Directions Magazine (DM): Please explain the different kinds of security the VectorLock system offers.
Brock Adam McCarty (BAM): eMap International, in conjunction with its development partner, PAR Government Systems, designed VectorLock to be a robust security system for shapefiles. The first level of security restricts who can access your licensed shapefiles. Every organization that installs VectorLock will be given a unique identity – and this identity is embedded in each licensed dataset you will share externally or internally. Once licensed with VectorLock, these datasets can only be opened by the organization with this unique identity. As an added layer of security, you are even able to restrict access to your shapefiles so that they can only be opened on a group of specific computers within the approved organization.
The next level of security that VectorLock offers is the ability to restrict how long licensed datasets can be accessed by approved users. Once an expiration date is applied with VectorLock, users will be able to open and work with the licensed data inside of ArcMap until this date is reached. If more time is needed for the project, a new license can be issued so that users will be able to open the original data plus any derivatives they may have created until this new expiration date.
As a final level of security, VectorLock controls what users can do with licensed data through the application of read-only or editing permissions. When restricted as read-only, licensed data acts as any shapefile would in ArcMap, as users can run toolboxes, change symbology, move layers, etc. but are restricted from the Editor Toolbar functions.
DM: How is VectorLock implemented? That is, what's installed on the data administrator’s computer and on a data user’s computer? In what format is the data?
BAM: eMap’s VectorLock can be installed on an individual (node-locked) computer, on a set of networked computers accessing centralized servers or on a combination of both system types. VectorLock consists of three programs that work together to form the first security system for shapefiles: the License Manager, the Admin program and the ArcMap integrated Toolbar. The License Manager establishes and maintains the unique identity discussed above; the Admin program creates and manages VectorLock licenses; while the integrated three-button Toolbar lets users open and work with licensed datasets in Esri ArcMap (versions 9.3 and newer). As such, data administrators who wish to license shapefiles with VectorLock will need the License Manager and Admin program installed on their computers. Those using data licensed with VectorLock will need to have the License Manager and ArcMap-integrated Toolbar installed.
When shapefiles are licensed with the Admin program, they are converted into our encrypted and proprietary format, the VectorLock file (.vlf). Encrypted VectorLock files contain the key components of a shapefile including the DBF file, which could be opened in Microsoft Excel if it were not inside the VLF. Once data users load VLFs with the ArcMap-integrated Toolbar, they act and look just like any Esri shapefile would.
DM: Aren't shapefiles on the way out? Is this product "too late"?
BAM: That is a very intriguing question and one that eMap carefully considered during the development stages of VectorLock. From its early days, VectorLock was designed with significant input from its oil and gas, engineering, utility and government clients; and it was their direction that pointed us toward supporting the Esri shapefile format first. These clients indicated that mapping data was most commonly shared in shapefile format given the ease-of-use of the file format. Further, many organizations have processes and systems that were developed to support the shapefile and are still in place today.
With all that said, eMap is keenly aware of emerging market trends and Esri’s desire to move the GIS world in the direction of the file geodatabase. With this in mind, we are already in the process of modifying VectorLock to secure vector data embedded in the file geodatabase. Those eMap clients that are currently working predominately with file geodatabases plan to use VectorLock during this development stage by converting these vectors to shapefile format before they are shared externally or internally.
DM: The time period a user can access a shapefile is detailed in the license file. How would the administrator determine an appropriate time period for access?
BAM: Given the need to support the use of VectorLock files both in a connected environment as well as “in the field,” the time period users can access licensed datasets is controlled by the License Manager. With this in mind, we recommend that data administrators limit the initial time period for access to the smallest window possible. The license(s) that controls access to a VectorLock file(s) is small enough to email and takes data users seconds to update. As such, data administrators can easily send an updated license with a new, extended expiration date which will give the approved users access again to the original VLF and any derivatives they may have created with ArcMap toolboxes.
DM: What are the future plans for the product? How about support for other products that read shapefiles?
BAM: eMap International and PAR Government Systems are already working to support a wide array of geospatial formats, including the file geodatabase and GeoTIFFs, as we have received significant interest in protecting both with VectorLock. The file geodatabase is of more immediate concern given Esri’s push to move its users toward the format. We are also exploring a secure, mobile GIS solution as well as a means to protect streaming Web Feature Services (WFS). We are also working with a set of software makers (outside of Esri) to protect shapefiles and future file formats (DXF/DWG) in other geospatially enabled programs, including AutoCAD.