|
|
HXP Guidelines
"Impossible" is not a fact, just an opinion.
Basic Design Guidelines
"Keep it simple, stupid". Do not try to solve all the world's problems.
This is a simple problem. Avoid making it complex.
Avoid complex namespaces.
The procedure names should be self-explanatory.
Define general error classes only. Specifics maybe filled later on as descriptive error message.
Allow for flexibility.
Allow for expandability.
Data security guidelines
Use a secure data transport medium or protocol e.g. SSL.
The HXP server must always check the authentication data supplied by the remote client for every procedure call.
The HXP server must determine which remote client is allowed to call a certain procedure.
Every abnormal access attempt must be logged in detail.
Data privacy guidelines
The person is the sole owner of his data.
The person must provide a legal instrument that permits the organization and its server to give out his data.
The person must define through a legal instrument which outside agency is allowed to access his data.
The HXP server must be able to determine which remote client is allowed to access which data.
Data access in "emergency" cases is still a privilege and privileged remote agencies must be clearly defined.
Request for "emergency" data access must be verified first before data is released.
Anonymized data does NOT mean "free-for-all" data.
The HXP server must determine which remote client is allowed to access anonymized data.
Conformity Guidelines
HXP servers must support all published standard HXP procedure calls.
HXP servers must pass a conformity test.
Strictly adhere to the data type of the parameters and return of every method.
The server should be placed under the "hxp" subdirectory.
The server script should be named "server".
Examples:
---/hxp/server.php
---/hxp/server.cgi
---/hxp/server.pl
---/hxp/server.asp
---/hxp/server.py
To benefit from a better performance in return for some additional programming complexity, the advanced server conformity guidelines can be
followed. Click here.
Introspection will be discussed in the later phases of the first draft's development.
Use only the published standard procedure names if communicating with a foreign application.
Strictly adhere to the data type of the parameters and return of every method.
Backward Compatibility Guidelines
A newer HXP-PCD should not discard procedure names from older versions.
An HXP server should always support all published standard procedure at the time of the server's creation.
A newer PCD version is not allowed to remove, discard, revise nor modify procedures from older versions.
Reserved error codes
The integer range from 1000 to 2000 is reserved for the error code reporting of HXP.
|