Viafirma Manager (I) – Technical description

Thinking about the valuable information that can be obtained through the evaluation of statistics, as happens with tools like Google Analytics, which we all work normally, we decided to obtain statistical data for our authentication and electronic signature platform, Viafirma Platform.

We found it interesting to know which browsers were using our tool the most from, if our customers were using our mobile signature clients and even what Certification Authorities were the most used and what application from.

Thus Viafirma Manager was born, a product of the Viafirma Suite that gradually has also become the administration panel of the platform.

Through various articles like this, we will try to let you know this tool. Today we begin explaining its technical description:

Viafirma Manager allows to configure the behavior of the signature platform, to perform analytical usage, to check the system audit, to manage permissions and roles, etc..
One of the major commitments of the Viafirma suite is performance. The subsystem of electronic signatures (Viafirma Platform) is lacked of database access logic, for reventing that a possible drop or degradation of an external service (possible in extreme load situations) could affect the availability of the signature. Thus, the electronic signature platform can operate completely stand-alone (except for necessary connections to external resources such as certificate validation services from the Certification Authorities or TSA).

Our manager has high transactional load (one of his responsibilities is, for example, the storage of all data and metadata of each operation managed by the platform, auditing, policy management, configuration CA, TSA, etc.). However, an eventual drop of Viafirma manager does not affect the platform operation due to the nature of communication between both components, as explained below:

On the one hand we need to keep isolated the subsystem of electronic signature to avoid possible service degradation, but on the other there is an obvious requirement for bidirectional communication between the platform and the administration panel: the operations managed on Viafirma platform must be sent to Viafirma manager for storage, while the configuration managed by Viafirma manager must travel to the platform so that it knows how to behave. The technical solution that has been taken in Viafirma Suite is based on the mutual provision of a shared cache space, as described in the following figure:

Technical description Viafirma Manager

To make this via-cache communication possible, it is not necessary both products sharing server or Java virtual machine, but simply subnet, the cache system is ready to perform self-discovery operations and to link through the network, so that the link between the two products is made automatically. This mechanism is also enabled for communication between two different instances of the signature platform: two instances of Viafirma Platform on the net are placed in cluster mode automatically when self-discovery.

The information sending of validation transaction, electronic signatures, verification, etc.., is made from the platform to manager asynchronously and neglected, the platform stores this information in log type files, and processes running on separate threads are responsible for sending to Viafirma manager, where they are stored as audit logs and subsequently exploited.

It should be noted as a clear case of success of this model the implementation of the Tripartite Foundation for Training in Employment (INEM dependent), which makes with only one of its applications over 6 million transactions annually, has a higher 97% success rate and an effective operating time of more than 99%.

Comments

Leave a Reply