On Mon, 11 Mar 2002, Pocock, Bruce-Robert wrote: > From: Matias Klein ... > >algorithms within a "secure run-time" (i.e. something like a java > >application server). These wrapper classes can handle the > >authentication, data access, and encryption/decryption. ... > is run a debugger (or closely examine the .class files) to identify > the methods handling decryption, and then write a tight loop to "slurp" > the entire database through this decryption.
There have been quite a bit written about the futility of client-side "digital rights management (DRM)". Karsten's original post raised this issue: http://www.mail-archive.com/[email protected]/msg06213.html ... > As far as building an Open Content-type database of this kind: the > "No warranty" clause would seem (in the US at least) to make it quite > difficult to encourage the use of such a thing. The challenge is to come up with a viable business model for selling "warranties" :-). I suppose users can either use the open content pharmacopia with or without warranty. Warranty can be purchased from a competing array of insurance companies. ... > A subscription model was mentioned; this might be the most workable > concept. A database could be presented as a "web service" with a > subscription policy, and offer the data to authenticated clients over > an XML channel of some kind for viewing in an open source application. I would propose a slight modification. I think a coop model will work best. Members of the cooperative will share the use and responsibility for maintaining the pharmacopia. Membership and content contributions will be publicly acknowledged/published by the coop. Read-protection/restriction of the pharmacopia database content will not be necessary since members will derive benefit from public knowledge of their involvement. > In such a case, the agency would have reasonable guarantees that > their users would at least be aware of the illegality of duplicating > the database, in the same way as a cinema is reasonably guaranteed > that no one brings in a camcorder without having to search each guest. Not necessary. The "value" of using the pharmacopia should come from the fact that your patients (and the world) know that you are using this pharmacopia. Hiding the fact that you are driving your decision support system with this awesome pharmacopia will be counter-productive. :-) I think it is far more powerful and productive to align the interests of all parties in a transaction. I just don't see why people won't be willing to pay for open content database/GPL software. Comments? Andrew --- Andrew P. Ho, M.D. OIO: Open Infrastructure for Outcomes www.TxOutcome.Org (Hosting OIO Library #1 and OSHCA Mirror #1)
