The goal of BigDog is to use the WWW to interact (e.g. deploy applications, exchange data) with existing clients, not to recruit new clients or establish new relationships. BigDog incorporates different levels of security to accommodate different levels of data sensitivity. The SSL is used to encrypt all data flow. ``Home site'' (i.e. IP address) information is also used. An access control list is maintained on a per use, per resource basis. The work evolved, and Ben stated that their experience is that plug-ins were troublesome. The model of separate communicating protocols provided more freedom and worked better. He mentioned that this work is related to OM-Access.
Ben was asked if user input was used to design BigDog. He answered that some input was used, but commented that users are not necessarily educated about security issues. Eric Hughes asked what plans there were for risk analysis. Ben indicated that it would be nice to be able to indemnify to auditors. Bob Gezelter asked why the IP address information was used, since it can be spoofed, to which Andrew responded that it was used as only a minor security component - a ``half step'' in security. Steve Jones asked how users or resources were grouped. Andrew said that that such grouping took place in the administration, not in BigDog itself. When asked, Ben said that it was hard to estimate exact costs, but that around three person months went into the project. Ed Uielmetti asked if there was support for out of band authentication. Andrew replied that one application does use it. In response to a question from Andy Rabagliati, Andrew stated that the system operated on SunOS/Solaris.