NCIP request security
Currently a valid NCIP request from anywhere can retrieve information about a given library's patrons. In order to exploit this, the attacker would need to know server address, institution code, code of the profile for ILL, all of the correct metadata, and the correct message type/formatting. It's not trivial to gather up all that information for a given institution, but much of the information is publicly available (e.g. NCIP message formatting is a public standard), and none of it is generally treated as a secret.
Given the continuously evolving state of library systems security, it would be good to prevent this type of attack before it happens. Protecting patron privacy is meant to be a top concern for libraries, and we need to embody that principle.
Possible means of fixing this security concern could include requiring an API key be sent with NCIP requests, or allowing each library to configure trusted IP addresses from which to accept NCIP requests.
-
Mathias Kratzer commented
Have you already submitted a support case for this issue? Enhancing security should not need any customer ideas to get top-voted within any ranking list. As you already wrote all security aspects should be a top concern for a system vendor like Ex Libris.
-
Peta Hopkins commented
+1 (no votes left)
-
Patricia Farnan commented
Next time I have a spare vote I'll add one here!