The backend system refers to the deployment of the application responsible for processing requests and ensuring operations are performed correctly, examples include; login requests, processing of a user purchase, and account management requests. A fixed number of servers will be provisioned for deployment to allow for load balancing during periods of high traffic and failover if servers are downed by a DoS attack, or simply for maintenance reasons. The failover is introduced by using a...
The backend system refers to the deployment of the application responsible for processing requests and ensuring operations are performed correctly, examples include; login requests, processing of a user purchase, and account management requests. A fixed number of servers will be provisioned for deployment to allow for load balancing during periods of high traffic and failover if servers are downed by a DoS attack, or simply for maintenance reasons. The failover is introduced by using a floating IP address that automates the switch in the event of failure detected in the master host. The backend processing is not required to authenticate to the database due to the internal trust boundary. The backend application, which is written in C, will define numerous endpoints/APIs for communication between client and server, these APIs will be accessed via URL. An internal firewall is used to sanitize requests received, for example, the backend application may run on port 8000, whereby this port is detailed in firewall whitelist for external communication. API requests that are received will need to provide either a valid authentication token (issued after successful login) or valid user credentials. Upon authentication, the API will proceed to call the appropriate processes to perform action requested/required. The system uses Apache to serve the API and the endpoints defined by the application are configured within the Apache installation to provide external access
