Yhink once, think twice if we really want to encrypt information databases.
As set algoritms change, but more importantly keys change, have to change.
As do keylenght's.
And don't forget that people loose keys.
Adding all together I'm against encryption in databases.
Gerard
|-----Original Message-----
|From: Horst Herb [mailto:[EMAIL PROTECTED]]
|Sent: donderdag 28 september 2000 15:21
|To: [EMAIL PROTECTED]
|Subject: Re: Principles of health care system security.
|
|
|> But if EHRs are to be moved about we need to be publish the
|security model
|> in a form that consumers can comprehend and be sure who is going to have
|> access to what parts of their EHR and under what circumstances.
|>
|> Just saying it is too hard will not suffice.
|
|I believe that ultimately there will be no other way than the way gnumed
|implements access regulation: arbitrary encryption at column level. The
|patient or the doctor can decide at any time which fraction of information
|shall be restricted in access. Algorithms have to be implemented as
|plug-ins, as virtually all cryptographic algorithms have only limited "life
|span".
|
|Horst
|
