The system maintains a highly detailed access and authorization scheme defining Access control and system action. Documents are compartmentalized in the “silent Access control” method, namely the user sees only what he is allowed to see.
HIGH LEVEL SECURITY
- USER ACCOUNT MANAGEMENT
- RULE-BASED SECURITY
- AUDIT TRAIL
- SECURE DELETION
- STRONGBOX MODULE
- CERTIDOC MODULE
USER ACCOUNT MANAGEMENT
The system offers a comprehensive interface for management of users and user groups, while managing access permissions to every library or application component. A given user may belong to an unlimited number of user groups. Furthermore, the system enables interfacing with Active Directory for management of user groups and user accounts. This allows for a single point of management for adding and deleting users. The users which have been added to the Active Directory are also added to the system and inherit the permissions of their pertaining groups. The system also enables integration with data base authentication and supports extensive password validations i.e. locking of the user account after specified number of unsuccessful login attempts, password history, password expiry, passwords must be alphanumeric and of minimum character length etc.
The system allows complete security to block unauthorized access to documents. It defines filtering rules to determine which user’s groups are authorized to access certain documents. The filter defines a range of documents to be viewed by specific users or groups. Documents outside this range will not be available to them. The filter relates the rules defined to the index data in the library. For example, a document library with the index value “Region” (North, South, East, West) may have a filter defined according to the value “North” that is associated with specific user groups. Those groups will only be permitted to view documents in which Region=North. In this manner, documents need not be classified individually, as the organization’s business rules have already been deployed in the system. At each stage, one may amend the rules or add new ones. The system supports the use of unlimited amount of filters to each library and user group.
The system audits the user’s activities, enabling monitoring of users at any given time. It indicates the times at which a given user logged in or out of the system and the activities that were carried out during that time, including queries and retrieved documents. One may also determine which changes were instituted by the user and the documents that were used.
The system allows for “logical” document deletion, thereby preventing accidental deletion by users. Following the logical deletion, the document disappears from the system and may be retrieved by authorized users only. If necessary, physical deletion permissions may be defined for authorized users only. Even after physical deletion, documents may be retrieved from the system’s “recycle bin.”
This module additionally enhances the security of the system’s storage array. The module allows access through controlled TCP/IP protocol – and delivers the files to users according to their authorization. The StrongBox module ensures a handshake between the workstation and the server and delivers the required files to the authorized workstation encrypted. The module contains an optional for high encryption of the files located on the system’s storage array, making it impossible to view files by unauthorized personnel.
This module enables organizations using the system to preserve the original classification of documents scanned into the system or received from a scanning supplier in a way that the documents will remain unchanged after their creation or introduction into the system. The CertiDoc module preserves the authenticity of the received document using digital technologies and warns against any change made to documents preserved by the module. The CertiDoc module generates a working copy for any original document in addition to the original document received and saved, always without changes. Users may perform common actions on the working copy of the document as turning the pages or adding annotations. While printing the document’s authenticity confirmation, the original document will always be printed, rather than the working copy.
The CertiDoc module prevents the possibility of altering the original document. In addition, the original document is sealed using the Hash method for ensuring that any change made to the scanned file will be detected by the system.
Three levels of preservation
The CertiDoc module maintains three levels of document preservation:
Level A – original documents scanned at the customer’s home.
Level B – original documents scanned by a scanning supplier
Level C – documents that are not original documents scanned or imported into the system.
Issuing documents from the CertiDoc system for the purpose of presentation in legal instances the system will produce the entire documentation and documents required for presenting certified copies.