Authentication, Authorization and Data Security
The user must provide user name and password in order to access the system.
Anonymous access (optionally)
Anonymous access to public parts of the application can be configured.
SSL Secured Login
Sending of user credentials can be protected with SSL encryption.
Encrypted communication channel
All communications between the client application Server can be SSL encrypted.
Screen Level Authorization
Users cannot see screens they are not authorized for.
Users cannot access menu items they are not authorized for.
Database Table Authorization
A database table is only accessible for the authorized users. Permissions for viewing data, adding new rows, editing and deleting of existing rows can be assigned separately.
Database Row Level Authorization
Optionally a database table can be configured for row level authorization. For such tables, the users can only see or edit data rows they are authorized for.
Database Field Level Authorization
Authorization is possible for User defined Fields. For instance you can see a pseudonym for a subject, but not the real name.
Database Access barrier
Data access is controlled by a special thin layer. This layer checks which user is allowed to access what data.
Only work processes for which a user is authorized for are visibible and can be run. A work-process is the implementation of a lab protocol.
Structure mode, operational mode, search mode
Structure mode: the definition of work processes, research structure, data structure and storage structure;
Operational mode: the execution of work processes;
Search mode: the retrieval of data from a browser or an external application.
Central Authentication and Authorization facility
Authentication and authorization are controlled by a centralized secure storage for user credentials.