Page 35

  • Means to discover, report, verify, and authoritatively correct mistakes would need to be put in place.

  • A variety of security measures would need to be factored into all aspects of the system to be sure that it meets its objectives and is not vulnerable to things such as fraud or denial-of-service abuses that can result in privacy violations.

Fraud (and security in general) is a significant concern in any system, even the most technologically sophisticated. 2 The nationwide scale of such a system would require knowing that all aspects of the system are scalable—a daunting problem for lesser systems. 3 In any case, the challenges of building robust and trustworthy information systems—they are extensive and well-documented 4 —are accompanied by the even greater challenge of making the systems resistant to attacks by well-funded adversaries.

Architectural issues include the degree of centralization of the underlying databases as well as the location and cost of data storage, computation, and communication, which can all be done at different places. 5 For example, how would authorized entities obtain the records they wanted, under what circumstances, and with what degree of authorization? Would there be daily or weekly downloads of selected records to more permanent storage media? Would a real-time network feed be required (perhaps similar to those used in real-time credit authorization systems)? Would it be possible to secure such a feed sufficiently? 6

Choices among architectural options, as well as other options, would depend on the functional goal(s) of the system. Architecture influences scalability, cost, and usability/human factors. It also interacts with proce



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement