OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Blended Authentication (AKA "Granular Access Control")

[ Lists Home | Date Index | Thread Index ]

Walter,

System A is the claims review application at your health insurance provider.
System B is the medical records application at the hospital where you had
surgery last month.  Joe Chiusano is reviewing the insurance claims you have
filed and verifying them against the hospital records to determine how much,
if anything, will be paid.

The "cartelization" being described makes Joe authenticate himself with
System A, in order to use the trust relationship between System A and System
B to examine your medical records (after System B verifies that System A has
a right to look at your records because it represents the designated
insurance provider).  Is there something nefarious about this?  Would you
prefer it if Joe could access your records without this level of security?

Jeff

----- Original Message ----- 
From: "W. E. Perry" <wperry@fiduciary.com>
To: "XML DEV" <xml-dev@lists.xml.org>
Sent: Thursday, May 08, 2003 7:11 AM
Subject: Re: [xml-dev] Blended Authentication (AKA "Granular Access
Control")


> If I may ask, without I hope sounding too petulant:
>
> What does this cartelization (with a rigidity of rules, permissions, and
> hopelessly intertwined processes that even most
colluders-in-restraint-of-trade
> would be loath to subject themselves to) have to do with distributed
computing,
> web services, or loosely-coupled processes harnessed in cooperation to
implement
> custom workflows?





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS