Contact Us
By submitting request you agree to our Privacy Policy
IAM system for an insurance company
Expertise:
Backend
DevOps
Analyst
Tech support
Tech Stack:
Java 17
Keycloak 17
REST
Spring Boot 3
Spring Security
Keycloak
LDAP
ApacheDS
Jaxb
PostgreSQL
jUnit
Oracle pl/sql
Client: Largest insurance group
The client is the largest insurance group with a portfolio of over 200 innovative solutions ensuring investment and property security, as well as numerous risk protection solutions for businesses. The company provides insurance services to 31 million individuals and 125,000 companies.
About the Client
The insurance company utilizes an Identity and Access Management (IAM) system to manage user accounts, authorization, and authentication processes for both internal and external users. Over time, the software product no longer met business requirements in terms of access control and data security.
Project Overview
Challenges & Objectives
- Update the outdated IAM system, particularly in the areas of role management and information data governance.
- Implement user management functionality, including account creation, deactivation, and access control.
- Ensure employee activity monitoring to detect suspicious behavior or unauthorized access attempts.
- Enhance data security to comply with international standards and legal requirements, protecting against external threats and data leaks.
Implementation
After analyzing product requirements and architecture, specialists modeled the static structure of the new system, creating Sequence and Component diagrams. The development of IAM system-managed services proceeded as follows:
01
Developed a user authentication service with backward compatibility to simplify migration to the new architecture.
02
Created a service to retrieve data on internal and external users, enabling the client to monitor account statuses, permissions, contracts, and more.
03
Upgraded services from Java 11 LTS to Java 17 LTS, increasing query execution speed and simplifying data processing.
04
Implemented the Spring Boot v3 framework, reducing project deployment time.
05
Developed a Keycloak provider for auditing messages via Kafka, allowing user activity analysis and tracking.
06
Introduced CI/CD into the legacy project, enabling quick fixes and troubleshooting.
07
Configured GitLab CI flow and integrated with Active Directory forests using Spring-Data (spring-ldap), simplifying operations. Implemented spring-retry to handle network failures.
08
Refactored secrets management into Vault for integration with Banzai Cloud Pipeline, ensuring secure storage and management of confidential data in cloud environments.
Outcomes & Business Impact
- Improved user account management with streamlined access control.
- Enhanced monitoring and detection of suspicious activity.
- Strengthened data security in compliance with international standards.
- Increased query execution speed and improved data processing efficiency.
- Reduced project deployment time with the implementation of Spring Boot v3.
- Enabled seamless migration with backward compatibility features.
- Improved system stability and reliability through CI/CD and automated retry mechanisms.
- Secured confidential data storage and management within cloud environments.
Let us help you with your business challenges
Contact us to schedule a call or set up a meeting
