Figure 1: Overview of the Application Architecture and Its Key Components
Hosting
The application's data and services are hosted in Canada on AWS (Amazon Web Services).
AWS services are configured to ensure high availability and automatic scaling.
The primary AWS services used include API Gateway, Lambda, DynamoDB, and S3.
Data and File Management
Data and files are stored in secure, encrypted databases (DynamoDB, MongoDB, S3) with regular backup mechanisms to ensure data security and integrity.
Data is stored in different formats to optimize performance for writing, searching, and data analysis.
Authentication and Security
User authentication is handled in multiple ways (one-time link, username/password, Azure AD) and is managed using JWT tokens.
Access rules for data are defined directly within the business model of the application and are automatically enforced by the system.
All communications between services are encrypted using TLS.
Access to services can be restricted based on IP address.
API and Integration
The application's services are accessible via REST APIs and encrypted using TLS.
Services are secured using a JWT token representing a system user or, in the case of integration with an external system, through an API key.