Magazine article Computers in Libraries

Managing a 'Forest' of Servers and Documents. (Building Digital Libraries)

Magazine article Computers in Libraries

Managing a 'Forest' of Servers and Documents. (Building Digital Libraries)

Article excerpt

The University of California--Berkeley provides a good case study for thinking about ... well, a whole lot of things, but certainly it's on the front lines of the crisis in computer security. Berkeley is a frequent target of hackers, and they have a lot of targets to choose from. As a key contributor to the Internet backbone, as the cradle of the UNIX C Shell, as the birthplace of the Free Speech Movement--well, who among hackers wouldn't notice the plum potential? What's more, server administration here has been decentralized for years, creating an environment with thousands of servers running on multiple platforms, including several flavors of UNIX, every kind of Microsoft product, and a very healthy Apple presence. The security statistics are alarming: Security "events" average 25 per day; 3,000 messages that include viruses arrive daily; and "spams" number in the tens of thousands, according to Jack McCredie, the campus chief information officer.

Office culture plays a role, too. Decentralized systems administration reflects the campus bias for decentralized teaching and research. This is important, because it takes a certain amount of organizationwide planning to sustain security, and that means involving lots of staff, not just technologists. Decentralized server administration provides autonomy, but it also brings security risks right into the lap of local administrators--which means hijacked servers that are used to nefarious ends.

It's not hard to find hacker horror stories. Last year the Institute of Industrial Relations' main file server was hijacked after a sustained attack that lasted weeks, and it had to be shut down and cleaned. The University Library's servers were seriously assaulted some years ago, and restoration required a crisis response that lasted 3 days. And then there are those puckish "inside" jobs. Our first file server was configured by my student Webmaster in 1996. He created "back door" modem access to the server to avoid the queue for busy student modems. He also shared it with friends (until we found him out). Later, when he went to work for Hot-mail, just before it was bought by Microsoft, he finally noticed that we had shut it down. We had a laugh about it. Of course, by then he had made his first $5 million, at the age of 20. Oops, sorry--that was another era, I guess.

Organizationwide responses to security threats--or the lack of response--have a big impact on digital libraries. Our "parent" organizations--colleges, cities, and firms--often define technological platforms without much thought about library requirements. This makes it all the more vital to make sure our voices are heard. Even then, we don't always get to choose how things are configured. But keeping track of the planning process helps us to take advantage of new initiatives at the earliest possible moment.

Those of you who work in single-platform or unified-computing environments may shudder to hear how vastly diverse campus computing is at Berkeley, but this has carried advantages for us. It's hard to herd cats and faculty members, so the campus tends to adopt new platforms at the end of the product cycle rather than at the beginning, and collective knowledge has grown in the meantime. One of those moments popped up here just a few months ago, and its pilot phase is far enough along for me to offer a note of optimism in the hacker wars. Oddly enough for UNIX-centric Berkeley, a Microsoft application provided a nudge that helped us reach critical mass.

Active Directory 'Forest'

Microsoft Windows 2000 Active Directory (AD) has many enterprise-level applications, including security. AD recently gained the attention of central campus computing professionals who were juggling a major e-commerce portal rollout, a "single logon" smartcard known as "CalNetID," and a vast problem in sustaining decentralized servers that had sprung up everywhere. Each of these three large-scale projects involved big changes in the campus computing culture, and security issues lay at the heart of the various initiatives. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.