tag:blogger.com,1999:blog-113254572011-07-20T00:50:26.719-07:00I'm a humble soul trying to make sense of the complex world around me. A techie with decade in the IT business, I'll be jotting anything that inspires enough to hit some keys.somewhat techiehttp://www.blogger.com/profile/11428128813085919020noreply@blogger.comBlogger11100tag:blogger.com,1999:blog-11325457.post-1110434331517040182005-03-09T21:23:00.000-08:002005-03-09T22:21:26.173-08:00<div style="text-align: justify;"><span style="font-family:georgia;">Today again there was news about </span><span style="font-family:georgia;">another </span><span style="font-family:georgia;"> data security break. </span>Seisint database was breached and personal data of 32000 individuals was stolen. This was umpteenth security breach, after Choicepoint, Bank of America and others. A question arises whether your personal data be secure ever? Let's look at a possible solution.<br /><br />Currently "your" data can be stored by any website where you make an online transaction. Apart from these, any company you buy services or products from, can have your personal data like name, address, ssn, credit card number, bank account number. Moreover some partner of such a company can have your data as well, in some cases.<br /><br />More the places storing your data, more is the possibility of you getting affected by next security breach.<br /><br />What if your data can not be stored by any Tom, Dick and Harry? For example, your credit report is not stored by everybody, right? Only 3 national credit bureaus maintain your credit report. Anybody who wants it, enquires with the credit bureaus and subject to rules and regulations, they get it.<br /><br />If we have all such data stored at a national database, which is ultra secure, we will never have such security breaches. Anybody who wants to confirm the data, can verify it with the national database of your personal data.<br /><br />Let's take an example of a transaction you perform with a website, say www.somewebsite.com. You need to buy a product or service from www.somewebsite.com. You will send them your data as usual, but only using a secure connection. They will not store it. They will send it to national database provider(NDP) who'll confirm it. They will interact with credit card company to process your payment. They will only maintain a reference to the transaction(a transaction number) but not your personal data. Credit card company will maintain the transaction info.<br /><br />The NDP will provide services only to its registered users like www.somewebsite.com. Or there can be some intermediaries in between. The NDP can provide this as a secure web service.<br /><br />May be this is a rather simplistic solution, but looks workable, what say?</div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/11325457-111043433151704018?l=techtonic.blogspot.com' alt='' /></div>somewhat techiehttp://www.blogger.com/profile/11428128813085919020noreply@blogger.com3