So a local, moderately sized drug testing lab wants a new system for managing the data for all the junkies around here. They are very big on privacy and scared of lawsuits, so they plan to have everything encrypted because of some medical laws or something idunno. The requirements (summarized) are as follows:
1. Data must not be decryptable by any person without a manager's approval.
2. Data must be immediately delivered in an automated fashion to the proper authorities upon request.
3. Data must be completely anonymitized after the report is delivered to the requesting entity.
4. Data must be usable by the courts and contain all information that may be useful to law enforcement.
So, my question is, how can I make two mutually exclusive things happen at once? I browsed over my worn copy of SICP but couldn't find anything. Do I need a quantum computer maybe (I hear those work on magic)? Please lend me your wisdom.
Also encryption doesn't magically solve all issues. If the system is braindead it's entirely worthless and a tiny bit of social engineering could get an outsider a copy of all the encrypted data you've got as well as the keys.
Name:
Anonymous2013-02-04 0:17
>>2
It's a local company that test people for drug use. They are used by employers to make sure that their janitors aren't mainlining heroin during break time.
Also what the fuck is "data"?
The name of the person being tested, their preferred drug, what prescriptions they take, SSN, etc...
>>5
It needs to be both anonymitized before being archived, and still contain all identifying information. It must also be encrypted and require a manager to get it, but still be sent to the cops automatically if they request it.
>>8
They sent this via UPS, on watermarked paper. Watermarked paper!
I think they know what they are doing.
Name:
Anonymous2013-02-04 0:32
>>9
No names are allowed. From what I can tell from this bullshit (which looks to be written at least partially by a lawyer and ten other people (who can't even agree on oxford commas)) all they want is the results of the test, and the one who commissioned it.
I don't know why they even want to archive it if it's useless.
>>4
Okay, how about this:
- Employer X asks for drug testing for employee Y.
- You ask employer X to create a public keypair if they're a first time user. Don't reinvent the wheel, just use GPG.
- You make a nice web interface for employer X to access the current case file so they can submit info about employee Y and schedule appointments and whatnot.
- All information about employee Y is encrypted with a specific transient key T that is held in secure erasable storage.
- Employee Y pisses in a jar and hands it to your agency for tasting.
- Results are stored in employee Y's case file encrypted with the aforementioned transient key.
- Once the employer X is done collecting info about employee Y, you make a zip archive of all data about employee Y that you are allowed to give to the employer X (i.e. you can't hand X over the prescriptions Y is taking since it's none of X's fucking business) and you encrypt it with the employer's public key, and you send it over to X.
- You destroy transient key T. From that point on, it is no longer your problem if law enforcement wants to violate Y's privacy without even getting a proper warrant enquire as to the proceedings, they can't bug you because you can't even read the damn data, so you can just kindly redirect them to employer X who is the only one who can read it.
Name:
Anonymous2013-02-04 0:36
>>7
How about suggesting that some reports derived from the archives are anonymous while the archive maintains full information. You can design the system to send reports to the cops when they ask, I guess the most difficult part is to prove if the person requesting the report is a real cop.
Name:
Anonymous2013-02-04 0:38
Just duplicate the key chain system that big content gatekeepers like Apple use for letting developers publish content on iOS devices.
They just GPG and public/private keys.
Name:
Anonymous2013-02-04 0:43
>>12
Oh damn, that handles everything. You are much smarter than I, who had not even thought of that. I had imagined this problem to be unworkable.
I will, of course, pass this idea off as my own when I suggest it to them, as I can't be seen with you people, but I am in your debt.
I will also read up on the fascinating stories of Alice and Bob so that I don't make such a mistake again.
>>15 Oh damn, that handles everything. You are much smarter than I, who had not even thought of that.
I doubt it. You could have come up with this yourself, given enough time and study.
I will, of course, pass this idea off as my own when I suggest it to them, as I can't be seen with you people, but I am in your debt.
You're welcome.
I will also read up on the fascinating stories of Alice and Bob so that I don't make such a mistake again.
The rule is pretty simple actually: all information should be on a need-to-know basis. If a party in the system doesn't need to know something, then they shouldn't. First establish who needs to know what, then establish the workflow around that.
In February of 1990, I applied for a summer internship at Xerox PARC by sending in my resume along with recommendations from Ben Shneiderman (faculty and supervisor), P. S. Krishnaprasad (faculty), Mitch Bradley (supervisor), Gudrun Polak (supervisor), and Mark Weiser (faculty, supervisor, and CSL lab director).
I was accepted and invited to join PARC for the summer, and given a list of three projects proposed by groups that wanted to sponsor me. I was excited by all three, and Christian Jacobi's proposal meshed perfectly with my interests and experience. However, when I discussed the position with Eric Bier, I learned that to qualify for the job, I would have to consent to having my urine collected and tested for evidence of drug use.
I object to not being notified of the drug test until after I had applied for the job, been accepted, and chosen a project. The announcement of summer internships at PARC broadcast to the Internet should have mentioned the drug testing requirement, along with the resume and reference requirements, so that I would have known not to apply to Xerox in the first place.
Because I wanted to work at PARC, and I had already gone through much effort to qualify for the job, I took the drug test, against my principles, and passed. I regret taking the test, compromising myself, and selling out to a company that does not respect the privacy of its employees.
I went to Roche Labs in Bethesda, Maryland to submit to the test, where I was treated rudely by the lab technician. She refused to administer the test, but after two hours her supervisor finally intervened and I was permitted to drain my bladder into a specimen jar. I related the details of my experience to Bill Skinner, and he requested that Bethesda Roche Labs be removed from Xerox's list of approved urine collection agencies. But, unfortunately, he could do nothing to address the real problem that most troubles me: Xerox's ill-conceived urine testing policy.
Screening for drug use before employment is an ineffective method of providing a drug free work place. It also invades my privacy, casts doubt on my integrity, and violates my dignity. The policy makes it harder for Xerox to hire good honest people, because it discourages them from even applying for the job. Had I known that Xerox had such a policy, before I had otherwise qualified for and been accepted to the job, I would have been sorry, but would not have wasted my time.
Even though I passed the drug test, and am completely qualified for the summer internship at Xerox PARC, I must turn it down because of the drug testing policy. I couldn't feel good about working for Xerox after the violation of my privacy, the ordeal I've been through, and the lack of respect I've been shown. The decision was a painful one: regardless of the cloud of urine testing hanging over it, Xerox PARC is a most prestigious place, where I could have been exposed to many great ideas, and met some of the best people in the profession.
I wish I could have spent the summer at Xerox PARC, but instead I have taken a full time job at Sun Microsystems, a company that respects its employees enough to provide a drug free work place without invading their privacy. I won't be looking for other employment in the forseeable future, but I would be delighted to hear when Xerox has changed its drug testing policy. Until such a time, I hope that potential job applicants learn about the policy before they decide to apply.
I sympathize with my colleagues who work in positions they would no longer be willing to accept on moral grounds, and who have been forced to compromise their principles because of other responsibilities.
"What are politicians going to tell people when the Constitution is gone and we still have a drug problem?"
>>21
While I agree with his sentiment, Xerox PARC "requires" the information to the state laws for employment due to sponsor pressure, and the devilish Commission on Organized Crime. Also he is a faggot because of his impure achievements: http://www.donhopkins.com/home/resume.html
At the least, thanks for pointing the obvious for OP. I read the requirements like 5x, and I still did not get them (OP feels like a drunk fresh graduate).