Overview

Revisi per 2 September 2014 13.56 oleh Angus (bicara | kontrib) (Security)

iSIKHNAS Server Infrastructure

iSIKHNAS is hosted in a Virtual Private Cloud (VPC) on Amazon Web Services (AWS) cloud servers. The VPC consists of a number of different components (servers, queues, storage) that expand and contract according to need.

Security

Access security

The Virtual Private Cloud allows computers within the could to communicate between themselves rapidly and easily, while blocking all access from outside the VPC. Access is controlled by a single, highly secure NAT server.

All communications with iSIKHNAS are encrypted using secure industry standard Transport Layer Security (TLS) encryption, preventing interception of any data exchanged between the user and the VPC.

Administrative access through the NAT server is controlled using digital certificates.

Data security and redundancy

The iSIKHNAS database runs on a single master database, with multiple slave databases providing real-time replication. Some of the slaves are always in a different physical location to the master. In case of failure of the master, one of the slaves is automatically promoted to be the master, resulting in down-time of only a few seconds.

In addition to database replication, the full system is automatically backed up every 12 hours and stored in replicated off-site storage.

The VPC is spread across two security zones, representing different physical locations, with servers and queues replicated in each zone. This means that should there be a catastrophic failure of an entire data centre, the system will continue to run uninterrupted.

Servers

The VPC Database Web Messaging Processing Reporting

Storage

Buckets

Queues