File Manager 22.2 Security & Privacy Manual

Contents > Introduction

Introduction

What is Fileman?

In discussing what Fileman is, it is probably best to begin with what Fileman isn’t. Fileman isn’t a clinical package like Laboratory or Pharmacy, and it isn’t an administrative package like IFCAP. Fileman is an infrastructure package, meaning it is part of what makes VISTA run. Programmers use the features in Fileman when creating those other packages: Lab and Pharmacy and IFCAP and so on.

“Fileman” is the shorter, more informal name of the package; File Manager is its formal name. As you may have guessed from the name, the specific part of the infrastructure that File Manager handles is files. That is, Fileman manages VISTA’s massive database. Fileman commands are all about data: entering it, editing it, retrieving it, sorting it, printing it, making it into reports.

Although Fileman was written for VISTA, it does not need to be used with VISTA. It can be installed as a standalone database management system.

Fileman Security Environment

When considering Fileman security, it is important to note that it is likely not the only security running on the system. The computer’s operating system has its own security. If the computer is on a network, the network includes additional security, both internal (access control) and external (firewall). If Fileman is running as part of VISTA, much of the security will be handled by the Kernel package. For information on Kernel’s security features, please see the Kernel Security Tools Manual.

To fully understand and take advantage of Fileman’s security features, you must also understand the security provided by the operating system, by the network, and by Kernel, if applicable.

What Do You Mean by That?

Understanding Fileman security means understanding a web of closely related features shared between Fileman and Kernel, many of which have similar names. When dealing with ordinary VISTA packages, the difference between (for example) an “Access Code” and a “Fileman Access Code” is not as important, but when dealing specifically with Fileman security, terminology is crucial.

VISTA programmers and system managers (along with 95% of all human beings on Earth) tend to get a little careless with terminology when speaking about things they understand pretty well. After all, they know what they mean. They probably don’t even realize that they may be using terminology in ways that might confuse a listener. Don’t be afraid to ask for clarification. “When you say ‘Access Code,’ what do you mean by that?”

This manual was created with the help of VISTA programmers and system managers. And while we’ve made every effort to be clear and specific in how we use terminology, we cannot make an absolute promise that some of those careless habits didn’t sneak in. Don’t be afraid to ask us for clarification either; representatives of the authors of this manual—and often the authors themselves—can be contacted through OSEHRA.

The Glossary of this manual contains definitions of most important terms for Fileman security. Here, we present a few terms that are often confused.

Access Codes

In a VISTA system, users sign in using an Access Code and a Verify Code. These codes control access to VISTA, and indicate to the system which user this is, and what permissions they have. This information is handled by the Kernel.

In Fileman, a part of user security is handled using Fileman Access Codes. Each file, field, and template can be given a Fileman Access Code. Users can be assigned matching Fileman Access Codes, which represent the files, fields, and templates they have permission to use. These codes are part of the user’s profile. Unlike the Access and Verify Codes, they are not something the user has to type into the system.

In this manual, we will use “Access/Verify Code” and “Fileman Access Code” to keep these similar terms from being confused.

Files

“File” is one of those lovely words we have in English that can mean a whole lot of different things. We’ll just say right at the outset that we won’t be using “file” as a verb, and we won’t be using it to describe the thing you use on your fingernails, or a column of soldiers. We can even eliminate paper files, the kind that come in file folders and are filed in file cabinets.

Even with all that out of the way, there’s still a lot of room for ambiguity. Fileman is a database management system. With Fileman, users can create, maintain, edit, view, and use files. However, Fileman is not just a producer of files; it is also a consumer. That is, some of the files in a Fileman system are the files that Fileman is actually using. And those files—the ones Fileman uses in order to perform its functions—generally cannot be modified by users.

So: “When you say ‘Fileman files,’ do you mean files created by users using Fileman, or the files that Fileman uses?” That can sometimes be an important question to ask your IT team.

And it’s even a little more complicated than that! Because the things that VISTA and Fileman call “files” are not recognizable as “files” to any other computer language or system. They are not system files. They will not show up on anybody’s computer with that adorable little file-folder icon, which says “I am a file. Please copy me for my tasty information!” We don’t want to head too far down a technical rabbit-hole here, but essentially a “file” in VISTA or Fileman is a variable with a really, really big value. And if that sounds a little bizarre, well, that’s because you’re paying attention.

But it works. And more importantly, it means that you as a Security officer don’t need to worry about Fileman files showing up on the system as copyable objects. The only way to copy Fileman files is by using Fileman’s own tools—which are protected by the same security as the files themselves.

Keys

This one isn’t specific to Fileman or VISTA. A “key” means something different to a database administrator than it does to a security officer. In a database, a “key” is how the system identifies a specific record. The key may be a specific field, or a combination of two or more fields. Either way, each record in the database has its own unique key. This is how the system can, for example, call up one patient’s record out of the thousands of patient records it has stored.

In security, a “key” is an electronic code that allows the user to access certain areas of the system (it is also a metal or electronic device that opens doors, but we’re going to ignore that one). The key may be something that the user has to enter manually, or it may be a code associated with the user profile. Either way, keys are a way of limiting access to certain areas of the system.

In this manual, we will use “database key” or “file key” when speaking about the first kind of key; and “security key” when speaking about the second kind of key. We recommend that you do something similar.

[return]