Security Design Objectives

The PT application collects and displays information of a sensitive nature in addition to information that is public.The challenge for the design team is to define appropriate access for each type of information.

The highest security priority is to protect the privacy of individuals whose personal information, performance, and group affiliations the PT application tracks. This confidential information must be off-limits to unauthorized persons. On the other hand, the application's security design must allow access to public information such as location data; for example, information about locations is helpful to evaluators when they create schedules.

In addition, users must have confidence in the data the application collects. The information that appears on the PT application's Web pages and the information that results from direct queries on the database tables must be current, complete, and validated by one set of rules.

The security goals for the PT application and the Eval database are as follows:

• Limit access to legitimate users. Security in the PT Admin Application describes how the PT Admin application's security design authenticates users.
• Ensure data confidentiality. The application must restrict access to information (at the application and the database levels) according to the type of information, identity of the user, and person type of the user. Screens Available to Administrators lists the form views the PT Admin application contains and the information that administrators can access.
• Maintain data integrity. Data integrity is maintained on the data-services, business-services, and user-services tiers of the application. Enforcing Data Integrity in the Eval Database describes how triggers, default values, and UNIQUE and FOREIGN KEY constraints ensure integrity of data in the Eval database. Because the PT Admin application is localized, date, time, and numeric data must be converted to one standard format. The Formats component in NLS.dll uses the national language support (NLS) APIs to perform this task. About the Formats Component and Formats Methods and Declarations provide additional information about Formats. Using IsValid.js to Validate Data on the Client describes how functions in IsValid.js, a JavaScript file, perform client-side data validation.
• Provide a high level of availability. Using Multiple Data Files in Eval describes the use of secondary data files, which allow greater flexibility in restoring the Eval database. Assigning Data Files to Filegroups describes file groups that help you distribute and manage primary and secondary data files.
• Audit entry of scores. The PersonActivity table, in which scores and progress information reside, contains a column named Evaluator. This column contains the first name and last name of the person who last modified the record.