FIREWALL AND INTRUSION DETECTION SYSTEMS
Lifepassport uses the Internet as a channel to offer its service and all its connections are protected by the most advanced firewalling for intrusion detection and protection from viruses and malicious software.Firewall
Firewall is a useful defense system to protect your computer from hackers. Through access control, Firewalls allow connection between two or more networks in a secure manner. The so-called "personal firewall" are programs installed on private computers that filter only the information coming in and out from that specific computer.
Cryptography and certification
In addition to the confidentiality of the identification codes, security is ensured in Lifepassport by a cryptography system. Cryptographing the data means altering it on an ad-hoc basis, making it readable and usable only to those who have the translation keys (the so-called "Decoding"). Cryptography prevents access to the health database and ensures that entered data cannot be seen by any other users.
Cryptography is applied in web pages where personal and health data is requested or financial transactions are carried out.
Lifepassport uses SSL Extended Validation technology: this ensures an easy and reliable way to establish the credentials of the operators online. In fact, only SSL Extended Validation (EV) Certificates generated in supported browsers (Internet Explorer 7, Firefox 3, Safari 3.2, Opera 9.5 and Google Chrome) display the name of the company that owns the SSL Certificate and the certification authority issued to them in the address bar which turns green.
Server
Our main data center is located in Switzerland at a Server Farm with VPS in HA infrastructure that has installed the most modern standards of reliability and security. Power supply, fire protection systems, internet, air conditioning system, monitoring and security of the premises meet the highest international standards and any possible criticality is covered by multiple backup systems. To monitor the hosts, each of them uses a software that maintains a heartbeat (a heartbeat consists in the continuous exchange of information on the presence of the same node in the network) with the other nodes of the same cluster, so that the loss of a single heartbeat involves the automatic startup of recovery procedures on other nodes. The monitoring of virtual machines, and therefore the operating systems, provides for the hosts as the heartbeat. After a predetermined time interval without the exchange of a heartbeat, the system intervene with appropriate recovery measures. By activating the digital medical records, the holder expresses his/her informed consent to the transfer of medical data to Switzerland for storage on servers located there to the extent and in the manner specified in the Privacy Policy.
The Intrusion Detection System
The Intrusion Detection System (IDS) is a device used to identify unauthorised access to computers or computer networks.