Search Postgresql Archives

Re: HIPPA (was Re: Anyone know ...)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Karsten Hilbert wrote:
On Fri, Mar 09, 2007 at 08:08:11AM -0500, Kenneth Downs wrote:

  
First, security is defined directly in terms of tables, it is not 
arbitrated by code.  The "public" group has SELECT access to the 
articles table and the schedules tables, that's it.  If a person figures 
out how our links work and tries to access the "claims" table it will 
simply come up blank (and we get an email).
    
How ?

Karsten
  


If a user has not logged in, that is, if they are an anonymous visitor, the web framework will connect to the database as the default "public" user.  Our system is deny-by-default, so this user cannot actually read from any table unless specifically granted permission.  In the case being discussed, the public user is given SELECT permission on some columns of the insurance carriers table, and on the schedules table.

The column-level security is important, as you don't want anybody seeing the provider id!

If the user figures out our URL scheme, they might try something like "?gp_page=patients" and say "Wow I'm clever I'm going to look at the patients table", except that the public user has no privilege on the table.  The db server will throw a permission denied error.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux