Data protection in Opasnet

From Opasnet
Jump to navigation Jump to search



Scope

What are different data protection needs in Opasnet (or a broader system with several websites sharing the same information structure), and how are they solved to the satisfaction of the users?

Definition

Possible needs:

  • Anyone is allowed to see the data. The issue is about protecting the data from corruption.
  • Data cannot be published openly (due to e.g. IPR reasons), but it does not contain anything secret.
    → Could use Heande for this purpose.
  • Data cannot be published outside an organisation
    → The organisation sets up an Opasnet-like wiki and an Opasnet Base-like database within the firewall of the organisation. These are acknowledged by Opasnet so that "in-house" links (such as [[:heande:Main Page]] can be used) between wikis. The authentication of the user is managed by the organisation (but I don't know how). Standard protocols must be developed so that each wiki knows which data is in which database and brings the data correctly without the user having to know the details.
  • Data cannot be published outside a small group that has no resources to set up an own wiki.
    → The group uses Opasnet for talking about the information, but the actual information is stored in the Opasnet Base in an encrypted form. The data is decrypted at the user's browser if the user provides the proper key that was used to encrypt the data. This way, the data cannot be read by anyone accessing the database nor by anyone following Internet traffic. This may require an add-on for Mozilla Firefox.

Result

Heande, organisation-specific wikis, or encrypted data fields can be used. Standards and protocols should be developed.

See also

References