Products - iSeg – high level of security for DMI access
General presentation
iSeg (iBats Secure Gateway) is a tool for secure access especially aimed at the medical sector.
iSeg establishes an SSL secured VPN from a web
browser. Thus it is a WebVPN, meaning it provides a safe means of
accessing web applications or not (or other internal resources of a
network) using a standard Web browser.
The major advantage of ISeg is no client software must be installed on the user system and that maintenance is carried out fully centralized.
In addition, ISEG allows a strong authentication of customers using
the electronic identity card (eID). It becomes very easy to add a layer
authentication "on any application, even if it was not originally
scheduled in this application.
iSeg simplifies user access by providing a kind of "single sign on"
authentication of the various available applications to individual
users are matched (only once) with strong authentication ISeg.
Thereafter, the only ISeg authentication is required and all opened
applications for users are automatically available (no multiple login).
iSeg to lock the network, leaving only one open port on the firewall (HTTPS - 443/TCP) for maximum security.
Simple, strong authentication and access control
SSL as used most frequently provides two security mechanisms. The first one allows to strongly authenticate
the server . The second allows the confidentiality of exchanges by
encrypting the data stream sent to the server. Thus, in terms of
customer, the entire transaction SSL is secure. However, given the
server side, the client does not suffer any reliable identification.
With ISeg, it is possible to strongly authenticate
the client by using a client certificate and private key. ISeg is a
solution that integrates perfectly with the electronic identity card
(eID).
Moreover, it is possible to define complete access controls
on users or on groups of users. These controls can specify how
authentication and/or rights of access that users enjoy. It is possible
to specify, by user, applications, which it has access.
A further integration was carried out with the medical records of OmniPro MIMS
to, for example, limiting patients seen at a general practitioner. You
can use the "web" of OmniPro (Ali) or "rich client" OmniPro.
ISeg supports a wide range of user authentication: password classic pin, Belgian eID card, certificate score ...
Centralized management of users intra and extra-mural
The information about a user ISeg can be stored in various ways:
- Into a database specific to ISeg: recommended to isolate
"extramural" users (eg GPs) from"intramural" users (eg specialists,
computer ...) who want to access their resources from outside;
- In an LDAP server - Active Directory;
- Via the "Pluggable Authentication Modules (WFP) Linux / Unix;
Unique identification (Single Sign On)
It
is possible to configure iSeg to identify an automatic internal service
that need them. To do this, when the first access to a resource
protected by password (once strong authentication completed), the user
must enter his login information. iSeg the will and may be used as
often as necessary thereafter.
Integration with existing
Through the use of LDAP or PAM, it is very easy to
integrate ISeg within an architecture of existing authentication. In
addition, possible investments in the security ("token" authentication
or SSL client certificate) can be reused.
iSeg is also capable of storing custom attributes,
namely attributes whose name and content are fully customizable. It can
integrate with applications or heterogeneous environments.
Support Services
Manex can also provide assistance in the
installation and integration of ISeg in existing infrastructure. It is
also possible to develop plug-ins for special needs. Manex can provide
eID card readers at a Democratic home and install external users