Notes
on
Security
and
Anonymity
The
PBT
Profiler
was
developed
to
provide
persistence,
bioaccumulation,
and
toxicity
data
on
chemical
compounds
in
a
widely
available
format
using
the
Internet
and
World
Wide
Web
(WWW).
Security
issues
have
been
carefully
addressed
during
the
development
of
the
PBT
Profiler
and
a
number
of
steps
have
been
taken
to
preserve
confidentiality.
The
following
operational
aspects
of
the
PBT
Profiler
are
provided
to
allow
users
to
better
understand
what
happens
to
information
entered
during
its
use:

 
All
connections
to
the
PBT
Profiler
are
anonymous.
Users
are
not
required
to
log
in
or
identify
themselves
in
any
way.
[Note
to
peer
reviewers:
Upon
public
release
of
the
PBT
Profiler,
all
access
restrictions
will
be
removed];
 
Page
requests
(hits)
to
the
computer
serving
the
PBT
Profiler
are
not
logged
(web­
server
log
files
have
been
turned
off)
and
user
statistics
are
not
collected.
A
user's
connection
to
or
movement
through
the
PBT
Profiler
cannot
be
determined
using
the
industry­
standard
methods
employed
to
analyze
traffic
at
a
web­
site.
The
PBT
Profiler
does
count
the
number
of
times
it
is
used
for
administrative
purposes.
Only
the
initial
"hits"
on
the
home
page
and
the
number
of
profiles
run
are
counted
by
collecting
the
date
(e.
g.,
3/
12/
2000)
these
events
occurred.
The
number
of
times
the
PBT
Profiler
is
used,
as
well
as
the
computer
code
that
collects
this
information,
can
be
viewed
by
interested
users;
 
The
PBT
Profiler
requires
the
user's
computer
to
accept
a
"cookie"
in
order
to
operate
properly.
This
cookie
contains
only
a
randomly
generated
number
created
by
the
server
software
and
it
expires
within
minutes
after
the
connection
with
the
PBT
Profiler
is
terminated;
 
No
user
identification,
chemical
information,
screening
results,
or
any
other
electronic
information
entered
into
or
generated
by
the
PBT
Profiler
are
purposefully
tracked,
stored,
or
collected
;
 
All
databases
used
by
the
PBT
Profiler
are
locked
as
"read
only"
and
cannot
be
written
to
(except
for
one
database
that
counts
how
often
the
PBT
Profiler
is
used,
as
discussed
above);
 
No
chemical
information
from
the
PBT
Profiler
is
purposefully
or
systematically
written
to
a
disk
drive
or
other
permanent
storage
device.
Information
entered
by
the
user
and
required
by
the
PBT
Profiler
to
perform
its
calculations
is
stored
in
the
server's
memory
while
the
browser
is
connected
to
the
server.
This
memory
is
released
when
the
user's
connection
(session)
terminates.
It
is
possible
that
the
operating
system
and
server
software
running
the
PBT
Profiler
(Windows
NT
running
IIS
version
4,
service
pack
4)
may
write
some
information
to
temporary
swap
files
on
the
disk
drive.
However
unlikely
obtaining
access
to
this
information
may
be
(it
would
be
very
difficult
even
for
a
skilled
operator
sitting
at
the
keyboard),
it
does
represent
a
possible
instance
where
information
from
the
PBT
Profiler
resides
on
the
computer
after
the
user
has
requested
their
last
page.

It
is
important
to
note
that
information
is
transferred
from
the
user's
computer
to
the
PBT
Profiler,
and
back,
through
standard
Internet
protocols.
What
happens
to
this
information
during
this
transfer
stage
is,
like
during
the
use
of
email,
outside
of
the
control
of
both
the
user
and
the
developers
of
the
PBT
Profiler.
Future
versions
of
the
PBT
Profiler
may
use
encryption
technology
if
this
will
help
provide
additional
access
to
the
PBT
Profiler.
Please
contact
the
developers
of
the
PBT
Profiler
if
you
have
any
questions,
comments,
or
suggestions
on
this
issue.

Many
companies
have
specific
guidelines
on
what
types
of
information
can,
or
can
not
be
sent
over
the
Internet.
The
developers
of
the
PBT
Profiler
encourage
users
to
discuss
the
technical
information
contained
herein
with
computer
and
network
experts
within
their
organization
to
more
fully
explore
potential
security
and
confidentiality
concerns.

Developed
by
the
Environmental
Science
Center
under
contract
to
the
Office
of
Pollution
Prevention
and
Toxics
,
U.
S.
Environmental
Protection
Agency
Computer
Resources
Donated
by
Syracuse
Research
Corporation
Ver
0.
911
BetaR
Restricted
Access
Last
Updated
April
18,
2001
