As part of a robust design, applications are hosted across at least four servers, namely Web, API, Contract and Database servers. Desktop applications(WPF or WinForm) communicate directly with API server configured with a public IP or via VPN, likewise native mobile application.

The contract servers host business logics with default AES transmissions and when pass through API servers, data is double encrypted with standard SSL. For public end-points, AES encrypted data is decrypted on API servers and delivered using SSL only.

API servers typically provide JSON data to web servers, usually formatted according to the types of GUI components, e.g. grid display, complex dropbox and scheduler.

Last but not least, web servers mainly deliver HTML data and interact with users via javascripts. They are kept lean for minimal attack surfaces and remain efficient under heavy loadings from public.

Basic Server Configuration(Quad CPU, 4GB RAM, 80GB HDD free)

Database: Microsoft SQL 2017/2019
Contract: Core Server 2019/2022, Kubernetes 1.27 on Photon 5
Web/API: Debian Bulleye/Bookworm

Basic Data Backup Plan

Database: Daily with overwrites scheduled between 01:00 to 03:00 hrs (GMT+8)
Contract/Web/API: Monthly with overwrites span across mid of each week between 22:30 to 00:30 hrs (GMT+8)

Acronyms

PLAN: Private Local Area Network
LAN: Local Area Network
API: Application Programmable Interface
SMS: Short Message Service
AES: American Encryption Standard

Last Updated: Jul 2023