Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
CCOW
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Purpose== The goal of CCOW is seemingly simple, but its implementation is rather complex. CCOW is designed to communicate the name of the active user between various programs on the same machine. The user should only need to log into one application, and the other applications running on the machine will "know" who is logged in. There are a great deal of exceptions and circumstances that make this scenario far more difficult than it appears. In order to accomplish this task, every CCOW compliant application on the machine must log into a central CCOW server called a Vault. The application sends an encrypted application passcode to verify its identity. Once the application is verified, it may change the active user (also called the "context") on the machine. Each CCOW application also has an application "name" for which there can only be one instance. There is no correct application name (the passcode identifies which application is logging in). There may be multiple instances of the CCOW application connected to the CCOW vault from the same computer. However, they must have different names. One name might be "I like HHAM", while the other might be "I like CCOW". The names are completely arbitrary. After the application authenticates itself with the CCOW vault, the applications are ready to communicate the context (a.k.a. the active user). Here would be a step-by-step example of a CCOW exchange: #The computer boots up and the medical applications load. #Each application logs into CCOW using its secret passcode (and unique application name). #The compliant application displays a login prompt, and the user logs in as "Mary Jane". #Mary Jane has a "CCOW ID". Let us assume that her CCOW ID is "MJane". #The compliant application notifies the CCOW vault that "MJane" is now logged in. #Once CCOW verifies that "MJane" is a valid CCOW user, the vault notifies all the other applications that "MJane" is logged in. #All of the other applications realize that the CCOW ID "MJane" is referring to "Mary Jane" (because they have been configured as such). They log in "Mary Jane" automatically. #The transaction is complete. All of the applications running on the machine have been automatically logged in as "Mary Jane". The purpose of the application passcode is to verify that no unauthorized applications can "hack" into CCOW and change the active user (thereby allowing unauthorized access to medical records).
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)