[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: Healthcare and Security/Privacy

• From: "K. Ari Krupnikov" <ari@i...>
• To: Jonathan Borden <jborden@m...>
• Date: Mon, 24 Jul 2000 02:11:22 -0400

Jonathan Borden wrote:
> 
> KenNorth wrote:
> > Do you think the current set of W3C specs (RDF, schemas) is adequate for
> > describing medical records in an environment that enforces attribute-level
> > security?
> >
> This is an important issue. Clearly a multi-level security model is
> essential. Standards/protocols such as IPSEC, SSL, certificates, S/MIME are
> available to build security systems. Acceptable security systems can
> certainly be (and have been) built. What is needed is proper implementation.

> An abstract grove plan might practically be represented
> by an XSLT transform through which the actual data is accessed.

Using an existing engine with a proven security model, instead of
implementing your own, could be helpful here.
We are using an RDBMS to store arbitrary well-formed XML in a normalized
form (each node is a row in a table). See http://iter.co.il

XSLT stylesheets are represented by stored procedures. Managing security
on stored procedures is trivial.


-- 
K. Ari Krupnikov

DBDOM - bridging XML and relational databases
http://www.iter.co.il

• Follow-Ups:
  • RE: Healthcare and Security/Privacy
    • From: Jonathan Borden <jborden@m...>

• References:
  • RE: Healthcare and Security/Privacy
    • From: Jonathan Borden <jborden@m...>

• Prev by Date: RE: Joel on XML
• Next by Date: RE: .NET and .FUD (was Re: Joel on XML)
• Previous by thread: RE: Healthcare and Security/Privacy
• Next by thread: RE: Healthcare and Security/Privacy
• Index(es):
  • Date
  • Thread