On Mon, 2003-09-22 at 07:25, David W. Forslund wrote:
> Well we do some conversion of the data in the process to the COAS model, but OpenEMed handles secure
> communication on arbitrary HL7 data. The security has nothing to do
> with HL7 but handles the movement of that an othere data in a fully
> secure manner.
Using CORBA? The problem is that only a very small number of facilities have CORBA-compliant systems.
If you do your own security you will find no compliant systems. If you want to know
who you is sending and receiving the data, you need to have your own security using
standards X509 certificates and SSL. CORBA supports this transparently independent
of the data being sent and requested, plus enables you to make sure that whoever
is asking can see the particular kind of data. The software to do this free.
If you Jabber protocol and GnuPG encryption, you will find no compliant systems.
This functionality is fully available with a lot more capability already in free software
and cross language and platform. Why do we keep having to invent this stuff? It
is a waste of software engineering effort.
Dave
On an Australian general practice computer mailing list, there is current discussion about the possible use of the Jabber protocol plus GnuPG encryption and LDAP for distributed directory services/key management for secure healthcare message delivery. Seems like a very good model.
--
Tim C
PGP/GnuPG Key 1024D/EAF993D0 available from keyservers everywhere or at http://members.optushome.com.au/tchur/pubkey.asc Key fingerprint = 8C22 BF76 33BA B3B5 1D5B EB37 7891 46A9 EAF9 93D0
