/
Portal Platform Security Guide

MellowoodMedical Online Help

Portal Platform Security Guide

Owned by Sergei Gorlovetsky
Last updated: May 04, 2022
4 min read

Overview:

 

The Mellowood Medical Portal Platform is a Web and Mobile interface which allows patients and clinic personal access to medical records managed by IDEAS EMR. The Portal Platform makes the medical data more accessible to authorized users while keeping it secured. It is one of the primary objectives. The portal architecture and development methodology leverages leading security best practices to ensure safety of patient data. This document describes all the security elements of the platform and the development methodology.

 

Secure Architecture

·         Tiered Architecture

The platform architecture leverages WebAPI First multi-tier approach which isolates front end from middle tier and database tier. This composition allows to apply security measures for each tier and makes the platform more secure compared to other monolithic architectures.

 

Database tier security architecture relies on proven Microsoft best practices and includes both Windows and SQL Authentication. Both mechanisms are enterprise grade systems and allow for high protection combined with high flexibility in configuration of user access and password management.

WebAPI tier implements robust Features, Permissions, Roles and Users management. It allows for the definition of granular level of functionality for user access control.  

 

The system has built-in support for multiple Authentication mechanisms. Two Factor Authentication allows for an elevated degree of security.

 

Front-end architecture relies on user features and permission settings to load only the specific modules allowed. This minimizes potential attack potential for malicious users by reducing the application exposure.  

        

High level IDEAS EMR deployment architecture

    Authentication

The platform supports JWT Token based Authentication as well as LDAP, Active Directory and Identity Server4 (OpenID Connect and OAuth 2.0). System administrator can configure password complexity. Passwords are hashed which makes them impossible to decrypt. Users have the ability to change passwords securely.

 

·         Two Factor Authentication

Two Factor Authentication (2FA) provides superior level of security while adding an extra verification step to traditional username and password based authentication. The platform offers this feature as optional and it can be turned on upon request.

 

·         Authorization

The platform leverages Role/Permission based authorization mechanism. Every user access is evaluated based on his unique combination of roles and permissions.

 

·         Auditing

The platform stores detailed log of user and system activities in Audit storage and allows search and exploration by authorized users.

 

·         Configuration Management

The platform allows a high degree of configurability such as: Password complexity, number of failed login attempts, user lockout, two factor authentication, email and phone verification.

 

·         XSS

Cross Site Scripting vulnerability is addressed by use of Angular UI framework developed by Google. Angular provides built-in XSS protection which has been verified by penetration tests.

 

·         SQL Injection

Web API tier leverages Microsoft Entity Framework ORM for accessing SQL Server Database. This approach practically eliminates exposure to SQL Injection attack.

 

Secure Development Methodology

·         Defined Secure Coding Guidelines

Mellowood Medical governs the security best practices within development team by periodic security training.  

 

·         Security Peer Review of New Code

Mellowood Medical controls new code via mandatory approval process and code reviews

 

·         Security Review

Architecture and Security review of new features is mandatory.

 

Secure Testing Methodology

·         Security Test Plan and Threat Model

QA team maintains and executes security test plan for each new feature.

 

·         Penetration Test

The Portal Platform undergoes periodic penetration test using OWASP Zed Attack Proxy (ZAP) tool, one of the world's most popular security tools. The goal of the penetration tests to ensure that the platform is protected against OWASP Top 10 (Top 10 Web Application Security Risks).

 

Secure Deployment

·         Tiered Deployment Architecture

Tiered architecture of the platform allows deployment of the front-end tier on a separate server located in the DMZ (webserver or CDN), deployment of WebAPI tier server behind a firewall and SQL Server deployment on a separate server. Each server can be separated from the others by dedicated subnet for higher degree of isolation. 

Frontend and WebAPI endpoints require HTTPS (TLS 1.2/1.3) configuration to ensure encryption of transmitted data.    

 

·         Least Privilege Principle

Application Pool of the WebAPI website on IIS Server must have a dedicated application user in Active Directory with least required permissions to be able to run the WebAPI and communicate with the SQL Server Database.

 

·         Segregation of Duties

Development and deployment teams operate separately to ensure full segregation and high level of data privacy. 

 

·         Deployment Automation  

The Portal Platform leverages Microsoft Azure Pipelines technology to enable fully automated deployment to production and test environments. Once configured by the deployment team, deployment process operates without human intervention. Deployment authorization by deployment manager is required for any change in clinics environment. All changes and deployments are recorded by audit logs and are reversible.  

Related content