[
Lists Home |
Date Index |
Thread Index
]
Walter,
System A is the claims review application at your health insurance provider.
System B is the medical records application at the hospital where you had
surgery last month. Joe Chiusano is reviewing the insurance claims you have
filed and verifying them against the hospital records to determine how much,
if anything, will be paid.
The "cartelization" being described makes Joe authenticate himself with
System A, in order to use the trust relationship between System A and System
B to examine your medical records (after System B verifies that System A has
a right to look at your records because it represents the designated
insurance provider). Is there something nefarious about this? Would you
prefer it if Joe could access your records without this level of security?
Jeff
----- Original Message -----
From: "W. E. Perry" <wperry@fiduciary.com>
To: "XML DEV" <xml-dev@lists.xml.org>
Sent: Thursday, May 08, 2003 7:11 AM
Subject: Re: [xml-dev] Blended Authentication (AKA "Granular Access
Control")
> If I may ask, without I hope sounding too petulant:
>
> What does this cartelization (with a rigidity of rules, permissions, and
> hopelessly intertwined processes that even most
colluders-in-restraint-of-trade
> would be loath to subject themselves to) have to do with distributed
computing,
> web services, or loosely-coupled processes harnessed in cooperation to
implement
> custom workflows?
|