SEMDA access and data security (D)

Saturday, September 21, 2024

Vendor registration

Each Local CMS needs a vendor registration at RI. The correct vendor must be known and registered in RI for the clubs using the service. In order to separate the SEMDA services, one vendor is defined for each Local CMS.

The existing vendor names for (old) SEMDA-2 service are:
- SEMDA Austria Districts: D-1910, D-1920
- SEMDA Belux               Districts: D-2130, D-2140, D-2150, D-2160
- Swiss RCMS - SEMDA              Districts: D-1980, D-1990, D-2000
- SEMDA D2202                         District: D-2202
- SEMDA France               Districts: D-1520, D-1650, D-1680, D-1690, D-1710, D-1740, D-1790
- SEMDA Iceland                         District: D-1360
- SEMDA Sweden    Districts: D-2335, D-2355, D2405
- SEMDA Germany                     All Districts: Rotary Germany
- SEMDA Rotaract Germany       All Districts: Rotaract Germany
- Semda D2032       District: D-2032
- SEMDA Districts 2041-2042       Districts: D-2041, D-2042
- SEMDA Finland                         All Districts Finland
- SEMDA Netherlands                  All Districts Netherlands

The new convention is "SEMDA-3 <CMS-name> <country-code>". The corresponding new vendor names for SEMDA-3 service will be:

SEMDA Polaris AT&BIH Districts: D-1910, D-1920
SEMDA Polaris BE&LUX Districts: D-2130, D-2140, D-2150, D-2160
SEMDA Polaris CH&FL Districts: D-1980, D-1990, D-2000
SEMDA Polaris ES District: D-2202
SEMDA Polaris FR Districts: D-1520, D-1650, D-1680, D-1690, D-1710, D-1740, D-1790
SEMDA Polaris IS District: D-1360
SEMDA Polaris SE Districts: D-2335, D-2355, D2405
SEMDA RoCas DE All Districts: Rotary Germany
SEMDA Aurora DE All Districts: Rotaract Germany
SEMDA Kiosk IT District: D-2032
SEMDA Gero IT Districts: D-2041, D-2042
SEMDA romeo FI All Districts in Finland
SEMDA LEAD NL All Districts in Netherlands
SEMDA TRIO KE District: D-9212

For new customers having a new Local CMS using SEMDA, RCS will request RI to create a new vendor.

Authorization

The authorization to use the SEMDA systems is issued by the RCS. Respective product contract and SLA must be signed. RCS will then pass the required unique authentication key to the Local CMS. This key must be used for the connection to SEMDA and in all requests.

Authentication

Each request from Local CMS to SEMDA must contain a unique authentication key which identifies the Local CMS. This authentication key is created by the RCS and passed to the Local CMS after contract and SLA have been signed. Request without valid authentication key are discarded.

Access and encryption

Access to SEMDA is possible only through https protocol.

All data in transfer between Local CMS and SEMDA and between SEMDA and RI is encrypted.

Data Security

SEMDA does not have persistent storage like a database. It uses a reliable message broker (RabbitMQ) to temporarily store requests from various Local CMS. The requests are managed in a queue, assigned to each particular Local CMS. The request data is automatically destroyed when a request has been processed. The reliability feature of RabbitMQ ensures that the system survives a power failure or software crash without loss of data.

The access to the request data is possible only through the programmatic components of SEMDA. There is no GUI or tool to display the request data available to the SEMDA customers.

SEMDA fulfills the highest security requirements because:

No data is persistently stored in SEMDA
No data is exposed to a user interface or an interactive tool.
Data related to a particular Local CMS is separated and isolated from all other connected systems.
The data exchanged between the particular Local CMS and RI is not passed to any other system.

SEMDA Logo