Verify Appendix C

APPENDIX C: UNIFYED SINGLE SIGN-ON TECHNOLOGY OVERVIEW

UNIFYED SSO TECHNOLOGY OVERVIEW

Unifyed SSO is a middleware stack that helps end users achieve single sign-on into a library of pre-configured applications. Unifyed SSO is run out of the cloud. Unifyed SSO has extended it’s hosting services to Amazon®® Elastic Compute Cloud (Amazon®® EC2). Each virtual machine is equipped with 15 GB RAM, 50 GB storage space (SSD), 4 virtual CPUs with 5 Mbps bandwidth.

The Unifyed SSO application uses Java J2EE for its server side processing and uses Spring Technology, including Spring Security, Spring Schedulers, Spring MVC and Spring JPA. The Unifyed SSO database layer uses Spring JPA which communicates to a clustered MySQL database (Gallera replicated).

The user interface for the Unifyed is running on a rich Javascript based UI library known as AngularJS. The majority of the communication between the UI and server side is happening over AJAX REST calls.

The administrative functionality of the Unifyed middleware is protected via Spring Security and the rest of the API libraries which are used for SSO functionality can be dynamically configured to be protected via CAS or SAML based authentication providers.

UNIFYED SSO ARCHITECTURE OVERVIEW

System Availability

  • Unifyed Single Sign-On is a 24/7 application with minimum availability levels of 99% system uptime per year
  • This figure does not include scheduled downtime where notice is given to Members, or where the Member’s database is taken offline due to Member requested work (e.g. carrying out a bespoke data conversion).
  • Minimum 24 hour notice of planned system outages.

Unifyed Single Sign-On Maintenance

  • Scheduled maintenance and service windows.
  • Advanced notification of outages.
  • Standard upgrades, bug fixes, performance analysis, storage maintenance
  • Unit tested, load tested, and user tested code.
  • Daily backups and pre-maintenance snapshots.
  • Backup is written to near line high speed disk and tape and stored in a secure offsite facility.

Monitoring & Reporting

  • Report of system performance metrics available upon request.
  • Report of system usage statistics available upon request.