Upload
rosemary-allison
View
213
Download
0
Embed Size (px)
Citation preview
JVM TehnologicJVM Tehnologic
Company profile & core business
Founded: February 1992;
– Core business: design and implementation of large software applications mainly for financial market.
– Areas of specializations
– Platforms: Windows (95, NT, 2000,2003);
– Technical expertise: MSSQL Server, Sybase, Oracle, C, C++, Visual C++/Basic/C#, MS Interdev, ASP, IIS, BC++, Delphi.
Microsoft business partner (product integration partnership member)
Compaq/HP business partner
System SecuritySystem Security
The most advanced security systems used nowadays : Public Key Infrastructure– SSL 3;– RSA public keys modulo 1024 bits;– Sha1 algorithm for thumbprint;– Digital Certificates (with time stamp);– Dynamic key exchange;– 128 bits – Cipher Strength;– Client and Bank authentification … so we know with
whom we talk and you also … Network protocol separation; SQL Protection steps
The Concept ofThe Concept of Three - Tier ArchitectureThree - Tier Architecture
Benefits– Common interface to heterogeneous data stores;– Software and hardware scalability without affecting system performance;– System reliability and maintainability;– Increased data security;– Business logic sharing.
Application ServerDataLogic
BusinessLogic
Web basedforms Data Stores
Used by our Internet Service
Internet Banking ArchitectureInternet Banking Architecture
Browser
Bank’s Database
Web Servers
BackOfficeApplication
Customer databases
SQL Servers
BackOfficeDatabase
::
Clients
Data flowData flow
One information unit named “electronic message”;– flexible structure with <field-value> pairs;– easy and fast transfer;
Two-phase data transfer;– Import of incoming messages from
customer database;– Export of outgoing messages from bank’s
database system; Flow control and monitoring done by
BackOffice application.
Presentation layerPresentation layer
Only an Internet browser is required; Enhanced security mechanism through
Secured Socket Layer protocol; Dynamic Web pages through DHTML and
ASP technology; Full customization.
Browser Web Server
request URL
Web page
Customer database
SQL query
Query results
Business layerBusiness layer
Provides services to the presentation and data layers– Bi-directional transfer of electronic messages;– Deployment of basic banking information to customer database;– Customer registration and access control;
Enforces customer business rules– Data checking and validation;– Signature mechanism for customer operations;
Enforces bank business rules– Data checking and validation;– Acceptance mechanism for customer transactions;– Translate transaction data to and from specific formats.
Bank SideBackOffice ApplicationCustomer side
Electronic Message Electronic Message Processing LogicProcessing Logic Chain of states to control message evolution
– Uncompleted : not successfully transferred;– Unprocessed : completely imported;– Refused by user : rejected by authorized bank personnel;– Accepted : accepted by authorized bank personnel;– Refused by app : not successfully processed;– Transferred : successfully processed;
Special authorized mechanism to change manually message status;
Configurable mask of valid states for a message.
Internet Banking ConclusionsInternet Banking Conclusions
Full access to bank services with minimum hardware and software configuration for customer;
Total location independence for the customers; Maximum security through access control,
encryption and authentication; Customizable application core; Customizable user interface through Web power.