Wellness Layers Inc. - Wellness Layers Platform Technology

portal ecosystems and mobile applications

for clients in the health and wellness industry

sign up for our newsletter:

solutions

clients

blog

about us

media

solutions

our formula

wellness layers platform

mobile apps

our technology

application module

server architecture

scalability

platform editions

server architecture

01| Hardware

In a typical configuration, the Wellness Layers Platform Application Module Layers are distributed over four or more servers:

Web Servers: A minimum of two servers hosting the UI and BL layers of the Application Modules

Database Server: An SQL Database server, hosting the Data Layer of the Application Modules, hosted on an SQL server database

Linux Server(s): Hosting the three application layers of the Boards Module (UI, BL, Data)

02| Networking Configuration

Network configuration of the various servers is generally implemented as a logical or physical separation into DMZ and SDMZ subnetworks, depending on the client's preference.

In a typical configuration, shown below, the UI layer is hosted on the DMZ network segment and both the Business Logic and Data layers are hosted on the SDMZ network segment. This separation of network segments enables better protection to the internals of the system from the outside world, since only the DMZ network segment is exposed to the Internet.

Each segment contains two load balancers, two firewalls, and two switches, for purposes of redundancy.

03| Security

The Wellness Layers Platform utilizes Secure Sockets Layer (SSL) for encrypted connections. In addition to this protocol, the platform employs its own proprietary encryption algorithm for further data security.

The SSL protocol is typically used for Login / Account Management as well as any area of the site where the user is requested to submit confidential information. In instances where user data needs further protection, the data can also be encrypted on the database level

In addition to using SSL in specific segments of the user front end, all of the API calls serving third-party services use SSL for retrieving and updating data.

The Wellness Layers Platform also maintains a robust user authentication system that blocks all non-members from entering the members-only sections of the site.

The Back Office is similarly secured by a user authentication system for accessing reports, member and CMS administration. In addition, the Back Office supports role-based permissions that provide for administrator and editor rights and privileges.

Wellness Layers works with its clients to identify those areas that require additional security and then implement the needed security methodologies for safeguarding data. At the client's request, Wellness Layers can implement specially required security standards, or acquire needed certifications.

Figure 3 Firewall Configuration, Both External and Internal

04| Third-Party Integrators & API’s

All third-party services gain access to the Wellness Layers Platform using the secured WCF API via contracts.

Due to the separation of layers within each module (especially between the UI and Business Logic) a third-party service can only update and retrieve information from the system according to its permissions and the available APIs.

Each contractor is be given a unique Username/Password for communicating with the Wellness Layers Platform and given access to specific API contracts according to its permissions. These permissions can be changed from time to time and are negotiated between Wellness Layers, the client's system, and the third-party providers.

Each API invoked from a third-party service is tracked within the Wellness Layers application and for backend usage reports.

All transactions and events in the system are tracked via system logs. The system logs are used for debugging purposes and also for long running pages/tasks – these logs are then used by the development team to track the system performance and user errors while running in Production and return focus on fixing/improving the system.

The API will ensure a consistent methodology through which all third-party services send messages/actions to the Wellness Layers system, resulting in uniform environment for all messages/actions coming from the Wellness Layers system itself and any other third-party provider.

In many cases, a Single Sign On (SSO) approach can be taken between any existing client’s owned system and third-party services, using secure key negotiating for achieving a seamless user experience while surfing between systems.

Per the client's requirements, the Wellness Layers Platform can also initiate third-party calls for updating external services on events that occur within the Wellness Layers Platform. For instance, consider a third-party service for tracking personal weight and updates the Wellness Layers application for each weight log. Wellness Layers system could also update that specific third-party service of weight log events that occur within the Wellness Layers system or from any other third-party weight log system.