System Architecture
    • PDF

    System Architecture

    • PDF

    Article summary

    Article Overview

    The following article describes EasySend’s environment architecture and introduces the main environments:  the Builder and the Player. The article also details a frequently asked questions section about both environments.

    Production Environment Architecture

    The architecture comprised two environments, each deployed and managed independently to ensure proper customer data access separation and protection:

    • The Builder - a User Interface (UI) editor used by members of your organization to design and create digital processes.
    • The Player - a digital process viewer used by your end-users (customers/customers representatives (agents)) to interact with the created process, input data and submit requests.

    Architecture Design concept

    (See Figure 1)

    This architecture was created as a part of our security perception to allow maintaining the following:

    • A central multi-tenant environment that enables to harness and utilize the full flexibility of a Software as a service (SaaS) solution.
    • The highest standard for security and data protection by creating multiple isolated single-tenant player environments - separately dedicated for every customer. The player environment is the only environment that handles personal customer data.

    Single and Multi-Tenant.

    Figure 1: Single and Multi-Tenant

    Builder Environment Introduction

    (See Figure 2)

    The  Builder is a multi-tenant environment that enables you to perform a variety of actions such as:

    • Build - create and edit digital processes.
    • Integrate - with different services, third-party Apps, core systems, and APIs like EasySign.
    • Measure - using dashboards, get a detailed analysis of how digital processes are performing.
    • Operate - track digital processes and create detailed tracking reports.

    While digital processes are designed within the builder, personal end-user information is never stored within the builder environment.

    Data stored within the Builder is used to define the behavior, look and feel, and business logic of the digital process.

    The  Builder UI is a multi-tenant environment that enables you to perform a variety of actions such as:  Build - create and edit digital processes. Integrate - with different services, third-party Apps, core systems, and APIs like EasySign. Measure - using dashboards, get a detailed analysis of how digital processes are performing. Operate - track digital processes and create detailed tracking reports.

    Figure 2: Builder Platform UI

    The Builder manages user access by assigning each user to one or more security groups. Each group in turn has restricted access only to their relevant resources. Tenant security groups have a built-in mechanism for restricting access to the data of a specific tenant only. This methodology ensures complete data separation between different tenants.

    NOTE
    For additional information about the Builder, see the Platform Overview articles.

    Deploying a Digital Process

    (See Figure 3 and Figure 4)

    Once a digital process is created by the Builder, it is deployed by clicking the Deploy button and choosing the Player environment for deployment.

    Deploy Button and Player Environment.

    Figure 3: Deploy Button and Player Environment

    When deploying a process, the player is updated to contain the latest version of the process as built using the Builder.

    The deployment process uses an additional set of services and follows these steps:

    1. EasySend Web Server triggers a background task to initiate deployment, sent as a message on the message queue.
    2. The message is handled by one of the background task workers in the builder.
    3. The background task worker packages all the required resources into a zip archive, digitally signs it, and sends it to a Build server.
    4. The build server verifies signature validity, unpacks the zip archive, and performs additional build steps required for process deployments such as CSS asset construction, theme composition, and conditional and computed logic.
    5. The build server packs all assets back into a zip file, and digitally signs the package again. It then sends it to the relevant Player environment for deployment.
    6. The Player verifies the digital signature again, and upon successful verification, deploys the assets to a dedication location in an asset deployment bucket.

    The deployment process uses an additional set of services and follows these steps:  EasySend Web Server triggers a background task to initiate deployment, sent as a message on the message queue. The message is handled by one of the background task workers in the builder. The background task worker packages all the required resources into a zip archive, digitally signs it, and sends it to a Build server. The build server verifies signature validity, unpacks the zip archive, and performs additional build steps required for process deployments such as CSS asset construction, theme composition, and conditional and computed logic. The build server packs all assets back into a zip file, and digitally signs the package again. It then sends it to the relevant Player environment for deployment. The Player verifies the digital signature again, and upon successful verification, deploys the assets to a dedication location in an asset deployment bucket.

    Figure 4: Deployment Process Services and Steps

    Player Environment Introduction

    EasySend Player environments are used to serve the digital processes to your end-users. EasySend player is based on a single-tenant architecture, allowing each organization to receive separate servers and databases.

    Organizations typically use at least two separate Player environments:

    • Development (Dev) - used for testing before moving into production.
    • Production (Prod) - a live environment.

    Additional environments such as QA, staging, and pre-prod can also be used according to the requirements of an organization.

    The single-tenant architecture also enables complete separation between different environments of the same organization.

    Frequently Asked Questions

    This section contains different frequently asked questions about EasySend and their answers.

    Q: What is the difference between the Builder and the Player?

    A: The builder is a UI editor used by members of your organization to design and create digital processes. The digital process viewer is used by your end-users to interact with the created process, input data, and submit requests.

    Q: How many Player environments does an organization have?

    A: Organizations would typically use at least two separate Player
    environments (Dev/Prod) and possibly more (QA, Staging, Pre-prod) per requirements.

    Q: Which environment stores and handles personal customer data?

    A: personal end-user information is never stored within the Builder environment. The player environment is the only environment that handles personal customer data.

    Q: What measures are taken to protect the personal information provided by end users?

    A: All data is encrypted in transit and at rest. An additional encryption layer is added to all stored data. All the data is encrypted using AES 256 before being saved to the database while the encryption key is stored separately in the application server. In addition, all personal information expires as soon as it’s no longer needed

    Q: Does each organization receive separated isolated resources?

    A: The architecture of EasySend was created as a part of our security perception to allow maintaining the highest standard for security and data protection by creating multiple single-tenant player environments - separately for every customer.

    The single-tenant architecture also enables complete separation between different environments of the same customer.

    Q: Which browsers and devices support the Builder and the Player?

    A: The supported browsers and devices are:

    • For the Builder:
      • Chrome - two latest versions 
      • Edge - two latest versions
    • For the Player:
      • Desktop, Windows, and Mac:
        • Chrome four latest versions 
        • Edge - four latest versions 
        • Firefox - four latest versions
        • Safari - two latest versions
      • Mobile - iOs and Android:
        • Chrome - four latest versions  
        • Edge - four latest versions  
        • Firefox - four latest versions
        • Safari - two latest versions 
      • Tablet- iOs and Android:
        • Chrome - four latest versions  
        • Edge - four latest versions 
        • Firefox - four latest versions
        • Safari - two latest versions

    Was this article helpful?