Mojaloop Community Central

James Bush
James Bush

Posted on

Benefits of vNext

During review of the vNext Alpha report document a request has been made to include a section on the benefits of the vNext codebase. This post is to open the discussion as to what content should be included in the report. Please comment on this post with your input.

Oldest comments (4)

Collapse
 
bushj profile image
James Bush • Edited

I am wondering if benefits of vNext should be framed as NFRs (given the doc is semi-requirements style)? anyone disagree with that? ....i.e. we could say an NFR is (example only) "high degree of maintainability"...then comments saying that vNext architecture has the following characteristics etc.... my only problem with that is that there is probably no peer reviewed evidence to suggest one architecture is more maintainable than another...it is often subjective...vNow does not have bounded contexts, but it does have microservices which are also a good encapsulation mechanism.

Collapse
 
pedro profile image
Pedro

My initial contribution:
Technical benefits

  • Direct implementation of the ref arch(alignment)
  • Security by design (zero trust implementation)
  • No dependency on specific infrastructure (abstractions for all infrastructure)
  • Clear and maintainable codebase that is easy to extend and maintain

I'll follow up with more

Collapse
 
pedro profile image
Pedro

vNext specific security principles:

  • Designed from the ground-up to support Authentication, Authorization and Crypto&KMS
  • Zero trust model - no implicit privileges and all calls must be authenticated (even between internal services)
  • Plugable Authentication, Authorization and Crypto&KMS - allows extending Mojaloop to accommodate to any external provider without changes to Mojaloop's internals
  • Out-of-the-box built in services for basic Authentication, Authorization and Crypto&KMS
  • Native role-based authorization model with per application privileges - distributed high performance model
  • Native Maker-check implementation
  • Central management for all aspects via built-in secure operator WebUI and API
Collapse
 
bushj profile image
James Bush • Edited

@pedro :

Couple of questions:

  • what do you mean by authn&authz, crypto & KMS being pluggable? I get that any oauth/oidc standards compliant identity platform could be used, but Im less clear on what you mean by saying crypto and KMS are pluggable.
  • please can you explain the distributed auth model and what makes it perform better than alternatives.

Thanks.