Latvian University Information System development project started at June 1996. There is used existing system experience. Data from FoxPro systems were transferred to new application environment: Oracle, UNIX and WWW. In the following document the main system production stages and security aspects are described.
Latvian University (LU) has the highest number of students compared to other education establishments in Latvia. There are more than 16 000 students, 2 500 employees, 32 bachelor programs, 36 master programs, 60 laboratories, 12 faculties, etc. Organizing studio process is not possible without information system, including main study process activities. Our history with information systems is not as long as in western universities. Before Latvian University Information System (LUIS) we had applications, running in different environments mainly on personal computers and developed with FoxPro. There was also information saved in Excel and Word documents. Applications were not integrated. Some years ago, when there was no network connections this was quite good and not expensive solution. With network availability come new needs. LU has departments, faculties in different locations of Riga almost all of them are connected to university network. There are fast and slow connections (fiber optics, leased lines, phone lines). Information about students must be accessible from all faculties and administrative departments; therefore we need information system, accessible from every LU network location.
According to ORACLE Academic Alliance program we have ORACLE on two platforms: SUN and RS/6000. We are using ORACLE on RS/6000 for student education and ORACLE on SUN for LUIS production and development. At production start time the main application environment was SUN UNIX, because Windows client application was not so stable and needed local application maintenance, very good network connections and productive workstations, that we do not have. Now existing functions are transferred and new functionality is created using Oracle Web Server - WWW.
LUIS is one of the strategic LU tasks. From January 1997 we have IS development group. Project is realized in Faculty of physics and mathematics, Computer science department, where main activities in education process are computers and programming. IS development is done by academic staff (3) involving also last year bachelour students (5). Application is developed using the latest ORACLE technologies. IS production is maintained also by the same development group. From January 1999 we have special hardware (SUN server) only for LUIS (before we have used hardware used also for other tasks). Now we have more than 150 users from different LU departments.
We are creating our application in WEB environments so, that it can function in many languages (now Latvian and English). Main data arrays are in one language, but some codificators also can be multilanguage. ORACLE Web server application code is stored in ORACLE database, so IS maintenance can be done from one place. WWW environment applications are created using ORACLE Web server toolkit (without code generators). So we create application more comfortable for end users and include special security elements. One of widely used if dynamic report generator. There is no need to write report code, but only specify many parameters, including SQL statement elements to get report ready. Also information search and input interface can be created only by defining end user needs (main information about data and privileges can be found in ORACLE data dictionary).
Data used by LU departments can be divided into two parts: that we get from other sources and save for every day use and that we create in education process. For example, personal data, addresses, relatives, personal documents come from students, when they are matriculated, but study fee, credits are produced inside LU. The are three main cornerstones in our relational model: person, student and employee. Information about person (more than 48.000 records) is saved once, but every person can become a student (63.000 records) many times (first entrance exam results are too low, but in the next year the results are good and he is matriculated, then after some years he studies in higher level).
Every person (student or employee) can have many addresses (66.000 records) where he can be reached, many personal documents (26.000 records), information about relatives (48.000 records) and previous education (23.000 records). When person becomes a student a study program (213 records) must be chosen. Some students get grants and other students must pay study fee - payments (171.000 records). Resources used can be different, but now we collect only time used in computer rooms (41.000 records). Study programs consist of many courses (3.500 records), having descriptions in many languages - Latvian and English. Student gets credits when he passes course read by lecturer - LU employee. This model explains the main activities and data hold in LUIS. We have also many codificators, not explained here. All activities have information about current state and history, holding all information about all changes, made by LUIS users. Total information amount in ORACLE database is 300M. We have also student pictures saved in database 600M.
One of very important aspect for application usable in TCP/IP network is secutity. For UNIX environment application we use account with no shell (there is only one task available - application). End user can't execute UNIX commands. Possibility to connect to the server only from defined network locations and special telnet software to encrypt network traffic are also used.
Another network security aspect used is network segmentation. LU departments are connected with many routers. Database server is located in safe segment. There are segments where we don't need additional security. TCP/IP clients get IP adress form DHCP server where all network cards are registered.
Now main application environment is WEB. WWW three tired connections are realized using Oracle WebServers 3.0 PL/SQL cartridge. Application can be divided into public functions with no special security restrictions (connection without userid and password) and private functions, where special security options are used. We get secure Server ID from Verising to implement Web Server security. Web application private funcions can be used only from defined network locations. Every user is defined also as database user with own password.
Another important acpect is application security. Every department must work only with data that is necessary for it's work. We have realized application so that users can not see other departments data (one faculty can not find other faculty students, staff). This is done using dynamic SQL. ORACLE WebServer end user is granted to execute only defined application functions (there is no direct grants to select, update information without functions), so information is protected also from experienced users.
Main data structures have history. End users are updating current information, but application saves previous data. We can find who and when has changed data, if needed. This task is realized by database triggers and can not be affected.
LUIS is projected so that the same database can be used for many universtities. Data security mechanism is the same as for LU departments. Information system maintenance is quite difficult task therefore it is more easy to get connection and use IS than maintain it (specialy for little university). Such possibility is available now (we have necessary licenses to allow unlimited connection from WEB environment).
Latvian University
WWW: www.lu.lv
Raina boulv. 19, Riga, LV1586, LATVIA
E-mail: anm@lanet.lv