CitySprint

iFleet Management application

 Structure and Scalability

Problem:

1After our initial consultation with CitySprint it became apparent that iFleet, the proposed custom built application, would need to be built in a way which would be both scalable and extendable to meet their growing needs.
 

Solution:

In reply, we developed the application based upon modern object-oriented design pattern which allowed us to develop the application over a course of two years. This makes the iFleet application highly maintainable and easily extendable.

The diagram below depicts the structure of the iFleet framework. Its strength is that all the visual and functional elements sit on top of the main framework. This means that additional functionality can easily be added and even the entire design of the Tool can be updated.

This application was lated adopted by WestOne Cars, a leading provider of private hire passenger car services across the UK. In the WestOne Cars deployment of iFleet we developed the accounts part of the application which was possible due to the adaptability of the iFleet framework. This allowed drivers and the accounts department in the head office to view and keep track of their daily earnings.

Security

Problem:

2Today more than ever before, online security is a priority. As criminals become more and more innovative in their techniques to steal online data, online applications are required to become more and more resourceful in their security systems.
 

Solution:

Developing the application provided an opportunity to implement security best practice from the start. Management of the complete development lifecycle from requirements analysis through to configuration, deployment and operations allowed us to address security issues to ensure a safe and risk-minimised project.

A number of bespoke security policies were adopted in addition to the standard security, backups and configuration measures. These solutions works as a second line to protect iFleet from malicious user:

1. Data sanity check
   The system checks the received data and prevent any possible SQL Injection attacks and hacking attempts by executable files that are going to be upload to the server by rendering any malicious code useless;
    
2. Data is remotely stored
   This prevents other external application from being able to access the data;
    
3. The code is encrypted
   The encrypted data will force the hacker to use the same access point as the website thus forcing the hacker to authenticate themselves, which they will not be able to do;
    
4. Logs
   The application also logs every action performed by the logged in users.  This allows the website administrators to monitor user’s activities and to be able to role back any updated data.

Access Control List (ACL) system

Problem:

3CitySprint needed a system, which would allow different groups to have access to different functionality and restricts the fields and documentation shown to the user. For instance the driver’s financial details is required to be only shown to the accounts department while photocopies of the Passport's and Drivers license are only shown to the Fleet department.

Solution:

In reply, we developed and bespoke solution, which allows different groups to have access to different functionality and restricts the fields and documentation shown. This was addressed in two parts:  the first being the development of the ALC system and the second part was to develop the iFleet application in a way which would allow the ALC system to control which users is able to access what part or object.