Table of Contents
- Client Usage
- Client Software Requirements
- Client Hardware Requirements
- Client Networking Requirements
- File Formats
- Web Service API
- Application Architecture
- System Software Components and Requirements
- Hosting Infrastructure
- Single Server Deployments
- Multi-tiered, Clustered Deployments
- Identity Management
- Application Security
- Data Transmission
- Hosting Infrastructure Security
- Backup and Disaster Recovery
- Application and Infrastructure Patching
The Decision Lens user interface is accessed via a user’s web browser. Decision Lens operates within all popular web browsers, and requires only common browser plug-ins, such as Flash Media Player and Java Web Start. The Decision Lens web service API may be accessed directly by any SOAP or REST capable software client provided the proper authentication credentials.
Client Software Requirements
- Operating System: Microsoft Windows 7, Mac OSX 10.5 or later
- Web Browser: Chrome, Firefox 32 or later, IE 10
- Flash Media Player 11.x or later
- Operating System: Microsoft Windows® XP SP2, Microsoft Vista®, Mac OSX Version 10.5
- Web Browser: Internet Explorer 8, Firefox 31
- Flash Media Player Version 10.2
Client Hardware Requirements
- Processor: Intel Pentium® 4, 2 GHz or better
- Memory: 2 GB RAM or more
- Screen Resolution: 1280 x 800 or higher
- Intel Pentium 4, 1.2 GHz or equivalent
- Memory: 1 GB RAM
- Screen Resolution: 1024 x 768
Client Networking Requirements
- High speed Internet connectivity
- Allow for HTTP and HTTPS web traffic over ports 80 and 443
Decision Lens provides decision model import, export, and reporting functionality that utilizes various file formats.
- Decision model import: Decision Lens can import decision models in the Decision Lens model format (.cmf) or legacy Decision Lens Suite / or original Decision Lens Web model format (.anp).
- Decision model export: Decision Lens can export decision models in the Decision Lens model format (.cmf).
- Data import: Decision Lens can import data into decision models from Excel spreadsheets (.xls).
- Reporting: Decision Lens can export decision data reports as Excel spreadsheets (.xls) or as images (.png, .jpeg, .svg, or .pdf)
Web Service API
Decision Lens provides services to deliver decision process technology via a web service API. All web services are available in SOAP (XML) and REST (JSON) formats, and provide full authentication and authorization functionality. The web service API may be used to create and update data, perform calculations, output results to external systems, etc. All Decision Lens user interfaces communicate with the web service API to provide the full application functionality and experience.
Decision Lens exposes our decision technology via a web service API, and provides user interfaces for delivering the decision process within a rich user experience.
The web service API, and other related services, are implemented as Java web applications. These applications are deployed in Tomcat Application Server, and are exposed to the Internet through Apache HTTP Server. All web service API requests require authentication credentials, and perform authorization logic based on user roles and data ownership rules.
All application data is stored in MySQL. Application data is only accessible to web service API code and Decision Lens administrators via a secure, private network. All customer data is logically separated for data integrity and security.
System Software Components and Requirements
- Server operating system: Linux (Amazon Linux 2015.09), Windows Server 2003/2008
- Apache HTTP Server 2.2 & 2.4
- Apache Tomcat 8
- MySQL 5.6
- Java Open JDK 1.8
- Decision Lens 3 Application Code
Decision Lens utilizes modern hosting infrastructure services to provide stable, reliable, scalable, and secure deployments. The web services API has been implemented with a stateless, modular architecture utilizing open source technologies to allow for a variety of simple hosting solutions.
Decision Lens may be hosted in a single server environment, or in a multi-tiered, clustered environment, on dedicated hardware or virtual machines. Decision Lens hosted instances are deployed in multi-tier architectures via Amazon Web Services, utilizing Amazon Web Services’ Virtual Private Cloud (VPC) service*. Customer hosted instances may be deployed with a custom architecture suitable for customer needs. Please see the Professional Services section for more information regarding customer-hosted instances.
Single Server Deployments
Decision Lens may be deployed in a single server environment. Under such a deployment, the single server contains and executes Apache HTTP Server, Tomcat Application Server, and MySQL. This is the simplest deployment infrastructure, but also provides the least amount of scalability and reliability, due to static resource levels and single points of failure (non-clustered server components). A single server deployment also makes inefficient use of resources compared to multi-tiered, clustered deployments, which can be tailored for resource efficiency at each tier.
Hardware Requirements for Single-Server Deployments
- Processor: Intel 5000 Series CPU, 800 MHz FSB, 2 MB cache (or equivalent)
- Memory: 4 GB RAM minimum
- Disk Space: 20 GB minimum
Multi-tiered, Clustered Deployments
Decision Lens may be deployed in multi-tiered, clustered environments. This means that web, application, and database tiers can be separated and deployed across clustered servers. This type of deployment generally provides better scalability, reliability, and efficient use of resources than a single server deployment. The infrastructure details of this type of deployment are outside the scope of this document, but can be summarized as follows:
- A load balancer provides a single point of entry for all inbound application traffic. The load balancer distributes all web service requests to the web tier according to various load-balancing algorithms.
- The web tier serves up static application assets (HTML pages, Flash movies, CSS, etc.) and proxies web service requests to the application tier. The web tier consists of one or more clustered web nodes (servers) running Apache HTTP Server. The web tier is deployed across multiple VPC subnets attached to Internet gateways for public accessibility through restricted server ports (80 and 443).
- The application tier contains and executes the web service code, which interacts with the database tier for data access. The application tier consists of one or more clustered app nodes running Tomcat Application Server. The application tier is deployed across multiple private VPC subnets (no Internet gateway), restricting access to web servers only.
- The database tier stores and replicates all application data. The database tier consists of a master database node and one or more slave database nodes for redundancy. The database tier is deployed across multiple private VPC subnets (no Internet gateway), restricting access to application servers only.
Hardware Requirements for Multi-tier Deployments
- Web Tier: 512 MB RAM, 10 GB disk space per node
- Application Tier: 2 GB RAM, 10 GB disk space per node
- Database Tier: 2 GB RAM, 10 GB disk space per node
In a standard deployment, Decision Lens stores all application identities (users) in the Decision Lens internal database. Role-protected functionality is provided via the user interface and web service API for creating, editing, and deleting user accounts.
Decision Lens also has the capability to integrate with customer-provided external identity management systems. Such integrations can allow a customer organization to use existing and familiar user accounts to access the application, and also provide single-sign-on (SSO) capabilities. Custom identity management integration is a separate service outside of the scope of a typical Decision Lens 3 license.
Decision Lens employs numerous security best practices to protect customer data and ensure application availability.
Whether accessing the application through a user interface, or by making requests directly to the web service API, Decision Lens requires authentication credentials to perform all application functionality. Authentication credentials consist of a user name and password. Password creation rules can be configured to enforce the minimum password lengths and complexity (alphanumeric, symbols, capitalization). All passwords are hashed with the SHA-2 algorithm before being stored in the application database.
Authenticated user sessions established through the Decision Lens user interface are subject to a 20-minute timeout interval. The timeout interval is configurable to suit customer needs. The web service API does not maintain user sessions itself; every web service request requires full authentication credentials.
Decision Lens’ internal identity management system and authentication mechanism can be replaced through custom integration with a customer-provided external identity management system. Please see the Professional Services section for more information.
Access to all Decision Lens application data is controlled through authorization logic based on user roles. All customer data is logically separated from other customers, ensuring the security of sensitive data. User roles can be assigned at the application (system) level, and also at the individual decision level.
Application (System) Level Roles
- Group Admin: create/edit/delete user accounts, assign application level roles to users, create and participate in decision models
- Decision Creator: create decision models, participate in decision models
- Participant: participate in decision models only
Decision Level Roles
- Facilitator: create/edit/delete all decision data, export/copy/delete decision models, control decision meetings, input participant data (votes, comments) on behalf of all decision participants, does not participate in decision process as a voter
- Voting Facilitator: same permissions as Facilitator, but also participates in the decision process as a voter
- Voter: participates in decision meetings, submits votes and comments during the decision process, cannot modify other decision data
- Reviewer: may independently review all decision data in read-only mode.
- Voting Reviewer: same permissions as Reviewer, but also participates in the decision process as a voter
All data transmitted between the Decision Lens user interface (or other web service client) and the web service API is secured using Secure Sockets Layer (SSL). If self-hosting, the customer is required to provide their own signed SSL certificates.
Hosting Infrastructure Security
All Decision Lens hosted Decision Lens server resources are protected from unauthorized access via a number of security measures.
- Web, application, and database resources are all protected by firewall rules, restricting remote access to appropriate infrastructure clients only. The database tier is accessible via the application tier only, and the application tier is accessible via the web tier only.
- The web tier is deployed across multiple VPC subnets attached to Internet gateways for public accessibility through restricted server ports (80 and 443).
- Remote access to web servers requires private cryptographic key pairs, may only originate from Decision Lens’ private network, and is secured via SSH. Only Decision Lens administrators have access to the private keys.
- The application tier is deployed across multiple private VPC subnets (no Internet gateway), restricting access to web servers only. Application server access requires a private key.
- The database tier is deployed across multiple private VPC subnets (no Internet gateway), restricting access to application servers only. Database access requires authentication credentials.
- Any IP addresses that are used in Denial of Service (DDoS) or brute force penetration attacks are permanently blacklisted at the external firewall level.
Backup and Disaster Recovery
All Decision Lens 3 web, application, and database servers are deployed in server clusters distributed across multiple physical data centers for scalability and redundancy. All customer data is backed up multiple times per day to separate, secure storage locations.
All database backups (“data at rest”) are encrypted with asymmetric key pairs utilizing the RSA 4096 bit cryptosystem.
Application and Infrastructure Patching
Decision Lens has dedicated administrators who monitor Decision Lens server resources and are automatically alerted of any resource problems or operating system, firewall or application updates. All security updates are applied to Decision Lens servers within 24 hours, and critical patches are applied immediately after release from the vendor. Non-critical patches are not applied before they are thoroughly tested by Decision Lens. Critical application bugs are fixed and deployed within 48 hours through Decision Lens’ emergency change request process. All other bugs are addressed during regular product release cycles.