[ Picked text/plain from multipart/alternative ]
This is an existing application with lots of existing programs and queries.
The records are (and should be) available for totaling, counts, reports, and
internal use.  FERPA has to do with releasing private information to the
public.  Creating the new logicals is a solution of sorts but creates many
problems with day to day use of the data.

The issue isn't so much security as it is "appropriate use".  Some sort of
as-yet undefined business-rule process has to take place.  There are people
already working on solving the business rule problem but my task is to
implement the business rule once they've written the rules.  It appears to
me that I have to find some way to attach the business rules to the data
itself, not overlay a simplistic mask on the data.  A logical view solution
seems easy to implement but impossible to live with.

Thank you all for this discussion.  Its being very helpful to us here.

Booth Martin   http://www.MartinVT.com

-------Original Message-------

From: midrange-l@midrange.com
Date: Thursday, January 24, 2002 09:54:00 AM
To: 'midrange-l@midrange.com'
Subject: RE: Use of a trigger...? is this areasonable?


I believe V5R1 introduced the "Read" trigger event. Still, using a trigger
to enforce security seems a little out of place. Trigger determines this
record should not be available, pops an exception message to the program,
program blows up unless you've written appropriate error handling into your
app. I would probably go with a logical that omits the FERPA records......

Eric DeLong
Sally Beauty Company
MIS-Sr. Programmer/Analyst
940-898-7863 or ext. 1863

-----Original Message-----
From: Pete Hall [mailto:pbhall@execpc.com]
Sent: Wednesday, January 23, 2002 7:14 PM
To: midrange-l@midrange.com
Subject: Re: Use of a trigger...? is this areasonable?

At 11:20 01/23/2002, Booth Martin wrote:
>Here's the deal: our name and address file has a field in their for FERPA.

>If its marked then the name can not be listed or generally distributed

>without that person's written permission. This has worked fine for years

>when we only accessed the information with our RPG programs.


>Now though we have users with Query and other methods of accessing the

>and these users just ignore the FERPA field. The results are labelled

>Trouble waitng to happen".


>What ways would you folks offer as ways to prevent access to that record if

>FERPA is chosen? (I'm thinking this is a question all of us are facing


Since you are trying to prevent read access to the data, a trigger will not
be helpful. There is no such thing as a "read" trigger, just Insert, Update
and Delete.

Possibly you could use a view that excludes records with the FERPA flag
set, and restrict direct access to the data.

Pete Hall

[ Content of type image/gif deleted ]

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.