OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: Healthcare and Security/Privacy

[ Lists Home | Date Index | Thread Index ]
  • From: "K. Ari Krupnikov" <ari@iln.net>
  • To: Jonathan Borden <jborden@mediaone.net>
  • Date: Mon, 24 Jul 2000 02:11:22 -0400

Jonathan Borden wrote:
> KenNorth wrote:
> > Do you think the current set of W3C specs (RDF, schemas) is adequate for
> > describing medical records in an environment that enforces attribute-level
> > security?
> >
> This is an important issue. Clearly a multi-level security model is
> essential. Standards/protocols such as IPSEC, SSL, certificates, S/MIME are
> available to build security systems. Acceptable security systems can
> certainly be (and have been) built. What is needed is proper implementation.

> An abstract grove plan might practically be represented
> by an XSLT transform through which the actual data is accessed.

Using an existing engine with a proven security model, instead of
implementing your own, could be helpful here.
We are using an RDBMS to store arbitrary well-formed XML in a normalized
form (each node is a row in a table). See http://iter.co.il

XSLT stylesheets are represented by stored procedures. Managing security
on stored procedures is trivial.

K. Ari Krupnikov

DBDOM - bridging XML and relational databases


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS