User authentication is defined as being "the process or action of verifying the identity of a user or process". Note that the definition includes those users that are not necessarily people. User authentication involves the user proving that they are who they say they are, with the next step being User authorisation that confirms the access users have to data and functions within the register.
User authorisation capability relies on every person accessing the register having an individual profile that uniquely identifies them. These profiles are used for all activity within the register, aside from those such as simple register searches which may be performed anonymously by a guest user. This approach ensures that all actions undertaken within the register are attributable to an individual user, and delivers significant benefits in terms of security, auditability and accountability within the register:
- Available entities and actions can be controlled at the individual user level
- Any changes made by a user are attributed to them within the audit logs, therefore can be identified and reviewed if necessary
Authentication features
Verne provides a series of features that manage various aspects of authentication:
Login
Enables registered users (both internal and external) to login to the system. This feature also allows user to navigate to the creation of a new profile or to request password/login recovery.
Log out
Enables registered users (both internal and external) to terminate user session by logging out of the system. Verne automatically times out the user session and logs the user off if user activity is not detected during the specified time interval.
Password recovery
Allows users to initiate password recovery when they have forgotten their password.
Login recovery
Allows an active user to restore their login in case they have forgotten it. This is possible only if user has previously supplied an optional recovery email address.
