Software - security and reliability

Revision as of 17:52, 9 August 2023 by Richard Heigl (talk | contribs)

Here we explain the conceptual basics of BlueSpice software development and explain central procedures with which Hallo Welt! ensures security and reliability in software development.

1. Principles of software development

BlueSpice software development is based on a number of important principles:

  • Cloud-first approach: The software is developed for use in our cloud offering and is also regularly released for on-premises installations.
  • Security-by-default: All relevant security settings are already activated in the basic configuration of the software and our services.
  • Vendor independence through open source development: Although Hallo Welt! is the sole producer of the BlueSpice software distribution, the code produced by Hallo Welt! is developed with the active participation of the MediaWiki community in the public repositories of the Wikimedia Foundation and is thus freely accessible. This ensures that support for users of the software can be provided not only by Hallo Welt! but also by other service providers (avoiding a lock-in effect).
  • Use of open source standards, technologies and formats: Hallo Welt! relies on open standards that are particularly easy to access, extend and use. The necessary server infrastructure can be provided entirely with open source software (e.g. Linux operating systems or MariaDB as database system). The BlueSpice software is based on and uses various open standards (e.g. TLS, TCP/IP, IPv6 as network protocol for communication, as well as HTML, JavaScript, CSS and XML for presentation and function). It uses standardised character sets and encodings and supports the use of open formats such as PNG, Ogg, SVG, CSV or MathML. And of course BlueSpice supports uniform standards for describing metadata such as RDF.
  • Secure encryption procedures based on industry standards: Here, for example, communication between application and user is secured by TLS and passwords are stored securely in the database by hashing. For user authentication, proven standards such as SAML or OpenID Connect can be used.
  • Modularity: The software is modular and object-oriented. Individual functions can be deactivated if necessary and individual requirements can be easily implemented. Compatible extensions from the MediaWiki ecosystem that are not directly part of BlueSpice can also be installed later if required (On Premises).
  • Interoperability: BlueSpice provides various interfaces as well as import and export functions to connect the wiki software with other systems. Tasks can be automated and data exchange between different internal IT systems can be realised via a well-documented web API (including REST). A simple XML-based data format enables the import and export of wiki page content and is suitable, for example, for the migration of existing document inventories. In addition, various authentication systems (Active Directory/LDAP, SAML, Open ID Connect) are available for selection, allowing BlueSpice to be seamlessly integrated into one's own IT infrastructure.

2. Release policy

New product versions are continuously imported into the cloud systems by Hallo Welt! For on-premises systems, the latest versions are made available for download.

We generally follow this release policy:

  • Patch levels with bug fixes and security updates are released monthly.
  • Minor levels with functional improvements or changes are released once or twice a year.
  • Major levels are released on average every three years. The release of a major release is indicated,
    • when features are introduced that greatly change the behaviour of the software,
    • when new technologies or major upgrades of system components are delivered, or
    • when changes are made to the system requirements (non-compatibilities).
  • Security releases or security patches are published as soon as possible after a security vulnerability becomes known.

The release of new versions of BlueSpice follows the version cycle of MediaWiki. BlueSpice uses the latest LTS (Long-Term Support) version of MediaWiki. This ensures that patches and updates from the MediaWiki community can be continuously applied. In addition, the use of the LTS version is an essential contribution to the stable operation of the various extensions.

All changes are published in the release notes in the BlueSpice Helpdesk.

3. Continuous documentation

Good documentation is essential for the use and further development of a software. The central place for the documentation of the software and its application is the BlueSpice Helpdesk Wiki, where you are currently visiting. It is the central contact point for users, administrators and developers. There we provide the following documents centrally and always up-to-date:

No categories assignedEdit
