A friend of mine is physician and shares his office with other physicians (they're all psychiatrists). They're looking for a not to pricey and secure way to share and store files (basically text-only notes and reports) on a server (preferentially running Ubuntu Linux) over the LAN.
They need to be able to dynamically set the permissions on certain files: Sometimes physician A needs to give read access on a certain file to physician B and remove it again. Or physician B and C need read/write access on a certain file that physician A has no access at all.
Besides that, it's very important that no other person can read those files even if this person would gain physical access to the server.
They're not into memorizing hundreds of passwords, so I'm also looking for some kind of OS-agnostic SSO solution maybe even using a hardware token.
On the clientside, they all have different workstations (Windows XP, Linux and OSX).
I was thinking of a solution using TrueCrypt in combination with eTokens, so no matter where the files are saved, they're always encrypted and can only be read by people having the permission to.
Does anyone of you have a better idea or could you point me to a similar setup/howto? Or would you just setup a smart intranet webapplication by yourself in this case?