[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [school-discuss] SIF/XML tools for Data Transfer.


I'd appreciate your clearing a couple of issues up for me. The OpenSIF project  evidently died. 

How much headway did they make is implementing the standard?

How much headway has SIIA made?  What authority or backing exists for their standard?

I'm concerned about SIIA having control over anything, especially compliance with a standard.

If I can have them go away and replace their standard with the Z39.50 how would the schools accept that?

Enough momentum exists right now for funding Open Source solutions that we can possibly recall SIIA.

What kind of hurdles do we face?

les@celery.richtech.ca wrote:
Hi Tom,

The only question I see with regard to the database in schools deals 
with security. XML and OpenSSL creates a tunnel. Also, with regard to 
simultaneous connections, I would want a Certificate of Authority (CA) 
styled after the Globus Grid.

I would assume that the connection would be HTTPS (provided by Apache
and SSL) to ensure a secure channel for XML exchange. This is what I am
developing for, since it is quite easily done with the perl LWP module.

I start to wonder if we'll see US Federal standards required at the 
school level as we're starting to see at the State and Local Government 
level.  The NCLBA has already demanded a uniform reporting standard. How 
will states roll-up their testing results from districts with disparate 
database vocabularies? This evolving digital convergence doesn't seem to 
be going backwards. IMHO, DC has progressed faster than someone of us 
thought.  Simple queries and reports in plain text may soon become 

Yes, they'll become obsolete, replaced by an XML format backed by
schema. XML is the new "plain text".

Maybe, I'm getting ahead of myself but as students get access to 
computers in schools, how do we know they won't hack the main databases? 
Or have someone hack them on their behalf?

By building secure servers with minimal services which only connect to
certain databases, only run on a secure VPN channel between LANs, etc.
The sky is the limit, depending only on your paranoia level and size of
bank account. IMO, paranoia is good. As part of any server
deployment, disaster recovery plans should be in place.

Les Richardson
Open Admin for Schools