On Sun, 2003-01-26 at 03:37, Cecil O. Lynch, MD wrote: > No, I am not saying that MSSQL Sever provides row level security. I am > saying that ANSI SQL allows one to write the scripts to enforce row > level security. > > Take a look at > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/modcore > /html/deconrowlevelsecuritysupportinissuetrackingsolution.asp
OK, thanks. This is implemented at the application level, or at least at a level above the base DBMS storage - in other words, it is a discretionary access control method - meaning it can be turned off or bypassed by the sysadmin or someone pretending to be the sysadmin. What I had in mind was mandatory access control, and I think Oracle is the only mainstream vendor which provides this, sort of, with a very expensive add-on (more expensive that base Oracle - so that's expensive). Mandatory access control means that it can't be bypassed, even by the system administrator. This is a strange concept to many people, but it is highly desirable for protecting very large aggregations of identified personal health information, as might be amassed in a community-wide EHR. There are alternatives, such as dual-control of (database or operating system) accounts which have superuser privileges: two people are required to supply two separate passwords (and/or authentication tokens) before the superuser can log on to the system - similar to the Hollywood idea of nuclear missile control systems in which two people, one of whom is Gene Hackman, have to turn the keys simultaneously on control panels a few meters apart (too far for one person to reach). Again, there is a real opportunity here for open source systems to steal a march on commercial systems. > As far as "sponsored" comp scientists to roll out a Postgres version, > sounds like a project for faculty and students "sponsored" by the > University. These days, I thought that that Universities needed to be sponsored to look into anything (including their own navels) - intellectual curiosity or advancement of knowledge aren't enough any more. Tim C
