security
concerns before making the service widely available.
Limiting access to CMLS is of particular concern because the
CMLS database contains personal information such as names
and addresses and information revealing patron reading
habits. Some states stringently regulate the level of
protection patron information must receive. NLS WebNet has
been designed to provide a reasonable level of access
control to meet the needs of all network libraries. Please
review the controls and,__if there is anything that would
prevent your library from using NLS WebNet, contact the
automation officer as soon as possible.__ We will make what
adjustments we can, so long as they are not overly
burdensome for the other libraries.
Regional and subregional librarians are responsible for
designating which members of their staffs have access to
CMLS and BPHICS. Each designated staff member will be given
a personal user ID and password to allow access, either
read-only or read-write, to either CMLS or BPHICS/MMR, or in
combination, as appropriate.
--For CMLS, users in a library will be able to view data or
submit transactions only for that library. The system will
allow or prevent a user at a regional library access to data
for a patron in one of its subregional libraries, as chosen
by those libraries.
--For BPHICS, an individual with read access will be able to
see a machine record for any machine, no matter which
library owns it. Users in a library who have update access
to BPHICS will be able to submit a "transfer in" transaction
for any machine, but will be limited to their own library's
machines for other transactions.
At the request of the librarian, a library staff member will
be assigned a user ID and password. User IDs are set up by
the contractor with a default password. When the user
performs a login for the first time, the system prompts the
user to enter a new password. Password changes can be made
by the user at any time. Currently, NLS has no plan to
require the user to change passwords at specified intervals,
nor is there a requirement that passwords fit a specified
pattern. A staff member at the library, most often the
librarian, will manage privileges (read or write to CMLS or
BPHICS or MMR) for the library's user IDs.
Users will access the CMLS and BPHICS databases through the
network library home page <http://www.loc.gov/pics/>. The
user will sign on to that page using the library's ID and
password, either the normal ID or the admin ID. The user
will then select NLS WebNet and be transferred to the
individual sign-on page. The user will sign on to NLS
WebNet with the library ID, the user ID, and the user
password.
NLS WebNet has been designed to protect the data from
unauthorized access through the online user interface or
from within the host computing environment, associated
networks, and Internet gateways. The following paragraph
describes the elements of the security system. These
technical details are provided for those libraries that need
them to ensure conformance to local rules. It is assumed
that those libraries have technical staff familiar with the
elements, so the technical specifications are not provided.
If you need more information, please contact the automation
officer.
The contractor's host systems, networks, and Internet
servers are protected by multiple fire walls.
Communications between the user's browser and the
contractor's web servers are protected by Secure Socket
Layer (SSL). Controlled access within contractor's host
environment is managed through IBM OS/390 Resource Access
Control Facility (RACF). RACF, an integral part of the 390
operating system, provides protection for data and program
files at an individual and group level. The RACF facility
provides a highly flexible architecture for configuring user
access, protecting secured files from unauthorized access
both locally and remotely. RACF manages all aspects of
system security including online transactions, batch
programs, user access, and access to all system resources
and facilities.
For further information contact:
Robert McDermott
Automation Officer
202-707-9313
[log in to unmask]
|