Personal Data Delivery on Campus Networks Copyright CAUSE 1994. This paper was presented at the 1994 CAUSE Annual Conference held in Orlando, FL, November 29- December 2, and is part of the conference proceedings published by CAUSE. Permission to copy or disseminate all or part of this material is granted provided that the copies are not made or distributed for commercial advantage, that the CAUSE copyright notice and the title and authors of the publication and its date appear, and that notice is given that copying is by permission of CAUSE, the association for managing and using information resources in higher education. To copy or disseminate otherwise, or to republish in any form, requires written permission from CAUSE. For further information: CAUSE, 4840 Pearl East Circle, Suite 302E, Boulder, CO 80301; 303-449-4430; e-mail info@cause.colorado.edu PERSONEL DATA DELIVERY ON CAMPUS NETWORKS David L. Rotman Cedarville College Cedarville, OH Abstract This session is designed to share some techniques being used at Cedarville College for the delivery of information to individuals. Our customers (students, faculty, and staff) have an expectation of convenient and rapid access to information. Providing non-confidential information via CWIS systems mets part of this customer expectation. This session will explore means of delivering confidential information and some basic transaction processing over the campus network. As computer networks become more pervasive on campus and the various campus constituencies become more accustomed to using those networks, expectations grow regarding the use of computers to access information. In fact, the development of some campus networks is the result of an emphasis on delivery of information. Cedarville College's campuswide network was designed on the basis of such a vision [Cedarville College, 1991]: Cedarville College is committed to providing its faculty, staff, and students with an integrated, broadly- accessible information, voice, and video communications technology infrastructure. To this end, the College should: 1. Assure that its personnel and students can access and maintain, through appropriate technology, the information necessary to fulfill their roles; 2. Continually assess information technologies and seek to implement appropriate hardware and software that enhances individual and organizational effectiveness; 3. Make available to personnel and students instruction and reinforcement in the use and application of information technologies; and 4. Foster an environment that encourages responsible use of technology, yet maintains a sensitivity to technology's effects on its users and their environment. Goals for Information Delivery As suggested in the vision statement above, two primary goals for information delivery have been identified: ready access to information and providing information which meets the needs of individuals within the college. Ready access means that individuals will be able to obtain information they need when they need it and where they need it. In an ideal world, students should not have to leave their residence hall room to obtain reference materials, prepare assignments, or conduct business transactions. Faculty members should be able to prepare teaching materials, do subject-area research, and develop service opportunities from their offices. Similarly, staff members should have access to institutional information from their own work areas. Providing information meeting the needs of the individuals means that adedquate information should be provided and that tools should be available for screening and manipulating that information according to the needs of the user. Sufficient information must be provided. As delivery of information increases, more attention must be given to making that information relevant to the individuals receiving it. Individuals need to have enough information to do their work, without being overwhelmed by information which is unrelated to their work. Constraints There are both legal and practical constraints on the delivery of information. While finances can be a very real limiting factor, there are other factors which may limit delivery of information or affect the form in which that information is delivered. General security is a major factor in designing information systems. Some applications need to be restricted to selected groups of individuals so as to ensure the integrity of transactions. For example, certain individuals should be able to initiate general ledger transactions easily while other members of the general college community should not have this capability. Enforcement of general security is both a quality-control issue (limiting access to those persons who are qualified to use the access) and a fraud-avoidance issue (limiting access to minimize the risk of falsified records). Besides general security issues, there are privacy issues which are particularly relevant to the college environment. Privacy issues can be specifically mandated or a matter of insitutional policy. The Family Educational Rights and Privacy Act (FERPA) limits what portions of student's records may be made available to various constituencies. Directory types of student information can be made available to the general public. An employee may obtain any and all student information, provided the information is based on a "need to know." Parents of an adult child may not have access to their child's records without written authorization or written proof of their child's IRS dependency status. Data which fall outside the purview of FERPA may still be restricted due to institutional policy. For example, general ledger information may be considered confidential in many private colleges. A third constraint on the delivery of information is the institutional approach to accessibility. Some data must be made available to certain classes of individuals (e.g., federal crime statistics), but there are no clear requirements for how this access is to be provided. The institution has some latitude in deciding how easy to make the access. Having a document available in a central campus location may suffice in some situations, whereas some institutions will choose to make the access even easier by making this information available over the Internet. For security and public relations reasons, an institution might provide easy access to persons on campus, but block access to that information from off campus. Another constraint in the design of information delivery is the desire to preserve human contact and dignity. The information system designer must continually weigh the impact of the technology on the users: Will this system increase or decrease person-to-person contact? Will this system make people feel like they are being treated as machines? Will this system improve the quality of the work environment (e.g., reduce monotony) for the people who use the system? Cedarville Environment Cedarville College has implemented a campus-wide network which is based on a philosophy of making information available to people who need it when they need it and where they need it. The outworking of this philosophy is a design which called for installation of network computing in each office and each residence hall room over a three-year period ending in 1994. The network currently connects all faculty offices, all classrooms, and 95% of the residence hall rooms. The college provides a computer and printer in each residence hall room, so that resident students have immediate access to the network as part of their educational experience. Commuting students gain access in public laboratories or via modem. Cedarville's Information Delivery System The system design at Cedarville divides information delivery into three categories: public information, confidential information, and transaction processing. Public information is information which is widely accessible (though the access may be limited to on-campus use only). Confidential information is information which is restricted to certain individuals within the college community (e.g., grades may be seen by the student and the student's advisor). Transaction processing involves the updating of databases where the user does not have direct access to those databases. Data Access Models for Confidential Information and Transaction Processing Administrative data capability can be provided to the college community in two different ways: by allowing direct access to the system containing the data or providing indirect access to that system. In the Cedarville College situation, a decision was made to provide access indirectly. Provision of direct access was deemed to present a large security risk and unnecessarily increase the workload in the computing center. Providing direct access would have required creating individual login accounts for each person and then establishing rights for those accounts. Through indirect access, authentication is handled on the Novell network rather than on the administrative host system. Using a model with some client/server characteristics, the requested information is passed from the host to the network without the user having to login to the host. The Cedarville system utilizes a requestor program on the network, a transfer processor on the network, and a server program on the host, as shown in Figure 1 below. The requestor program verifies the identity of the requestor and writes the request to a directory on the network. Users have write privileges to this directory, but do not have file-scan or read privileges. The requests are moved from the network to the host system by the transfer processor. Once on the host system, the requests are processed and the results are returned via electronic mail. [FIGURE NOT AVAILABLE IN ASCII VERSION] Public Information Examples Two examples of public information delivery are shown below. These items are available to anyone logged into the campus network, merely by clicking on an icon. [FIGURES NOT AVAILABLE IN ASCII VERSION] Confidential Information Examples Using the Cedarville information delivery system, students may copies of their class schedules, unofficial transcripts, current account balances, statements of their accounts, and their chapel attendance records. Faculty members may request schedules and transcripts for students. Work is in-progress to provide degree audit capability for both students and faculty. The figures below show the requestor screen for faculty and a sample retrieval of a transcript. [FIGURES NOT AVAILABLE IN ASCII VERSION] Transaction Processing Examples At this point in time, two types of transaction processing are provied on the network. In one type of transaction processing, a particular group has write privileges to a database while another group has only read privileges. In the other type of transaction processing, none of the users has write privilege to the files. The "faculty schedule" system is an example of transaction updating by a privileged group. Preliminary faculty schedules are built on-line using the registrar's course schedule. Faculty members can then add office hours, committee meetings, and other comments. Students have inquiry-only access to this database. The "late pass" system is an example of transaction processing where none of the users has write privileges to the database. Prior to leaving campus for a weekend or overnight trip, students enter destination information using a VisualBasic program. Upon their return, the students record their return dates and times. Both the initial entry and the entry upon return from the trip generate transactions for the database. The "data mover" routine detects these transactions and does the updating of the network-based files. Appropriate individuals (head residents, deans) can query these network-based files to determine the students' destinations and expected return times. References Cedarville College. 1991. Cedarville College Information Resources and Technology Task Team Final Report 1990-1991. Cedarville College. (no date). Family Educational Rights and Privacy Act (FERPA): Cedarville College Policy.