NISTIR 5820 -- Section 1

1 Introduction

Software is becoming of increasing importance in many industries, including the health care industry. An important characteristic of health care applications is that the data can be distributed across a wide area. Creating a comprehensive patient record can involve collecting information from many widely dispersed host machines. There are concerns about how fast large medical images can be transferred. There are also issues of how secure the data is when being transferred over a private network.

The purpose of this report is to examine different transport mechanisms and to evaluate their effectiveness in performing health care related tasks. We selected five different transport mechanisms to examine: CORBA (Common Object Request Broker), OLE (Object Linking and Embedding), PII (Portable Independent Interfaces, specifically sockets), SQL/RDA (Remote Database Access) and RPC (Remote Procedure Call). Each of these were evaluated using five criteria:

How easy is it to use the product to develop applications?
What is the class of applications that the product is best suited to develop?
What are the security capabilities of the product?
What network transport protocols can be utilized?
What is the performance of the transport mechanism?

A demonstration project was created in conjunction with this report. The goal of the demonstration project was to give an example of how the various communication technologies can be used in an actual application. We built two viewers of patient record data. One viewer was a POSIX (Portable Operating System Interface for Computer Environments, see [IEEE1003.1c] and others) client that used a Hyper Text Markup Language (HTML) browser to examine patient data. The HTML browser found its data through a CORBA interface. The CORBA interface determined where the data of interest was located and queried the remote database using SQL/RDA.

The second viewer used OLE. Since OLE is not yet a distributed mechanism, this viewer had a different function. The viewer was used to contain patient data that has already been collected from other sites into a patient report. Additional documents created by other applications could also be added to the patient report. For example, an article concerning new treatment taken from a medical journal could be incorporated. The viewer also had limited database querying ability. Local databases which support the ODBC (Open Database Connectivity) protocol could be queried. This viewer was more limited than the previous viewer in the sense that it had to know the exact host on which the data resided.

In this section of the report we have presented a general project overview. The next section will review each of the distributed communication methods and apply the evaluation criteria to each. After that is the section presenting a technical overview of role-based access control. The following section covers the demonstration project. Finally, we will present our conclusions.

Up Previous Next