Protecting inappropriate release of data from realistic databases
- 27 November 2002
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 330-339
- https://doi.org/10.1109/dexa.1998.707421
Abstract
In databases that are used for internal operations the data are not organized according to external access criteria. When collaboration with external customers is required the common tools of authentication, authorization, and secure transmission are inadequate to protect against release of inappropriate data. The approach used in the TIHI/SAW projects at Stanford adds a release filter. Such a release filter can be awkward and costly. By driving the filtering primitives through simple rules we allow a security officer to manage the institution policy and balance manual effort and complexity. A byproduct of the approach is a lowered dependence on perfect data management.Keywords
This publication has 7 references indexed in Scilit:
- Privacy, information technology, and health careCommunications of the ACM, 1997
- Maintaining the Confidentiality of Medical Records Shared over the Internet and the World Wide WebAnnals of Internal Medicine, 1997
- Sharing manufacturing information in virtual enterprisesCommunications of the ACM, 1996
- National Health Information Privacy Bill Generates Heat at SCAMCJournal of the American Medical Informatics Association, 1996
- Information organization using RufusPublished by Association for Computing Machinery (ACM) ,1993
- Security-control methods for statistical databases: a comparative studyACM Computing Surveys, 1989
- An authorization mechanism for a relational database systemACM Transactions on Database Systems, 1976