View/Open - JUWEL - Forschungszentrum Jülich
View/Open - JUWEL - Forschungszentrum Jülich
View/Open - JUWEL - Forschungszentrum Jülich
Erfolgreiche ePaper selbst erstellen
Machen Sie aus Ihren PDF Publikationen ein blätterbares Flipbook mit unserer einzigartigen Google optimierten e-Paper Software.
Hacking and Protecting a Cultural Website : The Case ofCVC<br />
and the systems team since the administration and maintains of the website depend on<br />
the way the software development is done .<br />
The technical team in the CVC has the following objectives:<br />
To attain that the applications work through the security servers.<br />
To transfer the security accrediting patterns through the different levels of the<br />
application.<br />
To carry out the authorization.<br />
To guarantee the data integrity and privacy as they are spread along the public<br />
networks .<br />
To guarantee the security ofthe application state with a database .<br />
To make an application that could be enlarged to admit a larger number of users .<br />
What is wanted to be protected?<br />
According with our security policy: every element in our website should be protected,<br />
from any attempt of unauthorized access from the outside, including hardware, software<br />
and data .<br />
What kind ofdata is used in the CVC?<br />
For example, if a user wants to register in our web, these are the date that the user has to<br />
introduce .<br />
Personal details, such us : name, surname, e-mail address, age and country .<br />
Then, Technical details, such as, connection rate, operative system, if he has or has not<br />
sound card.<br />
Why we need these technical details?<br />
Well, for us would be useful to know the user's technical details to tackle the<br />
development ofnew web applications.<br />
Also, Professional details. In the case the user were a Spanish teacher as a second<br />
language, he would introduce the name of his working place or the total number of<br />
students that he has . These details are useful for us in order to adapt our contents to the<br />
user's interests, and to know better the situation ofthe Spanish culture in the world.<br />
Another example would be the case of a user who wanted to take part in the in the<br />
translation virtual workshop. Apart from introducing the details referred to the activity<br />
he does, he would also have to include in the personal details his mother tongue .<br />
On the other hand, it is also important to know what kind of data is used in the Spanish<br />
course . So, if we access the virtual classroom for Spanish application, we will see that<br />
the details handled are again the personal details where we would have to include, apart<br />
from name, surname, address, country, or e-mail address, our city, postcode, nationality,<br />
date of birth or sex.<br />
Also, academic, professional and access details should be introduced, together with<br />
details ofthe institution, class course an group .<br />
The dilemma, functionality versus security<br />
When developing an application some questions have to be raised .<br />
On the one hand the necessary functionalities for the user to be able to develop his<br />
activities in an environment which fulfils his necessities has to be offered.<br />
85