Tim C wrote,
>These days, I thought that that Universities needed to be sponsored to look into anything (including their own navels) -intellectual curiosity or advancement of knowledge aren't enough any more. I can tell you that I for one(and several of my colleagues at the UC's) are there because we ARE interested in learning, primarily for the sake of learning. Hopefully, in the midst of our learning (and teaching) we will contribute to something worthwhile, not just the patent office of the University of California. It is somewhat difficult to get your work out to open source (you have to send the code out and tell the lawyers, oops, I made a mistake). We do have to produce something for the University, but hopefully the 48% they pad in our grants for work space and secretarial support will be enough for them. By the way, I love the Gene Hackman analogy, but how do you ever get two doctors to agree to turn the key? Cecil -----Original Message----- From: Tim Churches [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 10:08 AM To: Cecil O. Lynch MD Cc: [EMAIL PROTECTED] Subject: RE: MS SQL Server security Jan 25 03 On Sun, 2003-01-26 at 03:37, Cecil O. Lynch, MD wrote: > No, I am not saying that MSSQL Sever provides row level security. I am > saying that ANSI SQL allows one to write the scripts to enforce row > level security. > > Take a look at > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/modco > re > /html/deconrowlevelsecuritysupportinissuetrackingsolution.asp OK, thanks. This is implemented at the application level, or at least at a level above the base DBMS storage - in other words, it is a discretionary access control method - meaning it can be turned off or bypassed by the sysadmin or someone pretending to be the sysadmin. What I had in mind was mandatory access control, and I think Oracle is the only mainstream vendor which provides this, sort of, with a very expensive add-on (more expensive that base Oracle - so that's expensive). Mandatory access control means that it can't be bypassed, even by the system administrator. This is a strange concept to many people, but it is highly desirable for protecting very large aggregations of identified personal health information, as might be amassed in a community-wide EHR. There are alternatives, such as dual-control of (database or operating system) accounts which have superuser privileges: two people are required to supply two separate passwords (and/or authentication tokens) before the superuser can log on to the system - similar to the Hollywood idea of nuclear missile control systems in which two people, one of whom is Gene Hackman, have to turn the keys simultaneously on control panels a few meters apart (too far for one person to reach). Again, there is a real opportunity here for open source systems to steal a march on commercial systems. > As far as "sponsored" comp scientists to roll out a Postgres version, > sounds like a project for faculty and students "sponsored" by the > University. Tim C --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.438 / Virus Database: 246 - Release Date: 1/7/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.438 / Virus Database: 246 - Release Date: 1/7/2003
