IQware Secure Architecture


IQware deploys on your existing IT infrastructure and works with your existing systems.




  • IQware uses a secure Trusted Computing Base (TCB) Department of Defense rating of C2/B2; National Information Assurance Partnership (NIAP) Common Criteria (ISO 15408) minimum rating of EAL5
  • A "Reference Monitor" mediates attempts by a subject to gain access to an object. An access control list is maintained as well as a tamper-proof audit trail of security-related events
  • An authorization database serves as a repository of subject and object security attributes, including access modes and allowed operations.
  • The IQware application is layered on the secure O/S, using the Reference Monitor architecture to implement the security policy while providing full accountability, tracking and assurance. This design ensures that the combination of the application and O/S will operate in accordance with the Department of Defense Secure System standar
  • An authorization database serves as a repository of subject and object security attributes, including access modes and allowed operations.
  • The IQware application is layered on the secure O/S, using the Reference Monitor architecture to implement the security policy while providing full accountability, tracking and assurance. This design ensures that the combination of the application and O/S will operate in accordance with the Department of Defense Secure System standards.
  • A "Reference Monitor" mediates attempts by a subject to gain access to an object. An access control list is maintained as well as a tamper-proof audit trail of security-related events.

Back to Top

What a secure system must do:

  1. Implement Policy
    Security Policy - System must enforce a well-defined security policy.
    Marking - System must associate all objects with access control labels (sensitivity & access modes).
  2. Ensure Accountability
    Identification - System must identify individuals and their various authorizations in a secure manner.
    Audit Trail - System must keep & protect audit trail so actions may be traced to responsible party.
  3. Deliver Assurance
    Evaluation - System must have hardware/software mechanisms that can be independently evaluated to assure that policy & accountability are enforced.
    Continuous Protection - System must continuously protect trusted mechanisms that enforce policy & accountability from tampering.

IQware's unique software offers security features while providing the necessary deployment environment uniquely suited to the health care industry, as illustrated below:


Back to Top