Link between Fortified ID and Inera's technical regulations, collaboration and function
Inera Reference Architecture
As the digitalization of healthcare accelerates, it is more important than ever that the solutions we build actually fit in. That is why we at Fortified ID are particularly proud of how our products harmonize with Inera’s reference architecture.
The platform offers support that Regions are influenced by current standardized protocols, enabling interoperability, secure authentication, and delegated access. By following established frameworks and implementing effective provisioning methods, Fortified ID ensures a unified and reliable identity infrastructure that meets the requirements for both security and flexibility.
Fortified ID and Ineras Reference Architecture
Link between Fortified ID and the interaction and function of the Reference Architecture
Identity Provider (IdP)
Fortified ID offers robust IdP services that enable user authentication and the generation of secure identity certificates. The solutions support multiple authentication methods and protocols, ensuring interoperability and ease of use. This includes support for single sign-on (SSO) and authentication context management, which is in line with the requirements of the reference architecture.
Certificate Issuance and Brokering
Fortified ID’s platform enables the issuance of both identity and access certificates, with support for both front-channel and back-channel communication. Certificates are digitally signed and can be tailored to specific attributes according to the principle of data minimization, which meets the security requirements of the architecture.
Identity Data Warehouse
Fortified ID provides a consolidated data warehouse solution, following the “identity fabric” pattern, ensuring quality-assured identity information. The solution supports attribute-based authorization evaluation and can integrate data from multiple sources, including HR systems and credential registers, which is central to creating a unified user profile.
Provisioning Service
By automating the provisioning of identity data, Fortified ID helps organizations manage the identity lifecycle efficiently. The solution supports both push and pull provisioning patterns and is compatible with standard protocols such as SCIM.
E-Certificate Issuer
Fortified ID is only involved in the issuance of Fortified ID Mobile. In other cases, existing e-credentials, such as SITHS or BankID, are used. The solution meets high trust requirements and offers support for multi-factor authentication.
Access Certificate Service
Fortified ID issues and manages access certificates that enable fine-tuned access control based on policies and attributes. Access certificates are seamlessly integrated into e-services to meet security and authorization requirements.
API Security Service
Fortified ID's API security solutions provide system-level authentication and authorization, facilitating secure communication between systems. The solution includes support for tokens and encrypted connections according to modern standards.
System Authentication and Authorization
The platform enables secure authentication and authorization between systems through standardized protocols and token management. This includes support for delegation and verification of access rights.
Delegated access from users
Fortified ID implements delegated access solutions, which enable users to transfer access rights securely and efficiently, including across organizational boundaries. This supports multiple interaction patterns such as certificate exchange and re-authentication.
Identity and Credential Federation
Fortified ID's federation solutions ensure interoperability between different organizations and services through standardized trust frameworks and attribute exchange. They enable efficient collaboration through secure and reliable processes.
Governance Service
Fortified ID’s rule management is flexible and scalable, enabling you to implement and interpret rules in a machine-readable manner. The services support granular and dynamic access control rules.
Access Governance and Compliance Support Services
Fortified ID offers comprehensive governance and compliance support services, including logging and reporting to ensure compliance and access is properly regulated.
Link between Fortified ID and the Reference Architecture Technical Regulations
Technical Protocol and Format Breakdown
Fortified ID provides support for modern technical protocols and formats required for authentication, federated login, and delegated access. The platform uses JSON Web Tokens (JWT) and other standardized certificate types, ensuring interoperability and secure management of identity and access data according to the recommendations in the reference architecture.
Recommended protocols by capability
Fortified ID implements the recommended protocols for federated login, SSO, and delegated access, such as SAML2, OpenID Connect, and OAuth 2.0. This alignment enables interoperability with e-services and supports different technical platforms in parallel. Fortified ID also focuses on providing support for both new and existing protocols, such as SAML2, which facilitates integration with existing systems.
Protocols for Federated Login and SSO
Fortified ID's solutions implement both OpenID Connect and SAML 2.0 for federated login and SSO. The services support authentication context and secure authentication request management, which follows the specific requirements listed in the reference architecture. The solutions also provide logout management capabilities in a manner that aligns with recommended standards.
Delegated Access Protocols
Fortified ID uses OAuth 2.0 as the primary protocol for delegated access, including flows such as Authorization Code. This enables secure access management between users and systems, as well as between different systems, addressing the needs highlighted in the architecture.
Authentication Protocols
Fortified ID solutions support modern authentication protocols, including Mutual-TLS with x.509 certificates and FIDO2. These protocols offer strong security through asymmetric encryption and support for multi-factor authentication, meeting the requirements for robust authentication for both users and systems.
Technical Frameworks for Federation
Fortified ID follows frameworks such as SAMBI, Sweden Connect, Verifiable credentials and OpenID Connect Federation to ensure interoperability and secure management of metadata between different identity providers and services. This supports trust frameworks and standards for federation, which is a key component of the reference architecture.
Technical Frameworks for Provisioning
The platform includes support for the SCIM protocol for efficient provisioning of identity data. This ensures that user information can be provided to systems and e-services in a standardized and quality-assured manner, which meets the recommendations in the architecture.