Commonwealth bank is one of the two major banks in Australia. It has an extensive IT system to facilitate the needs of the customers and lenders. These IT systems are built on Microsoft, Java and Unix platforms. Commonwealth Bank embarked on an ambitious project to upgrade all branch teller platforms in 2004 (“CommSee” project). The new platform will have Windows XP workstations with .Net Framework 1.1 on the client. The server data centre will comprise of Windows 2003 servers utilising Web Service Enhancements (WSE 2.0). The data communication is done over open protocols such as SOAP and TCP.
I was involved in the Pre-sales phase to introduce smart client products to CommBank. I held a 2 day seminar to CommBank staff to evaluate the different models for CommSee. It was followed up with a 2 week consulting engagement to draw up the initial architecture for CommSee. Eventually I was employed as a Senior consultant when we won the project.
I designed the security framework for the new CommSee platform It includes authentication and authorisation functions at both the client (using IPrincipal and IIdentity interfaces to populate Active Directory LDAP calls) and the server components. (using Active Directory web services calls to re-authorise.) The platform will use the best security practices in .NET. It is also extensible to support existing COM based bank applications.
The security model was reviewed by Microsoft Redmond in US. I was invited to visit Microsoft Redmond to represent the CommSee security model. The security model was reviewed by MS experts and tweaked for optimization. I visited MS Redmond again to load test the security framework in July 2004. This system will support all CommBank branches in Australia for an estimated 30,000 users. We used ‘Microsoft Solution Framework’ and ‘Extreme Programming’ methodologies in this project.