Security
Security is a major issue with any system that distributes information between multiple users and locations/jurisdictions. WebOSB supports a three-tier security model: physical security, access security, and component level security.
Physical security is provided by the hosting facility. Because the OSB component of WebOSB runs on a PC client, each site has control over which PCs the software will be installed on and have access to the site's database. The WebOSB component of WebOSB uses secure sockets to ensure that information passed from a remote user on the web is encrypted and not readily available to external hackers.
Access security is provided by requiring a user code and password to access OSB and WebOSB functionality. Associated with each user code is a set of privileges for individual OSB functions. Site administrators can determine whether or not an individual user can enter a function, have view-only access, or have full (editable) access to a window. User codes and passwords are encrypted and stored in the database. As an additional level of security during login, a separate application is used to verify the user code and password to ensure that no hackers can enter the database.
Component level security is provided by the OSB Designer. Each individual status board has a control point that describes the general user’s ability to view or edit the contents of the status board. Access to functionality with control points can only be obtained by having an administrator grant privileges to each specific account via a system administration function. When a status board is designed, the administrator defines the security level of both the view and edit control points. By setting the view and edit control points to “public”, an individual status board can be as open as a chat room. By linking the control point to a pre-defined status board, the status board can be limited to being viewed and edited by only one or two authorized accounts.