Paperiton DMS About Us Site Map  
About DMS DMS LINK Integration Version Management Security Collaboration Processes Web Client Facts

Security

Security of a document archive is a very important issue. As a Document Management System can be very well described as the memory of the organization, good control over different security aspects is more than needed.

In order to somewhat simplify the security aspects, it all begins with the security of the document storage. Most document management systems use an internal system architecture called reference database. In those systems, there is usually a database of some sort containing document meta information, and simply a path to the document file residing on a file server. The first question is how to protect these files on the server in a proper way, so that they are always secure and inaccessible by any other means than via the DMS. If the files can be accessed without the control of the DMS in any situation at all, then the control and security will be lost forever. 

Paperiton DMS has all document meta information AND the documents inside the database. Unlike with a reference system, Paperiton DMS always has a reliable control over the integrity of documents and their meta infomation. As long as the database is protected in a normal way, documents are safe in our system - in all situations.

Next topic to discuss is the document access rights. Some other products rely on the operating system level rights to the document files. In some cases that is good enough, but this can become also an intolerably complicated issue. In modern Microsoft Windows operating systems the access rights to a file are based in exclusive approach.
For example, you have user groups  "Users", and "Accounting Dept Managers". If you need to have the managers of the dept. as members of groups "Users" and "Accounting Dept Managers", that is fine. But then, if you want to restrict access rights to a certain group of documents so, that "Users" can not handle those, but only "Accounting Dept Managers", you end up in some troubles. If you deny "Users" rights to the material, all members of that group will have no rights at all. Also the "Accounting Dept Managers" will be blocked out.

For operating system level, this approach can be understood. But for a document management system, which should make using the documents understandable and easy to control, this approach is not optimal.

In Paperiton DMS the access rights are based on Security Roles. You create the roles "Users" and "Accounting Dept Managers". Next, you define that a manager is a member of both roles. For the contents of the DMS, you define simply that certain documents are not visible for "Users", but are visible and can be modified by "Accounting Dept Managers". In Paperiton DMS basic configuration, you never assign access rights directly to a user. It is always done via the Security Roles. In this way, when people in different roles and job positions evidently change at some moment, the new people will have all the necessary access to the job related material. No re-assignments of documents rights later on is needed.

Finally, the communication between the Paperiton DMS client application and Paperiton DMS Server. Paperiton DMS Server uses internet protocols for communication with its clients. In standard LAN installation, maybe the highest of security is not needed, but using the standard HTTP protocol is feasible. If the system is deployed so that the clients are somewhere in the internet, the communication can be made more secure by using HTTPS (SSL, Secure Sockets Layer) for communication. HTTPS is good enough for internet banking, for sure it is then also good enough for document management?

Also other secure networking solutions can be used as needed, as long as either HTTP or HTTPS can be used thru those arrangements.

 
   info@paperiton.com  ::  Terms of Use