IT Requirements
Introduction
Q-81 HSE WEB APP is an application for managing enterprise security. It allows to map all the objects related to risks, prevention, personnel and security and it also ensures the management and the relational connection of the examined entities. It guides the user through a set of processes for risk analysis and supports him/her in his/her choice of appropriate strategies for risk factor prevention. Developed for web use, the application envisages multi-user and multi-company management and is designed for both on-premise and cloud installation.
Architecture
The logical structure of the application is shown in the figure below.
T he three components (Web Server, Database and Document Manager) can be either installed on separate devices or on the same server.
Operating System
Q-81 HSE WEB APP runs on Microsoft Windows.
The basic operating system can be either Windows 2008 R2 or Windows 2012. The software is written by using .NET Framework 3.5
Database and Web Server
The application consists of 2 main components: the Microsoft SQLServer Express version (or higher) database and the web application installed on the Internet Information Server (version 7 or later versions).
The two components can be installed either on different servers or on the same server, depending on the amount of processed data and security and backup choices as well as customer-dependent situations.
It is possible to use on-server cluster or load-balancing configurations, based on the Microsoft infrastructure and Network Load Balancing abilities provided by the operating system.
Document management (optional)
Besides the infrastructure described above, you can use Microsoft SharePoint to store the application documents. This component may be already included in the infrastructure, or can be installed separately to handle only Q-81 documents. Q-81 HSE WEB APPLICATION uses a Microsoft Office Sharepoint Server library to store its own documents.
Security
The customer is in charge of the machine physical safety. The service can be made available on the Internet by simply publishing the http or, preferably, https web server protocol. We recommend the use of a reverse proxy or a firewall so as to limit exposure to attacks. The purchase and management of security certificates for the publication of the https protocol is entirely borne by the customer.
Software architecture
The software architecture adopted for the system implementation is based on the N-Tier scheme. According to this scheme, the architecture is developed on multiple levels (tier): each of them includes processes which are logically separated from other levels (tiers):
- Presentation Tier, that is user interface;
- Application Tier or Logic Tier or Midde Tier, including the process logic;
- Data Tier for data access and storage.
The advantage of this architecture is that it allows easy maintenance and tiers can be updated independently from each other, following both changes in the requirements and technological evolutions.
We therefore have the following architecture for the Q-81 HSE WEB APPLICATION:
- Presentation Tier. It is the user interface which runs on the PCs connected either to the LAN or the Internet via a web browser. It allows you to query and display the requested data and lets the user interact with the system using the communication mechanisms available for the application.
- Logic Tier, consists in turn of: DbWebPart (a component developed by Tempestive that allows the creation of the application logic), Ghostwriter for document generation, a document manager and process manager made up of a scheduler and a state machine.
- Data Tier manages data access and storage; in addition, it makes data management transparent (visible) to higher levels.
Authentication/Authorization
Authentication
Users who connect to the platform can use two authentication mechanisms: either on Windows Active Directory or with database stored username / password.
The two authentication methods are simultaneously available, thus allowing the user to log on in a transparent way using one of the two aforementioned mechanisms. Database saved passwords are stored as a hash, thus ensuring the security of the stored information in case of direct access to database.
Authorization
The authorization to the application features is developed on 3 levels (tiers) as follows:
- Application atomic features
- Application roles
- Users/Groups
The Application Roles aggregate groups of application features. Users and groups of persons using the application can belong to one or more roles.
The application enables to autonomously define new application roles aggregating new features and also customize access according to one’s own company structure.
Onpremise Solution Minimum Requirements
As we have already mentioned, the platform can be used in SAAS mode, without the need for any installation. For those who instead want to install the application on their own server, the software system minimum requirements are shown in the table below:
| Application minimum requirements and features | Q-81 HSE WEB APP |
|
Hardware |
CPU INTEL I3 or higher recommended INTEL XEON X3450, 4 GB RAM 100 GB Disk |
|
Operating system |
Windows 2008 or Windows 2012 |
|
Database |
SQL Server Express 2008 or SQL Server 2008 R2 |
|
Application Server |
Internet Information Server 7 or subsequent |
|
Browser |
Internet Explorer 7 or subsequent |
|
Authentication
|
Active Directory or database authentication |
We are at your disposal to evaluate alternative offer relating to the use of our cloud service (server farm Microsoft Windows Azure).
