Deployment Options
Deploy the EBICS Server with various infrastructure options.
The fourbics EBICS Server can be deployed in various configurations depending on your requirements for availability, scalability, and security.
Deployment Models
Single Server
Suitable for development, testing, and small-scale deployments:
┌──────────────────────────────────────────────────────────────────────────────┐
│ Single Server Setup │
├──────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────────────────────────────────────────────────────────────┐ │
│ │ Server │ │
│ │ ┌─────────┐ ┌─────────┐ ┌─────────┐ │ │
│ │ │ Web │ │ App │ │Database │ │ │
│ │ │ Server │ │ Server │ │ │ │ │
│ │ └─────────┘ └─────────┘ └─────────┘ │ │
│ │ │ │
│ │ ┌─────────┐ ┌─────────┐ │ │
│ │ │ Cache │ │ Queue │ │ │
│ │ │ │ │ Worker │ │ │
│ │ └─────────┘ └─────────┘ │ │
│ └──────────────────────────────────────────────────────────────────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
Characteristics:
- Simple to set up and maintain
- All components on one server
- Suitable for low transaction volumes
- No high availability
High Availability Cluster
For production environments requiring 24/7 availability:
┌──────────────────────────────────────────────────────────────────────────────┐
│ High Availability Setup │
├──────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────┐ │
│ │ Load │ │
│ │ Balancer │ │
│ └──────┬──────┘ │
│ │ │
│ ┌─────────────────┼─────────────────┐ │
│ ▼ ▼ ▼ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ App 1 │ │ App 2 │ │ App 3 │ │
│ │ (Active) │ │ (Active) │ │ (Active) │ │
│ └──────┬──────┘ └──────┬──────┘ └──────┬──────┘ │
│ │ │ │ │
│ └─────────────────┼─────────────────┘ │
│ │ │
│ ┌─────────────────┼─────────────────┐ │
│ ▼ ▼ ▼ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Database │ │ Cache │ │ HSM │ │
│ │ Primary/ │ │ Cluster │ │ Cluster │ │
│ │ Replica │ │ │ │ │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
Characteristics:
- Multiple application servers
- Load balancer for traffic distribution
- Database replication for failover
- HSM cluster for key management
- No single point of failure
Infrastructure Components
Application Servers
The EBICS server application is stateless and can run on multiple instances:
| Requirement | Recommendation |
|---|---|
| CPU | 2+ cores per instance |
| Memory | 4+ GB per instance |
| Storage | SSD for application files |
| Network | Low latency to database |
Database
Stores all persistent data including subscribers, transactions, and audit logs:
| Requirement | Recommendation |
|---|---|
| Engine | MySQL 8.0+ or PostgreSQL 14+ |
| Storage | SSD with sufficient IOPS |
| Replication | Primary-replica for HA |
| Backups | Daily automated backups |
Cache Layer
Improves performance and enables rate limiting:
| Requirement | Recommendation |
|---|---|
| Engine | Redis 6.0+ |
| Memory | 1+ GB |
| Persistence | Optional (for rate limit state) |
| Clustering | For high availability |
Queue System
Handles asynchronous order processing:
| Requirement | Recommendation |
|---|---|
| Engine | Redis or dedicated message queue |
| Workers | 2+ queue workers |
| Monitoring | Queue depth alerting |
HSM (Hardware Security Module)
Required for production bank key storage:
| Requirement | Recommendation |
|---|---|
| Type | Network HSM or Cloud HSM |
| Redundancy | HSM cluster for HA |
| Compliance | FIPS 140-2 Level 3+ |
Cloud Deployments
AWS Architecture
┌──────────────────────────────────────────────────────────────────────────────┐
│ AWS Deployment │
├──────────────────────────────────────────────────────────────────────────────┤
│ │
│ Route 53 (DNS + Health Checks) │
│ │ │
│ ▼ │
│ Application Load Balancer (TLS Termination) │
│ │ │
│ ▼ │
│ ECS Fargate or EC2 Auto Scaling Group │
│ │ │
│ ├──► RDS Aurora (Database) │
│ ├──► ElastiCache Redis (Cache) │
│ └──► CloudHSM (Key Storage) │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
Azure Architecture
┌──────────────────────────────────────────────────────────────────────────────┐
│ Azure Deployment │
├──────────────────────────────────────────────────────────────────────────────┤
│ │
│ Azure Front Door (CDN + WAF) │
│ │ │
│ ▼ │
│ Application Gateway (TLS) │
│ │ │
│ ▼ │
│ Azure Kubernetes Service (AKS) or App Service │
│ │ │
│ ├──► Azure Database for MySQL/PostgreSQL │
│ ├──► Azure Cache for Redis │
│ └──► Azure Dedicated HSM │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
Google Cloud Architecture
┌──────────────────────────────────────────────────────────────────────────────┐
│ Google Cloud Deployment │
├──────────────────────────────────────────────────────────────────────────────┤
│ │
│ Cloud Load Balancing (Global) │
│ │ │
│ ▼ │
│ Google Kubernetes Engine (GKE) or Cloud Run │
│ │ │
│ ├──► Cloud SQL (Database) │
│ ├──► Memorystore Redis (Cache) │
│ └──► Cloud HSM │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
Security Hardening
Production Checklist
| Category | Requirement |
|---|---|
| TLS | TLS 1.2+ only, strong cipher suites |
| Keys | HSM for bank key storage |
| Network | Network segmentation (DMZ) |
| Access | IP whitelisting (if applicable) |
| Rate Limiting | Enabled and configured |
| Logging | Audit logging to SIEM |
| Updates | Regular security updates |
| Testing | Penetration testing completed |
| Recovery | Disaster recovery plan tested |
Network Security
| Layer | Protection |
|---|---|
| Perimeter | Firewall, DDoS protection |
| Transport | TLS 1.2+, certificate validation |
| Application | WAF, input validation |
| Data | Encryption at rest, HSM |
Monitoring
Key Metrics
| Metric | Description | Alert Threshold |
|---|---|---|
| Request Rate | Requests per second | Unusual spikes |
| Response Time | Average latency | > 500ms |
| Error Rate | Failed requests | > 1% |
| Queue Depth | Pending orders | > 100 |
| Active Transactions | In-progress transactions | > 1000 |
| Failed Authentications | Auth failures | > 10/minute |
Health Checks
The server exposes health check endpoints for:
- Liveness: Is the application running?
- Readiness: Is the application ready to serve requests?
- Database: Is the database connection healthy?
- Cache: Is the cache connection healthy?
- HSM: Is the HSM connection healthy?
Backup Strategy
Database Backups
| Type | Frequency | Retention |
|---|---|---|
| Full Backup | Daily | 30 days |
| Incremental | Hourly | 7 days |
| Point-in-Time | Continuous | 7 days |
Key Backups
For HSM-stored keys, follow your HSM vendor's backup procedures:
- Regular key backup to secure offline storage
- Backup encryption with separate key
- Tested restore procedures
- Geographic redundancy
Disaster Recovery
| Scenario | RTO | RPO |
|---|---|---|
| Single Server Failure | < 5 minutes | 0 |
| Database Failure | < 15 minutes | < 1 hour |
| Data Center Failure | < 1 hour | < 1 hour |
| Region Failure | < 4 hours | < 1 hour |