leap platform architecture overview - dell › content › dam › uwaem ›...

1© Copyright 2016 Dell . All rights reserved. 1© Copyright 2016 Dell. All rights reserved.

LEAP Platform Architecture Overview

Leo Janze, Sr. Director Of Engineering

Muneer Ahmed, Architect

2© Copyright 2016 Dell . All rights reserved.

• This presentation contains “forward-looking statements” as defined under the

US Federal Securities Laws.

• Dell EMC makes no representation and undertakes no obligations with

regard to product planning information, anticipated product characteristics,

performance specifications, or anticipated release dates (collectively,

“Roadmap Information”).

• Roadmap Information is provided by Dell EMC as an accommodation to the

recipient solely for purposes of discussion and without intending to be bound

thereby, and is subject to change without notice.

• Roadmap information is Dell EMC Confidential Information, and is provided

under the terms, conditions and restrictions defined in the Dell EMC Non-

Disclosure Agreement in place with your organization.

Safe Harbor Disclaimer


JOIN THE CONVERSATION!#MMTM16

Take the LEAP personality quiz

and win!

Connect with us

ECD SERVICES

Genius Labs

Garden Level

Foyer


In this session you will…

CLOUD NATIVE,

MULTITENANT

MICROSERVICE

ARCHITECTURE

ON-PREMISE

INTEGRATION

Uncover the LEAP Platform


Platform

Multi-tenancyUser

authentication

MTSAUTH

Documentum &

Other Systems

Microservices &

Platform

Infrastructure

Public API

Applications

Documentum, Other Repositories & Applications

SERVICES & INFRASTRUCTUREADMINISTRATION

REST API’s

Content

management

CONTENT

Distributed

capture

CAPTURE

Content

transformation

TRANSFORM

Enterprise

search

SEARCH

Case

management

CASE

Workflow

processes

WORKFLOW

Custom AppsConcertCourier Snap Express Focus

ConnectHybrid Connection Layer

ExtendExtension/Integration Framework


Hybrid Infrastructure

Hybrid Services

Extend & Connect: A Deeper Look

SaaS

Hybrid Cloud

LEAP Apps,

API,

Microservices

& Platform

Infrastructure

Documentum

& Other

Systems

Connect

Hybrid Admin Console

Hybrid Proxy Service App Tunneling Service

DCTM

OpenText

Others

Repository IntegrationServices

Event / Action FrameworkExtend Event Triggers

Action Framework

Declarative Code Injection Webhooks

On-Premises Authentication

SaaS

On-Prem

SaaS


Content Service

Organize and Search Content with Metadata

• Folders: Container for sub-folders and files

• Files: Document with content

• Rendition and versioning support for files

• Object: Content-less Objects

• Traits: Custom dynamic metadata and behavior

• ACL: Permissions granted to users and roles

• Fine grained access-control through ACLs

Content


Content Service: Traits & Custom Behavior Content


Case Service

• Model Hierarchical Data Structures, Permissions and Lifecycles

• Case Model consists of:

• Data Hierarchies

• Roles

• Phases

• Permissions based on Roles and Phases

• Events

• Used by the Courier and Supplier Exchange applications

Case


Home Inspection Report

Agent (R)Borrower - Open/Rejected (RW)Borrower - Submitted/Accepted (R)

Agent (R)Borrower - Open/Rejected (RW)Borrower - Submitted/Accepted (R)

Agent (RW)Borrower (R)



Rejected

AcceptedSubmittedOpen Borrower Submits

AgentReview

Case Service Case

Loan

Financials

Phases

Income Statement

Home Details

Example: Loan Application

BorrowerApply

Borrower Re-Submits


• Storage for Document content

• Content is encrypted in storage

– Each document has separate encryption key

– AES-128 keys are used

– Keys are rotated

• Content is scanned for known viruses before

storage

• Supports large files by doing end-to-end

streaming

• Authorized access to content

Storage Service Content

T1T2

Doc 1: Enc keyDoc 2: Enc key

ContentStorageService

Claim AV Antivirus

Content Encryption Keys


• Search Features

– Structured/ full text search

– Facets

– Fuzzy Search

– Multiple Language support

• Multi-tenant aware

– One domain (index) per tenant

Search Service Search

Cl 1Cl 2

T1T2

Search Service Storage Service

Cluster 1

Cluster 2

Replace diagram


Transformation Service

• Streamed content uploads with asynchronous AV

detection and content transformation

• Content transformation services

• Office (.doc, .pdf, …) to PDF

Transform

Target Excel PowerPoint Word PDF Multi-Page TIFF

BMP

GIF

JPEG

PNG

TIFF

PDF

TEXT


Capture Service

• Image processing

• Barcode recognition

• Full Page OCR

• PDF creation

• Document classification

• Data extraction

• Validation

• Export to On-Premise Systems

Image Processing, Classification, and Extraction

Capture

Captiva CWC/REST

(web app)

Customer’s FTP Site

Customer’s AX Site

Customer’s CMIS Site

User’s Windows Domain

PDF CreationClassification

Image Processing

Extraction

Full Page OCR

Barcode Recog

Export

Capture Services

Validation

EMC Data Center


Hybrid Integration Service

On-Premise and SaaS Integration

• On- Prem Connectivity Services

• Tunneling Services for secure On-Prem

connectivity

• Adaptors for Content and context exchange with

DCTM, D2 and xCP

• Support Proxy and Integration Scenarios

Connector

Customer 1

Customer 2

Back end

Service

Authentication

Service

Back end

Service

Tunnel

Agent

Back end

Service

Tunnel

Agent

Tunnel

Service

MTS

Services

(Courier API)

Application

Service

Leap


Hybrid Integration Service

On-Premise and SaaS Integration

• Tunneling service for secure on-premise

connection

• Proxies all requests through a secure tunnel to

avoid any firewall changes or having to move

services into the DMZ

• Data integration

• Ability to easily define triggers and actions in

Leap that pull and push content from and into

other applications or repositories

• Define actions declaratively, by writing code or

using webhooks

Connector

Customer 1

Customer 2

Back end

Service

Authentication

Service

Back end

Service

Tunnel

Agent

Back end

Service

Tunnel

Agent

Tunnel

Service

MTS

Services

(Courier API)

Application

Service

Leap


Authentication Service

• Authenticates user (browser/mobile) and

REST client

• Authentication Types:

• Native Authentication: users

credentials are stored in Leap

Active Directory

• Tenant specific SAML federation

• OpenID Connect based providers

Google, Facebook, Salesforce,

LinkedIn…..

• Uses OAuth2 to issue signed JSON Web

Tokens containing the user’s role(s) that

are then passed to the relevant apps and

services to gain access

• Supports customer IdP with SSO

S

T

A

T

S

Native Authentication

Auth

LEAP.EMC.COM

Login Page

Applications

Directory

AuthService


Authentication Service

SSO Federation

Auth

LEAP.EMC.COM

Login Page

Applications

Directory

AuthService

Customer IDP


Multi-tenancy Service

• A secure registry of all applications, service, tenants, subscriptions and users

• A tenant represents a customer

• A subscription enables tenant to access leap Applications and Services

• Data is fully secured and isolated per tenant

• Supports tenant configuration like SSO, Connectors, etc.

• Subscription management

• License and Quota management

• User and Role management

MTS


Multi-tenancy Service

Application Access Flow

MTS

LEAP.EMC.COM ApplicationsAuthService

MTS

Token

Login Page Directory

leap platform architecture overview - dell › content › dam › uwaem ›...

Documents