This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
documentation:architecture [2018/06/26 11:36] tjotov |
documentation:architecture [2018/06/26 13:57] tjotov [R1] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== ADUCID architecture ====== | ====== ADUCID architecture ====== | ||
- | {{: | + | {{: |
+ | This chapter describes internal functionality of ADUCID. It is a foundation of [[integration: | ||
===== Target application ===== | ===== Target application ===== | ||
Line 9: | Line 10: | ||
From the system point of view, the application consists of a client part and a server part (TA Client and TA Server), which communicate with each other in their own manner via an R1 interface. | From the system point of view, the application consists of a client part and a server part (TA Client and TA Server), which communicate with each other in their own manner via an R1 interface. | ||
+ | |||
+ | With [[integration: | ||
===== Server part of ADUCID® ===== | ===== Server part of ADUCID® ===== | ||
- | The entire server part of ADUCID< | + | The entire server part along with the operating system and all third-party systems required to operate the server part of ADUCID are supplied as complete virtual |
- | The server | + | The server |
- | ==== AIM ==== | + | |
+ | ==== AIM ==== | ||
ADUCID< | ADUCID< | ||
AIM is controlled by the target application using the R4 interface. Using this interface, it also provides services for working with user data. | AIM is controlled by the target application using the R4 interface. Using this interface, it also provides services for working with user data. | ||
- | Using the R3 interface, it communicates with the client part of ADUCID< | + | Using the R3 interface, it communicates with the client part of ADUCID< |
- | + | ||
- | Another part of AIM is the provider of cryptographic services (AIM Crypto Provider) that can be implemented through different manners - e.g. as a software library or hardware device (HSM, etc.). | + | |
==== SQL database ==== | ==== SQL database ==== | ||
- | SQL database is used to store ADUCID identites, events and licensing logs. | + | SQL database is used to store ADUCID identites, events and licensing logs. The default SQL DB is Postgress but can be replaced with any JPA compatible DB. |
==== Admin applications ==== | ==== Admin applications ==== | ||
- | ADUCID comes with a set of support applications. All admin applications | + | See [[documentation: |
- | === PeigAdmin === | ||
- | PeigAdmin is a PEIG management tool. It also shows statistics and licensing. | ||
- | |||
- | === UserAdmin === | ||
- | |||
- | UserAdmin is similar to PeigAdmin but also manages proofing data. | ||
- | |||
- | === SecAdmin === | ||
- | SecAdmin is meant to configure security parameters of ADUCID AIM (encryption algorithms, key length, expiration periods etc.) | ||
==== Proofing applications ==== | ==== Proofing applications ==== | ||
Line 52: | Line 44: | ||
see [[: | see [[: | ||
- | |||
- | ===== PEIG proxy QR code ===== | ||
- | |||
- | PEIG can act as super secure feature for QR code authentication. In this case PEIG authentication is turned off (but PEIG is running). QR code is not server by AIM-proxy but rather created by PEIG-proxy module. This is one of most secure setups in ADUCID topology (see Binding documentation for details) and definitely secure than displaying QR code using browser. | ||
===== Interfaces ===== | ===== Interfaces ===== | ||
Line 63: | Line 51: | ||
==== R1 ==== | ==== R1 ==== | ||
- | R1 is an application interface handled by customer application itself. In mobile application integration R1 is encapsulated in Papi (PEIG API). | + | R1 is an application interface handled by customer application itself. |
+ | * Between browser and PEIG it's represented by URI call | ||
+ | * In mobile application integration R1 is encapsulated in PEIG API | ||
+ | * On Unix R1 can be accessed via | ||
==== R2 ==== | ==== R2 ==== |