Project of portal development for a large Russian Federal service

Sub-project: Security Core

Requirements

The portal's security core is an integral part of the portal complex and is meant for organizing protected interaction between portal users and external informational resources.

The main goal for creation of the portal security core is to develop a centralized security system which would include mechanism and means for data protection when granting internal and external users with access services to a number of informational resources belonging to the Federal service through a common entrance point.

Consequently, the main works at the portal Security Core would be to develop the basic configuration of the Core, with the possibility of further adding functionality to the portal complex by means of applied software. It was also important to ensure deployment on the servers belonging to the state authorities in the frameworks of developing the portal access system.

Suggested solution

For solving the task, DigitalXpert suggested an idea of building the Security Core as a multi-tier modular security system. So the Core was realized as a set of subsystems: data protection subsystem, access management subsystem, registration subsystem, security system service, etc. Some subsystems are in fact combined software and hardware solutions – antivirus system (Kaspersky), Cisco, MOM / SMS, Secret Net, etc.

In order to enhance the overall protection of the portal complex, division into zones was used (demilitarized zone, protected zone). Each is treated with own security requirements.

The software part of the Core is realized with the classic three-tier architecture: presentation layer – business logic layer – database access layer. Taking into account all requirements to the Core, .Net was selected as the primary technology (ASP .NET, .NET REMOTE, ADO .NET, Web Services). Main programming languages are C#, HTML, JScript. Web Services is employed as the key technology for interaction with applied software and coupling components. It allows integrating systems created in various programming languages into a single whole.

MS SQL 2000 was selected to be the database server as the best solution in terms of price and quality.

As the security core should control all user actions and coupling components within the portal, a special API was realized which is responsible for interaction with functional modules of the access subsystem. Between the API shell and other components of the Security Core there is a Query Broker to the access subsystem, the main task of which is to utilize queries, manage production control and blocking.

The user level is realized as a thin web based client realized with ASP .NET. A window set is realized for managing all user windows. An SSL connection is used to protect data which is delivered to the user via open access channels. Data protection between the Web server and the application server is realized on the basis of Crypto API by Microsoft.

Result

The expected effect from portal implementation consisted in realization of technological environment that ensures increase in effectiveness of data access and applications for the benefit of state administration.

Such projects demonstrate the growing activity in modern technologies usage by Russian state authorities. It fundamentally changes the level of working with important and confidential information. By keeping and even increasing the level of data protection, modern software solutions allow both keeping the tremendous amounts of information and extracting the necessary data from it, quickly and precisely. DigitalXpert has used its rich experience received in projects for the developed IT market in the USA, to search and realize solutions for complex and interesting Russian projects.