Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
ODK Community
+ new post
About this group
Join this group
Security Features Clarification Question
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   3 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
GregM  
View profile  
 More options Jan 18 2011, 7:51 am
From: GregM <grego...@gmail.com>
Date: Tue, 18 Jan 2011 04:51:24 -0800 (PST)
Local: Tues, Jan 18 2011 7:51 am
Subject: Security Features Clarification Question
Print | Individual message | Show original | Report this message | Find messages by this author
Hi,

I notice the road map items and warning from Aggregate (see below).

My questions are:

1. Do you intent the next release of Aggregate and Collect to have
secure to and from device communication?
2. Does the warning in Aggregate still apply? If so, does this mean
that the transmissions will be secure, but the data on the server,
once stored, may not be?

Thanks in advance for clarifying and for creating an excellent
toolkit.

Greg

References....

Road Map items:

Authenticated server transmissions
Authentication and authorization mechanisms

From Aggregate:

ODK Aggregate is currently designed to store data on Google App
Engine.

WARNING! Google App Engine servers may be located anywhere in the
world. Depending on the sensitivity of the data and specific storage
rules/restrictions, the server infrastructure may not have all
necessary security precautions (such as encryption). It is the
organization's responsibility to research and comply with applicable
laws and regulations before storing data on Google App Engine. The
organization is also responsible for taking the appropriate security
precautions and educating users that the information will be available
to the organization and stored on Google servers.

Some examples of data that may be sensitive to users or subject to
local regulations and restrictions include:

    * Financial Information: Bank account numbers, Social Security
number, credit card information
    * Health Information: Personally identifying health information or
government-owned data that shouldn't reside on remote servers
    * Customer Information: Names, passwords, or other login
information.

Please refer to the Google App Engine Terms of Service for further
details.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Yaw Anokwa  
View profile  
 More options Jan 18 2011, 11:42 am
From: Yaw Anokwa <yano...@gmail.com>
Date: Tue, 18 Jan 2011 08:42:09 -0800
Local: Tues, Jan 18 2011 11:42 am
Subject: Re: [ODK Community] Security Features Clarification Question
Print | Individual message | Show original | Report this message | Find messages by this author
hi greg,

the roadmap is accurate. we are working towards secured communications
between aggregate and collect.

the warning on aggregate still applies when using google app engine.
even if we secure communication between server and client, we can't
guarantee the security of data once it gets to gae. additionally,
there may be legal issues you consider if you need your data stored in
country.

yaw


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
W. Brunette  
View profile  
 More options Jan 18 2011, 2:19 pm
From: "W. Brunette" <wbrune...@gmail.com>
Date: Tue, 18 Jan 2011 11:19:31 -0800
Local: Tues, Jan 18 2011 2:19 pm
Subject: Re: [ODK Community] Security Features Clarification Question
Print | Individual message | Show original | Report this message | Find messages by this author
As Yaw says the roadmap is accurate.

The next release of Aggregrate will operate either on Google App
Engine or locally on Tomcat using either MySQL or PostGRES. The local
version will allow users who are concerned about security to fully
control the security of their data. Note: Open Data Kit expect users
to secure their server in appropriate ways. It is the organization's
responsibility to research and comply with applicable laws and
regulations for data storage. The ODK team is NOT saying the server
meets the legal requirements for a secure server. We are providing a
version that users can be in full control of the security so they can
customize it to meet the legal requirements for storing their data.

The warning about App Engine is there to protect you and Google. I am
not aware of any Google service that has the security required for
sensitive data. For example Gmail is not secure enough for sensitive
data either. When deciding how secure things need to be you should
consult your local laws as many apply to storing sensitive data (e.g.
medical data, bank information, etc)

Cheers,
Waylon


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google