ADUCID 4.x

User Tools

Site Tools

Trace:
documentation:architecture

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
documentation:architecture [2018/06/26 11:35]
tjotov [ADUCID architecture] 		documentation:architecture [2018/06/26 13:57]
tjotov [R1]
Line 1: Line 1:
 ====== ADUCID architecture ====== ====== ADUCID architecture ======
  
 +{{:documentation:aducid-architecture-overview.png?400|}}
  
-====== Basic components ====== +This chapter describes internal functionality of ADUCID. It is a foundation of [[integration:start|No-code integration]]
- +
-{{:developers:aducid-system-diagram.png?nolink&600x546}} +
- +
-== System diagram for integration == +
  
 ===== Target application ===== ===== Target application =====
Line 14: Line 10:
  
 From the system point of view, the application consists of a client part and a server part (TA Client and TA Server), which communicate with each other in their own manner via an R1 interface. From the system point of view, the application consists of a client part and a server part (TA Client and TA Server), which communicate with each other in their own manner via an R1 interface.
 +
 +With [[integration:start|No-code integration]] all applications are insulated behind AAA Proxy.
  
 ===== Server part of ADUCID® ===== ===== Server part of ADUCID® =====
  
-The entire server part of ADUCID<sup>®</sup>  along with the operating system and all third-party systems required to operate the server part of ADUCID<sup>®</sup>  are supplied as complete virtual appliances.+The entire server part along with the operating system and all third-party systems required to operate the server part of ADUCID are supplied as complete virtual appliance but can be installed as a set of components. 
 + 
 +The server side consists of these parts:
  
-The server part of ADUCID<sup>®</sup>  consists of following parts: 
 ==== AIM ==== ==== AIM ====
- 
 ADUCID<sup>®</sup>  Identity Machine – delivers ADUCID<sup>®</sup>  server functionality, performs all ADUCID<sup>®</sup>  operations and provides access to user data stored along with electronic identities in the database. ADUCID<sup>®</sup>  Identity Machine – delivers ADUCID<sup>®</sup>  server functionality, performs all ADUCID<sup>®</sup>  operations and provides access to user data stored along with electronic identities in the database.
  
 AIM is controlled by the target application using the R4 interface. Using this interface, it also provides services for working with user data. AIM is controlled by the target application using the R4 interface. Using this interface, it also provides services for working with user data.
  
-Using the R3 interface, it communicates with the client part of ADUCID<sup>®</sup>  . +Using the R3 interface, it communicates with the client part of ADUCID<sup>®</sup>.
- +
-Another part of AIM is the provider of cryptographic services (AIM Crypto Provider) that can be implemented through different manners - e.g. as a software library or hardware device (HSM, etc.).+
  
  
 ==== SQL database ==== ==== SQL database ====
-SQL database is used to store ADUCID identites, events and licensing logs.+SQL database is used to store ADUCID identites, events and licensing logs. The default SQL DB is Postgress but can be replaced with any JPA compatible DB.
  
 ==== Admin applications ==== ==== Admin applications ====
  
-ADUCID comes with a set of support applications. All admin applications require a particular role, proofing and personal factor (first admin gets these automatically).+See [[documentation:admin-applications|Admin applications]]
  
-=== PeigAdmin === 
-PeigAdmin is a PEIG management tool. It also shows statistics and licensing. 
- 
-=== UserAdmin === 
- 
-UserAdmin is similar to PeigAdmin but also manages proofing data. 
- 
-=== SecAdmin === 
-SecAdmin is meant to configure security parameters of ADUCID AIM (encryption algorithms, key length, expiration periods etc.) 
  
 ==== Proofing applications ==== ==== Proofing applications ====
Line 57: Line 44:
 see [[:documentation:client|PEIG]] see [[:documentation:client|PEIG]]
  
- 
-===== PEIG proxy QR code ===== 
- 
-PEIG can act as super secure feature for QR code authentication. In this case PEIG authentication is turned off (but PEIG is running). QR code is not server by AIM-proxy but rather created by PEIG-proxy module. This is one of most secure setups in ADUCID topology (see Binding documentation for details) and definitely secure than displaying QR code using browser. 
  
 ===== Interfaces ===== ===== Interfaces =====
Line 68: Line 51:
 ==== R1 ==== ==== R1 ====
  
-R1 is an application interface handled by customer application itself. In mobile application integration R1 is encapsulated in Papi (PEIG API).+R1 is an application interface handled by customer application itself. 
 +  * Between browser and PEIG it's represented by URI call 
 +  * In mobile application integration R1 is encapsulated in PEIG API 
 +  * On Unix R1 can be accessed via 
  
 ==== R2 ==== ==== R2 ====

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki