[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: Healthcare and Security/Privacy
They would have to match an operation with a type or flag and user role. Security for certain records involves knowing if a real person has a role in an organization that grants by role that person the right to view that record. Field level security per se is usually prohibitively expensive even where the DBMS enables it. For example, we are often asked to secure juvenile records (have to by law) and the means requested vary from completely separate storage or database (non-starter) to field-level security. Unfortunately, field level security without an understanding of the overall schema, the relationships among tables, the operations to access these and create views, the nature of QBE and the form containers, etc. is not the right request. Access in a view by a role assignment is effective. Simply assigning security levels at the attribute was tried in the CALS DTDs and eventually rejected. Len Bullard Intergraph Public Safety clbullar@i... http://fly.hiwaay.net/~cbullard/lensongs.ram Ekam sat.h, Vipraah bahudhaa vadanti. Daamyata. Datta. Dayadhvam.h -----Original Message----- From: Matt Sergeant [mailto:matt@s...] It would be interesting to be able to define security tokens in terms of XPath match expressions...
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|