JVM TehnologicJVM Tehnologic

Company profile & core business

Founded: February 1992;

– Core business: design and implementation of large software applications mainly for financial market.

– Areas of specializations

– Platforms: Windows (95, NT, 2000,2003);

– Technical expertise: MSSQL Server, Sybase, Oracle, C, C++, Visual C++/Basic/C#, MS Interdev, ASP, IIS, BC++, Delphi.

Microsoft business partner (product integration partnership member)

Compaq/HP business partner

System SecuritySystem Security

The most advanced security systems used nowadays : Public Key Infrastructure– SSL 3;– RSA public keys modulo 1024 bits;– Sha1 algorithm for thumbprint;– Digital Certificates (with time stamp);– Dynamic key exchange;– 128 bits – Cipher Strength;– Client and Bank authentification … so we know with

whom we talk and you also … Network protocol separation; SQL Protection steps

The Concept ofThe Concept of Three - Tier ArchitectureThree - Tier Architecture

Benefits– Common interface to heterogeneous data stores;– Software and hardware scalability without affecting system performance;– System reliability and maintainability;– Increased data security;– Business logic sharing.

Application ServerDataLogic

BusinessLogic

Web basedforms Data Stores

Used by our Internet Service

Internet Banking ArchitectureInternet Banking Architecture

Browser

Bank’s Database

Web Servers

BackOfficeApplication

Customer databases

SQL Servers

BackOfficeDatabase

::

Clients

Data flowData flow

One information unit named “electronic message”;– flexible structure with <field-value> pairs;– easy and fast transfer;

Two-phase data transfer;– Import of incoming messages from

customer database;– Export of outgoing messages from bank’s

database system; Flow control and monitoring done by

BackOffice application.

Presentation layerPresentation layer

Only an Internet browser is required; Enhanced security mechanism through

Secured Socket Layer protocol; Dynamic Web pages through DHTML and

ASP technology; Full customization.

Browser Web Server

request URL

Web page

Customer database

SQL query

Query results

Business layerBusiness layer

Provides services to the presentation and data layers– Bi-directional transfer of electronic messages;– Deployment of basic banking information to customer database;– Customer registration and access control;

Enforces customer business rules– Data checking and validation;– Signature mechanism for customer operations;

Enforces bank business rules– Data checking and validation;– Acceptance mechanism for customer transactions;– Translate transaction data to and from specific formats.

Bank SideBackOffice ApplicationCustomer side

Electronic Message Electronic Message Processing LogicProcessing Logic Chain of states to control message evolution

– Uncompleted : not successfully transferred;– Unprocessed : completely imported;– Refused by user : rejected by authorized bank personnel;– Accepted : accepted by authorized bank personnel;– Refused by app : not successfully processed;– Transferred : successfully processed;

Special authorized mechanism to change manually message status;

Configurable mask of valid states for a message.

Internet Banking ConclusionsInternet Banking Conclusions

Full access to bank services with minimum hardware and software configuration for customer;

Total location independence for the customers; Maximum security through access control,

encryption and authentication; Customizable application core; Customizable user interface through Web power.