General Description
The SIRB is considered an information routing and brokerage engine
because it implements the following functions:
- The SIRB receives requests and forwards them to the appropriate
data repository. The forwarding decision is made by the SIRB and
depends on what data needs to be retrieved.
- The SIRB verifies the origin of the request to ensure that only
viable requestors can use the system.
- The SIRB verifies the approval information on the request to
ensure that only correctly approved requests are forwarded to
a data repository.
The SIRB is considered secure because it implements the following
measures:
- All transmissions are digitally signed by the sender and encrypted
for the intended recipient.
- Response data is encrypted for the requestor only to ensure
that neither the SIRB nor any other entity has access to the information.
- The authorization engine in the SIRB not only verifies individual
authorization rules but also general rules based on local legislation
(Datenschutz).
Data Repositories are independent of the SIRB in the sense that
they implement their own approval scheme.
Extended Functions
While the basic functionality of the SIRB in itself is already
extremely valuable a variety of extended functions has been implemented
to make the SIRB more useful in real world environments:
- The SIRB can protect the identities of the involved parties
from each other by anonymizing requestor, approver or data repository.
- The SIRB is able to handle reusable requests that allow the
same requestor to access the same information repeatedly.
- If the approver for a particular request is not online, the
SIRB store the request and present it to the approver at a later
date.
- The SIRB allows an individual to tighten or loosen the access
to his personal data.
- The SIRB can assess requests for their security implications
(Datenschutz). Approvers and requestors can use this function
to better understand the implications of requests.
- The SIRB logs all access and data transactions being performed.
- The SIRB can handle requests that require more than one approver
to approve the request.
|
