Cart
[Home] [By Thread] [By Date] [Recent Entries]
They would have to match an operation with a type or flag and user role. Security for certain records involves knowing if a real person has a role in an organization that grants by role that person the right to view that record. Field level security per se is usually prohibitively expensive even where the DBMS enables it. For example, we are often asked to secure juvenile records (have to by law) and the means requested vary from completely separate storage or database (non-starter) to field-level security. Unfortunately, field level security without an understanding of the overall schema, the relationships among tables, the operations to access these and create views, the nature of QBE and the form containers, etc. is not the right request. Access in a view by a role assignment is effective. Simply assigning security levels at the attribute was tried in the CALS DTDs and eventually rejected. Len Bullard Intergraph Public Safety clbullar@i... http://fly.hiwaay.net/~cbullard/lensongs.ram Ekam sat.h, Vipraah bahudhaa vadanti. Daamyata. Datta. Dayadhvam.h -----Original Message----- From: Matt Sergeant [mailto:matt@s...] It would be interesting to be able to define security tokens in terms of XPath match expressions...
|
