There are actually three layers of security in a network environment where DocuShare is introduced. The example below assumes a Microsoft Windows NT / 2000 network, but the same security is also in place in a Solaris environment.
The three layers are described as follows:
The three layers are described as follows:
- NT security: users must have a logon/password to your NT server running DocuShare. If DocuShare is run on a private intranet, not only is the server itself password-protected, but the server is also protected from unauthorized access by the firewall (keeps unauthorized internet users from gaining access to the company’s private intranet resources).
- Internet Information Server (IIS): This software is loaded on top of NT and DocuShare interacts with this software. IIS can provide password protection to the World Wide Web Publishing Service (WWW Service) and / or IIS can be enabled for Secure Socket Layer (SSL). SSL encrypts all transactions over the web between the server and browser. Many banking sites use SSL. Xerox uses SSL for Xerox employees to access their human resources records from home. SSL requires you to use an https (secured http server) server connection instead of the http protocol. DocuShare utilizes the secure socket layer in IIS - enable it using a command line script.
- DocuShare also provides additional security through password protection, permission control of objects, for example, collections and documents, and administration tools. DocuShare provides three levels of access:
- Read: can view an object and download (file)
- Write: can add and change objects
- Manage: can delete an object, and change the access list, for example, DocuShare permissions.