Computer software is used in many fields of endeavor, including public health. Typically, when a requirement for a particular software application comes to existence, this requirement is brought to a software development team and a project is undertaken. Software development is typically expensive both in terms of cost and time, since each scenario requires the development of many components specific to the particular requirements.
Software functionality requirements typically include security requirements, or access policies. In the area of public health, such policies typically relate to the ability of different users to access different types of health data. For security reasons, these policies are typically specific to the application or database to which they relate, and different policies are associated with, or assigned to, different categories of users.
The separate management of access policies in each application or database can lead to complicated access structures, and can duplicate software development efforts. Policies, and other functions, can be provided external to an application's software code using a programming approach known as function calls, where the functions being called are provided in separate software code.
Standard programming function calls have preset (compiled) behaviour that are to do something specific for the callers of that function call (e.g., sort a list of users, retrieve a list of addresses). The procedure to provide the behaviour within the function call is hard-coded and compiled. The procedure within the function call cannot be updated without recompiling the program. There is a notion of stubs/skeletons in distributed programming. However, at some point, the method or procedure is hard-coded and compiled and provides the same behaviour as standard programming functions.
Applications can be deployed to be used within different jurisdictions that have different constraints. For example, an application deployed in Nova Scotia may require that postal codes must be entered differently depending on where the person lives. It is not desirable to build and deploy different versions of the software or hardcode these differences in the code if it is subject to change.
Known approaches, such as in PCT application WO 2006/108436 and US Patent Application Publication 2006/0041666, provide policy-based management for a specific type of application having certain fixed and defined policy requirements. Such policy management is restricted to managing the same program compiled with the same policy types and the same policies in different instances.
Multiple applications, using the same software, may have different requirements. For example, an internal application will have different password standards than an external application, yet they can use the exact same code. It is not desirable to hardcode these differences in the code.
It is, therefore, desirable to provide an improved and integrated approach to policy management for software applications.