Protecting Information from Inappropriate Release

3/20/99


Click here to start


Table of Contents

Protecting Information from Inappropriate Release

:

Dominant approach for Data

The Gap: Assumption that Acess right = Retrievable data

Collaborators Get Access,

Creates Leaks: False Assumption

Acess Patterns versus Data:

Access Rights/Needs Overlap

Specfic Problems: Healthcare

Filling the Gap

Architectural Schematic

Security Mediator

PPT Slide

Security Officer

Roles

The Rule Language

Rules implement policy

Creating Wordlists

Coverage of Access Paths

Software Components

Implementations

Effective Settings

Summary

Backup slides

Application of Rules

General mediation approach: isolate value-added processing

Rules for Security Mediators

Rule Processing

Rule Type Examples

Rules... (continued)

Security Table Definition

Security Table Definition... (continued)

Rule application - Overview

Implementation

Implementation... (continued)

System Operations

 Author: Gio Wiederhold

Email: Gio@db.stanford.edu

Home Page: www-db.stanford.edu/people/gio.html

Download presentation source