The aim of the project is to set up a highly secured document server in order to protect confidential documents produced and shared by a small number of persons (the CEO, the board of directors …)

Context

The server must allow the various working groups to share documents but the groups are partitioned between them: the members of one group cannot access the documents from the other. Personal storing zones are also useful. The groups are evolving and it should be possible to add a new member and grant him access to all the group data or to withdraw a member from a group preventing him to access the data any longer (of course it would not be possible to protect the data he previously accessed).

The ideal solution should include the coding of the files to prevent access from non-authorized persons. Whenever possible, the solution should be integrated in the general security policy of the company, e.g. through the use of smart cards for the authentication of the users or the coding of data.

The security of the server should of course be as transparent as possible and support the commonly used tools (such as Filemaker…).

Moreover the solution should include a backup system in order to recover the data in case of major problem. The existence of this system should not compromise the security of the data. The various risks that may lead to data loss should be considered, as much for the data themselves as for the coding keys. This backup must be set up to work efficiently: incremental backup rather that plain copy of all the secured data.

Finally, the system manager should have a limited access.