Executive summary:
ObjectBaseX lets you maintain an unbelievable amount of control
over how your data is stored, retrieved, and managed.
Next executive task...
6 layers of security
ObjectBaseX provides very strong security for your documents using a
multi-layered approach to information security. The security of your
data is a very serious issue. We want to prevent the intruder from outside,
of course--but frequently the biggest security problems come from inside an
organization: the trusted insider who might just be peeking into data that
isn't his business; or the malicious criminal who is out to wreak havoc before
leaving the company.
ObjectBaseX permits you to carefully manage your data security.
You can specify which users (or groups of users) have access to particular
databases, folders, or documents. And you can specify where those
databases can be accessed from: if you want to restrict access to a given
database to in-house computers, or block access to a database by a particular
network segment, you can. ObjectBaseX gives you a very fine degree
of control over your data.
Password security
ObjectBaseX uses a very strong password-authentication system.
Users connect using Secure Sockets Layer (SSL) which effectively prevents
eavesdropping. Passwords are encrypted on the server; and the login process
includes logic to prevent both "session spoofing" and "dictionary attacks"--two
common forms of hacking.
IP address restriction
ObjectBaseX includes the ability to restrict access to a particular
database by IP address. In many circumstances you will want to permit users
to access data from anywhere on the Internet--so you can review last-minute
document revisions from a hotel room, for instance. But in some circumstances
you may want to restrict access to a particular database to users within
your corporate or campus network; or block access from a particular IP
address range.
Database security
Each ObjectBase database includes security--so you can restrict a user's
rights in a particular database. Many smaller ObjectBaseX customers maintain
all of their data in a single database: but where there are significant distinctions
to be made in data--or who has access to that data--it may make sense to maintain
multiple databases. So, for instance, a hospital might maintain one database
with patient admission and billing records, and another database with imaging
from radiology and pathology departments.
Folder security
Each database includes folders--much like drawers in a filing cabinet--a folder
can include documents or other folders. Each user or group of users can have
security privileges defined for each folder. This permits you to restrict some
users (or groups) to some folders--or prevent users (or groups) from seeing the
contents of other folders. If you are an Evil Villain
you might want to let all of your minions view your Plans for World Domination
folder, but restrict access to your Nefarious Schemes folder to your more trusted
henchmen.
Document security
In some circumstances you might want to assign security privileges for specific
documents. For example, if you are managing a radiology database you might
have a folder of images created at Central Hospital in May of 2002--you might
wish to give privileges to the folder to all doctors who are members of the
Central Hospital Radiologists group--or you may wish to restrict each document
to just the radiologist who ordered that test.
(Does folder and document security sound confusing? It can be--we explain a lot
more about how these features work, and why you might want to take advantage of them,
in the Training material.)
Logging
Intruders aren't just out to pry into your data: they want to pry into your data
without being caught. Each connection to ObjectBaseX is logged--and each
action done in ObjectBaseX is logged. The data security system records
what actions were done to which documents--by which users, at what time, connecting
from where. If a user abuses your data privileges you will be able to determine
what he or she viewed, altered, or added; when the changes were made; and from where
the user logged in.
We take security very, very seriously
Can you share data across the Internet--and keep that data secure? Yes--thousands
and thousands of documents are entrusted to ObjectBaseX every day. Our layered approach
to security helps ensure that your data is available, accessible, and can easily be
shared--but only with the people you wish to share that data with...
|