- From: Michael Kay <mike@saxonica.com>
- Date: Wed, 8 Apr 2009 08:16:55 +0100
- To: "'Arshad Noor'" <arshad.noor@strongauth.com>, "'Dieter Menne'" <dieter.menne@menne-biomed.de>
- Cc: <xmlschema-dev@w3.org>
> I am going to attempt to answer your question by providing a > solution from a different perspective - the Security one - > only because the issue you've raised stems from a security > requirement: preserving patient confidentiality based on > where the data exists/is used. I'm no security expert but it seems very surprising to me that an argument based on security should lead you to include data in a message that the recipient doesn't want or need. I would have thought the "need to know" principle was still relevant. >That is the only downside: the data is always present. But, in these days of megabit speeds to mobile devices, and gigabit to desktop/laptops, I'm not so sure its an issue for new applications). Wrong, it's a big issue. In the system I mentioned with 400 messages, many trivial messages were reaching Gb size because the schema insisted on inclusion of data that the recipient of the message wasn't interested in. Rather than designing messages to match what the process model said was needed on a particular data flow, they were designing messages based on the static data model, so for example a complete bank account object was being sent when the recipient only wanted to know the current balance. Michael Kay http://www.saxonica.com/
Received on Wednesday, 8 April 2009 07:17:41 UTC