In SanteDB, a security device represents an non-human security identity which is assumed by a device. Security devices in SanteDB are intended to represent physical devices (or nodes) which are accessing the SanteDB server.
Devices have a secret (like an application) and may optionally have a public signing key registered with the SanteDB server.
The device list is accessed using the
Devicesmenu item in the security menu. The device list shows a list of all active (non-deleted) devices which are permitted to access the SanteDB iCDR instance.
The actions which are available under this panel are:
- Create: Allows administrators to create a new device account
- Show Deleted: Allows administrators to view deleted accounts and optionally un-delete them.
- Edit: Change the properties of the device account
- Delete: Remove the device from the iCDR
- Lock / Un-lock: Temporarily suspend the device security credential
These enrolments can be disabled from the central iCDR device administration panel. When a dCDR device account is disabled, all synchronization and login activity from the web or disconnected gateway device are restricted.
To create a new security device click the
Createbutton. Administrators may wish to manually create new devices when:
- A new HL7v2 trading partner is being setup
- An new node-authentication partner account needs to be created (for Client Certificate Mapping)
Nameof the device should be unique within the context of the SanteDB solution which has been deployed.
Extended Propertiespanel is used to capture non-security related information about the device. This information is affixed to
When editing a device, administrators will be shown the device security information. The
Core Propertiespanel shows the provenance information (last update, creation, etc.) as well as the security ID (UUID for the object) and the name with which the device authenticates itself.
The security properties of the device are used for viewing lockout status, invalid authentication attempts and to change or view the device secret.
Whenever a device attempts to authenticate with this account, however uses incorrect credentials, this counter is increased. Invalid authentications can be reset using the
Resetbutton on the user interface. This action will reset the invalid authentication attempts to 0.
After a configured number of invalid authentication attempts, the device will automatically be locked out for a sliding window of time (the more invalid authentications the longer the lockout period). Additionally, administrators can manually lockout an account using the lock mechanism.
A device account's lockout can be reset using the
The device secret allows an administrator to set a new device secret. The existing secret for the device is not shown (unless the device is new). Administrators can either
Editthe secret to a custom value:
After which, pressing the
Savebutton will commit the change. Alternately the administrator can set the secret to a random value with
By default a new device will copy its policies from the
DEVICESgroup. After creation policies can be customized using the policies panel. New policies are added by first searching for the policy and then pressing the
By default a device will be assigned the policy with a GRANT permission. You can alter these by clicking the permission type.
The permission types in SanteDB are:
- Grant - The device will be granted access to any action or data carrying the policy
- Deny - The device is not permitted to access any action or data carrying the policy.
- Elevate - The device is, by default, DENY the request, and the server will send a authentication challenge back to the requestor. Users may be required to provide a reason for override and must provide their password.
Policies can be removed from a device by clicking the
Removebutton. When a policy is removed, it means that the device (or any application or using using it) has no specific grant applied to the policy (i.e. if the user is in a group its grant will apply, otherwise the default of DENY is applied).