University Management System - UMS-X1 Technical Data
1 like419 views
The document provides a comprehensive technical overview of the UMS-X1 educational solution, detailing its architecture, infrastructure, security measures, and usage management. It emphasizes the importance of high availability, security protocols, and scalability to ensure optimal performance for client operations. Key features include a three-tier architecture, robust security layers for data protection, and efficient handling of user accounts and permissions.
University Management System - UMS-X1 Technical Data
- 1. TECHNICAL INFORMATION ABOUT THE UMS-X1 EDUCATIONAL SOLUTION Automation for the Enterprise
- 2. OUTLINE I. ITI TECHNICAL OVERVIEW II. HOW IS THE UMS-X1 STRUCTURED 1. SOLUTION ARCHITECTURE 2. INFRASTRUCTURE 3. SECURITY 4. USAGE III. WHAT UMS-X1 ENSURES IV. Q&A Presented By Internet Traders International S.A.R.L
- 3. ITI TECHNICAL OVERVIEW ITI employs highly skilled NOC engineers with the aim of deploying Systems on high performance machines hosting client applications. These applications run our client operations online; therefore uptime, security, scalability and reliability are critical in ensuring proper delivery of services. Our 24/7 technical support and quality awareness enables us to maintain our online business reputation that is reflected by our clients, providing them with highly sophisticated platforms to expand their business and operations.
- 4. Solution Architecture Infrastructure Security Usage HOW IS THE UMS-X1 STRUCTURED?
- 5. The UMS-X1 Solution is hosted on Linux Operating System( Red Hat Enterprise). The UMS-X1 is a Web Application utilizing PHP(Server-side scripting) and JavaScript (Client-side scripting) for code development and HTML for design. As a browser- based System, the UMS-X1 uses HTTP Requests to transmit data, making it accessible to users on a variety of client platforms, such as Linux, Macintosh, and Windows. 1. SOLUTION ARCHITECTURE …. Internet Database Server Scripting Engine Scripts Web Server Database Management System Client Tier Middle Tier Database Tier Web Surfer HTTP Request The UMS-X1 is a database driven application built around a three-tier architecture model: Client Tier, usually web browser software that interacts with the application. Middle Tier, built on top of the database tier is the complex middle tier which contains most of the application logic and communicates data between the other tiers. Database Tier, consisting of the database management system that manages the database containing the data users create, delete, modify, and query.
- 6. 2. INFRASTRUCTURE The UMS-X1 Infrastructure is based on six essential Layers: Load Balancer Firewall Application Servers Clustering of Databases Reporting Server MySQL Server
- 7. LOAD BALANCER The Load Balancer allows you to balance the load of requests across multiple servers. The servers will appear as one to the end user. This enables you to manage the clustered network very easily and allow the clients the most efficient and quickest way to access the data. To ensure the data on the servers is synchronized, the File Synchronization feature will replicate the data on all servers automatically. Should any of the servers or processes fail, the Failover feature will direct all the traffic to the available servers. The Load Balancer will ensure your site and services are always available to handle incoming connections. 50% 50% Primary Secondary
- 8. FIREWALL • The Application Layer is protected by firewall designed to secure applications from network and application-layer attacks through an easy-to-manage and integrated approach. The application firewall is a critical element in delivering a complete application access and security solution. Application Server Web Server HTTP Client Browser
- 9. APPLICATION SERVERS • An application server is a software engine that delivers applications to client computers or devices. Moreover, an application server handles most, if not all, of the business logic and data access of the application (a.k.a. centralization). The main benefit of an application server is the ease of application development, since applications need not be programmed; instead, they are assembled from building blocks provided by the application server. • Application servers typically bundle middle tiers to enable applications to intercommunicate with dependent applications, like Web servers, database management systems, and chart/Reporting programs. Desktop Machine Laptop User Interface Presentation Layer Application Logic Data Manager and MySQL engine Database Server
- 10. MYSQL SERVER The MySQL® database has become the world's most popular open source database because of its consistent fast performance, high reliability and ease of use. The figure below illustrates what MySQL Server can provide us with:
- 11. CLUSTERING OF DATABASES MySQL Cluster’s unique parallel fault tolerant architecture provides the following benefits: – 99.999%Availability provided by a fault tolerant architecture – Cost Effective requiring less hardware, lower maintenance costs, and affordable licensing compared to proprietary databases. – High Performance which only an in-memory database can provide. – Linear Scalability to incrementally scale your system without a high initial hardware investment. – Easy to administer reducing your need to hire additional database administrators. – No Single Point of Failure using a distributed node-based architecture with fast failover Hot Backups to back up to system without interruption. – Automatic Fast Failover enabling systems to automatically fail over in less than a second. Cluster
- 12. REPORTING SERVER The reporting server hosts the Reporting Engine. Since reporting bears heavy load on the system, it is deployed on a separate server where the queries will run and not affect the other servers. Report Processing Reporting Server Data Processing Security MySQL Server Database Browser
- 13. INFRASTRUCTURE DIAGRAM Application Server 1 Application Server 2 Application Server 3 Load Balancer Firewall Clustering Management Node Database Part 1 Database Part 2 Database Part 1 Database Part 2 Replicated Reporting Server www.ums-x1.com No Public Access Local Network 1 2 3 5 MySQL Server 4 6 Clustering Management Node Clustering of Databases
- 14. 3. SECURITY Security of your mission critical Internet operations is of paramount importance. ITI employs multiple levels of security to ensure that client data is very secure and can be easily recovered from backups. Security includes: 1. Data Security 2. Materiel Security 3. Network Security ITI Lebanon staff handle security and audit reports and submit any observations to relative personnel. Security and audit monitoring is a great tool to spot errors and trace attackers. On one hand, it will guide the employees to correct their mistakes. On the other hand, it will spot any changes done due to any security breaches that might occur and take corrective actions accordingly. Authentication Vulnerability Assessment LogsNetwork Encryption
- 15. Security of your mission-critical Internet operations is of paramount importance. Multiple levels of security are employed to ensure that only Data Center Operations Engineers are physically allowed near your routers, switches, and servers. Security procedures are as follows: No Public Access: Public access to the data center is strictly forbidden. Video Surveillance: Live video surveillance of the entire data center building is monitored 24/7. Onsite Security Personnel: Onsite security personnel monitor the data center building 24/7. Security personnel provide the first layer of security for entering the data center. Military-Grade Pass Cards: Access to the data center is restricted to those who hold a pass card. These pass cards control elevator access to restricted floors within the building. Power: The data center gets power from commercial utility underground conduits with a 30-minute battery backup in the event of failure. UPS Systems : The power systems are designed to run uninterrupted even in the unlikely event of a total power outage. Diesel Generator Systems - Our onsite diesel generator will automatically start in the event of a power surge or power system failure. MATERIEL SECURITY
- 16. The security policy is applied on all users who access the System/Network including administrators, accountants, instructors and students. The security policy provides maximum security by all types of vulnerabilities on any level (interruption, interception or fabrication) on any broad category (hardware, software or data)and assures the terms of confidentiality, integrity and availability. A user policy documentation is handed to administrators and users to know their privileges. Users are classified into groups related to their departments, their responsibilities and status. DATA SECURITY No access is allowed to the servers Connecting directly to the database, is not through the application, but by reconfiguring the firewall to allow database access from designated IP Access is only granted on the local network (private IP) to the application servers
- 17. Network security threats – from Internet-born worms and viruses to DDoS attacks, internal data losses, natural disasters and terror-related risks – pose a multi-billion pound threat to corporations. From secure server builds and security-tested OS installations to a physically secure data centre and monitored network, we take a multi-layered approach to keeping your hosting operations reliable and secure. 1. 100% Availability 2. Connectivity: fully resilient and redundant network infrastructure 3. Routing: Each packet is evaluated and sent over the best route possible 4. Guaranteed Packet Delivery: To ensure network integrity NETWORK SECURITY
- 18. MORE SECURITY… • Path Security The path to internal files in the web system is confidential. The address bar will be hidden when the user is authenticated into the web system to avoid others memorizing the path. • Password Protected Directory A user has to supply a username and password to pass through protected directories where certain web system files exist. The usernames and passwords will be configured into groups. Groups can be: administration, registrar, accounting, student affairs, etc…Each staff member will have the username and password of his own group. • Web System Authentication A staff member will need to supply his own unique username and password to the web system to authenticate him according to his privileges. • Secure Transfer of data When a user is sending his credentials through the internet, the transfer of information will be secured using Secure Hypertext Transfer Protocol (HTTPS). This will disable any hacker from stealing the credentials on the internet.
- 19. 4. USAGE Permission and security: UMS-X1 has a reliable permission system. The main edge of this permission system is flexibility. The administration can easily specify the restricted areas on the system. The administrators have access according to the assigned role.
- 20. Administrator Management: The administration can manage the usage of the system. Such as registration parameterization (setting criteria for registration: per major, school, number of credits, etc…)
- 21. Accounts Management Faculty Accounts Management Adding / Editing / Enabling / Disabling Resetting Grading System Resetting Account Password Students Accounts Management Blocking / Unblocking Staff Accounts Management Adding / Editing / Enabling / Disabling System Administrator: Semester Management Current Semester Administration Pre-registration Period Registration Start/End Add/Drop Start/End Withdrawal Start/End Classes Start/End Semester Start/End Refund Percentage Setting holidays New Semester Creation Semester Creation Setting of Payment Dates Course Offerings Adding course offerings Deleting course offerings Setting type of offering System Configurations Schools Majors Contract Sheets Courses Course Prerequisites Grades Lists Official Documents Entrance Exams Rooms Registrar: Applications Management Data Verification Entrance Exams Official Documents Major Selection Curriculum Editing ID issuance Setting of Financial Aid Forced Course Registration Students Affairs View Absence View Grades Incomplete Grades Management Honor Lists Official/Unofficial Transcripts Contract Sheets (Curriculum) Academic Withdrawal Accounting Department All tasks related to Payment Vouchers All tasks related to Transactions Special Permissions to debit or credit students’ accounts Faculty Payroll File Management: The files accessed are grouped into categories where the administrator can set privileges. For example, a user might view data but cannot delete/modify. The categories are divided into subcategories where handling of permissions will be limited to page level.
- 22. WHAT UMS-X1 ENSURES • UMS-X1 Maintenance UMS-X1 Maintenance is the process of enhancing and optimizing, as well as remedying defects that may be encountered in the UMS-X1. UMS-X1 maintenance involves changes to the software in order to correct defects and deficiencies found during field usage as well as maintaining the integrity of the database, file transfer client, and backups. • UMS-X1 Scalability Scalability ensures that the system can adapt to growing demands such as being able to handle more users or a larger number of enquiries and transactions, and to have the capability to meet peak demand periods without introducing unacceptable delays for processing queries. • UMS-X1 Availability High availability is a primary and critical requirement. It means that the system must be up and running 24/7 with no downtime. The system must be able to recover immediately from any failure situation, from software bugs to hardware crashes. This means that there must also be fast failover, so that other operating nodes will continue to process requests seamlessly.
- 23. Presented By Internet Traders International S.A.R.L
- 24. Presented By Internet Traders International S.A.R.L