Software - security and reliability

Revision as of 17:36, 3 February 2023 by Richard Heigl (talk | contribs)
Note:This page is currently being built and expanded

Principles of software development

BlueSpice software development is based on a number of important principles:

  • Cloud-first approach: The software is developed for use in our cloud offering and is also regularly released for on-premises installations.
  • Security-by-default: All relevant security settings are already activated in the basic configuration of the software and our services.
  • Vendor independence through open source development: Although Hallo Welt! is the sole producer of the BlueSpice software distribution, the code produced by Hallo Welt! is developed with the active participation of the MediaWiki community in the public repositories of the Wikimedia Foundation and is thus freely accessible. This ensures that support for users of the software can be provided not only by Hallo Welt! but also by other service providers (avoiding a lock-in effect).
  • Use of open source standards, technologies and formats: Hallo Welt! relies on open standards that are particularly easy to access, extend and use. The necessary server infrastructure can be provided entirely with open source software (e.g. Linux operating systems or MariaDB as database system). The BlueSpice software is based on and uses various open standards (e.g. TLS, TCP/IP, IPv6 as network protocol for communication, as well as HTML, JavaScript, CSS and XML for presentation and function). It uses standardised character sets and encodings and supports the use of open formats such as PNG, Ogg, SVG, CSV or MathML. And of course BlueSpice supports uniform standards for describing metadata such as RDF.
  • Secure encryption procedures based on industry standards: Here, for example, communication between application and user is secured by TLS and passwords are stored securely in the database by hashing. For user authentication, proven standards such as SAML or OpenID Connect can be used.
  • Modularity: The software is modular and object-oriented. Individual functions can be deactivated if necessary and individual requirements can be easily implemented. Compatible extensions from the MediaWiki ecosystem that are not directly part of BlueSpice can also be installed later if required (On Premises).
  • Interoperability: BlueSpice provides various interfaces as well as import and export functions to connect the wiki software with other systems. Via a well-documented web API (including REST), tasks can be automated and data exchange between different internal IT systems can be realised. A simple XML-based data format enables the import and export of wiki page content and is suitable, for example, for the migration of existing document inventories. In addition, various authentication systems (Active Directory/LDAP, SAML, Open ID Connect) are available for selection, enabling BlueSpice to be seamlessly integrated into one's own IT infrastructure.
No categories assignedEdit