A software solutions provider in health care sector wanted to develop an information management system which could be provided as on-premise installation as well as on SaaS model. The system had to be easily customizable with the capability of adding modules in a plug-and-play manner as well as set access to features for each end customer. While the client had conceptualized the system quite well they lacked the technical skills, or a technology partner, to convert the concept into a robust architecture and a functioning system.
The system to be build had these objectives:
Architecting and designing this system was challenging because of these considerations
The solution designed for this application had a master module common to all customers which handled security and subscription information. From this module system administrators can create multiple “tenants” or the software to provide a virtually separate and independent environment called “org” for each customer. The modules subscribed by customer could be added to these orgs separately for each customer. Separate customized or completely new code bases could be easily deployed at system level and added to org level by system administrators. Predefined configuration scripts were created to generate this configuration quickly and easily for on-premise installations.
The system was designed on Service Oriented Architecture (SOA) to enable sharing or information between independent modules. A service broker was created which worked as a mediator between these independent components so they did not have to be aware of each other. This was specifically needed to make the system plug-and-play so as to allow adding of any number of custom components as and when needed.
The authorization system was designed with multiple layers. Access Control Lists (ACLs) could be created for allowing access to features. Users and user groups can be assigned to these ACLs with applicable permission of each user or user group. The ACLs can then be assigned to a feature to which authorization rules have to be set. This way same ACLs can be assigned to multiple features making administration of permission very quick and manageable.
The system was built on Microsoft technologies and third party libraries.