More pages......
| Overview | Full Management Solution | Hosting | Partners |
LAconnect Solutions Suite - Security
Adaro understand that security of data is of paramount concern within Children’s services, and therefore the LAconnect Solution Suite has been developed with the highest possible levels of security. Local Authorities need to be positive that the solution chosen provides world class, robust security for a hosted solution. LAconnect provides this security on 2 levels: the inherent security within the adapter as well as the security and availability of the hosting facilities used.
LAconnect security is handled by use of Secure Firewalls, HTTPS, SAML2.0 and X.509 certificates as described and shown below:
Figure 1 - LAconnect Security Architecture
All the hardware components of the LAconnect Solution Suite are located behind a secure firewall on their own private network. The client browsers connect with LAconnect and the optional EAS if implemented using SSL3 over HTTP (HTTPS). This is implemented through the use of X.509 SSL server certificates on the LAconnect .Net web servers. This ensures that the data is not tampered (Man in the Middle attack) or stolen during conversation.
The X.509 SSL server certificates are used to prove the identity of the server. The certificates are generated and digitally signed by certificate authority (CA). Additionally any communication between the web servers and the JBoss SOA platform servers also uses X.509 SSL certificates, again signed by the certificate authority and stored in the Java Key Store.
Combination of Asymmetric (RSA) and Symmetric (3DES, AES) algorithms are used to ensure full encryption of the data moving between the different components shown above. HTTPS is used while uploading data to LAconnect.
SAML 2.0 (Security Assertion Markup Language)is used in the LAconnect solution. LAconnect redirects the user to EAS or another selected Identity provider to authenticate him/her and issue SAML 2.0 assertions. Alternatively, SAML 2.0 assertions are generated based upon the users login details. These SAML 2.0 assertions (user, source, system) are cached in LAconnect.
LAconnect inspects the validity of the assertions (NotBefore and NotOnOrAfter attributes) and prompts the user to log in if the assertions are not valid. LAconnect verifies the digital signatures of SAML 2.0 assertions for extended security. It replaces the system assertions of Case Management Systems and inserts LAconnect system assertions.
The LAconnect range of solutions provides everything a Local Authority needs for a complete management solution delivering collaborative cross agency information sharing with frontline practitioners and simple integration with any Local Authority or Partner Organisation data sources.
Check out the news at the LAconnect Community website: www.laconnect.org.uk!
For further information please send an email to info@adarosoftware.com