Non Functional Requirements
This sections deals with Non Functional Requirements (NFRs) as applicable to DRISTI and what specific activities have been done towards V1 release.
The overall NFR management for DRISTI will be guided by following principals
Performance
Response Time
Maximum time the application (UI) takes to respond to a request
sub second response times for most pages 1 - 1.5 second response time for heavy pages with lot of data
< 600ms for most APIs
Throughput
The number of transactions processed per second
While applications may support 1,000-10,000 transactions/sec, but for DRISTI in V1, the case load is not expected to be high - would be about 30 cases a month.
Capacity
The maximum number of concurrent users the platform can support.
While applications may support up to 1,000 concurrent users. for DRISTI V1 we would work with about 5 - 10 concurrent requests
Scalability
Ability to scale by adding resources (horizontal or vertical scaling) without degradation of performance.
DRISTI V1 is being deployed in Kerala's SDC environment and will scale as per the supported
Security
Multi-Tenancy Security
Ensures no data leakage or unauthorized access between tenants.
DRISTI is designed keeping tenancy in mind. Also at this time, it follows state level tenancy and will have state specific deployments, so there is no risk of across tenant data access.
Authentication & Authorization
Secure user access control and identity management, often with OAuth, OpenID Connect, and Role-Based Access Control (RBAC).
DRISTI has authentication (token based) and RBAC for all API access, which is managed via a configurable mapping.
Data Encryption
Encryption standards for data security. AES-256 for data encryption at rest and TLS 1.2+ for encryption during transit.
AES-256 at rest, TLS 1.2 or 1.3 in transit. Along with that also use Database data encryption features. PII data is also encrypted.
Audit Trail
Ensure audit logs are available for traceability
DRISTI implements audit trail that can be used to trace the changes, the change date and time and also the person who made the change.
Code security
OWASP, Vulnerability testing
Maintainability
Upgradability
The ability to upgrade the platform without downtime using techniques like blue-green deployments or canary releases.
DRISTI follows industry best practices for managing upgrades, hotfixes and deployments. These are documented in the Installation guide.
API Versioning
Following Semantic Versioning (major, minor, patch), ensuring backward compatibility for multiple versions of an API.
All APIs support versioning. A Major version is done to indicate breaking changes. For backward compatible changes, the version number is retained.
Monitoring & Alerts
Real-time monitoring and alerting with proactive issue resolution. Automated alerts for incidents based on thresholds.
Grafana based dashboards are used to monitor the K8S based infrastructure, the nodes and the pods.
Usability
Developer Experience (DX)
Platforms should provide intuitive and well-documented APIs, SDKs, and developer tools, with a focus on ease of integration and use.
All APIs are documented on Gitbook and provide Swagger definitions.
Interoperability
Open Standards
Supporting open standards like REST and SOAP to enable easy integration with third-party systems.
APIs support REST POST operations
API Integration
Seamless integration with external systems through well-documented APIs, ensuring fast response times and high availability.
Data Residency
Ensuring data is stored within specific countries or regions, as required by laws (e.g., GDPR for EU, CCPA for California).
100% data residency compliance [all data within India]
Extensibility
Modular Architecture
Platform designed in a modular way to allow new services or features to be added with minimal impact on existing functionality.
Microservices or service-based architecture allowing independent scaling of components
Plug-in Support
Supporting third-party extensions or plug-ins to add functionalities without modifying core systems.
Plug-in architecture allowing third-party extensions with API integration
Portability
Cloud-Agnostic
Platform support for deployment across multiple cloud providers and on-premise environments using containerization or infrastructure-as-code (IaC).
100% portability across AWS, Azure, GCP, and on-premise environments
Containerization
Containerization ensures consistent deployment across environments using technologies like Docker and Kubernetes.
Docker/Kubernetes deployment with 95%+ workload portability
Data Management
Data Lifecycle Management
Implementing policies for data archiving, deletion, and retention based on business and regulatory needs.
Localization
Globalization
Supporting localization for language, currency, date formats, and time zones to cater to users from different regions.
DRISTI is designed keeping localization requirements in mind. In V1 it supports English and Malyalam.
Last updated