Storage Considerations

It is important to set up an appropriate database as the database stores the schema to support the core Quantum Fabric functionality. Refer to Quantum Fabric Deployment Guide to understand the system requirements and database sizing according to your project needs.

In addition to Quantum Fabric database, an additional local database called as Temenos DB must be deployed. This is imperative if you want to utilize core business functionality, such as Retail Banking ad Spotlight out-of-the-box. Additional schema is also required for the transaction logging feature of Spotlight. You can arrive at the sizing requirements for Temenos DB by using Quantum Fabric Deployment Guide as a general recommendation based on the number of application users. However, the size of the business data can vary widely between organizations, and hence, you need to consider this before determining the final number.

Temenos Digital Database Security

Database security refers to the collective measures used to protect and secure a database from illegitimate use and malicious threats and attacks. The following are the key items to secure the database:

• Encryption of data at rest. This refers to how the data is protected in the physical file system used by the database servers to persist the data, and access to such file systems never reveals the original data.
• Encryption of data in transit. This refers to how the data is transmitted securely over the network giving away attackers to eaves drop on the communication

Temenos Digital supported database

The implementation and testing of Temenos Digital was extensively carried out on MySQL 5.7.x version. Temenos Digital fully supports specified MySQL version out-of-the-box.

Temenos Digital database on Temenos Cloud

• The Digital Banking Solution hosted on Temenos Cloud supports by default, both data encryption at rest and in transit using Amazon AWS capabilities.
• When deployed on Temenos Cloud, Digital Banking Solution integrates with Amazon RDS solution for setting up and operating the relational databases of type MySQL.
• Amazon RDS MySQL instances are enabled with encryption of data on databases using keys which can be managed through Amazon Key Management Services (KMS).
• Amazon RDS also supports Secure Sockets Layer (SSL) connections with DB instances running the MySQL database engine.

For more details:

• Amazon RDS Security: https://aws.amazon.com/rds/features/#security
• SSL for Amazon RDS MySQL: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.SSLSupport

Configuration required on JDBC URL to connect to SSL enabled Amazon RDS MySQL instances:

Setting the connection property on JDBC URL, useSSL=true

Example: jdbc:mysql://<hostname>:<port>/<schema_name>?autoReconnect=true&useSSL=true

Temenos Digital database on Enterprises

• The Digital Banking Solution hosted on Enterprises supports integrating with both Community and Enterprise editions of MySQL 5.7.x version.
• In this type of enterprise hosting, it is the responsibility of enterprises to secure the Temenos Digital database on various security aspects along with data encryption at rest and in transit.
• If the Temenos Digital solution is integrated with SSL enabled database for secure communication, the configuration details mentioned on Temenos Cloud section applies as-is in configuring the JDBC URL.

Configuration required on JDBC URL to connect to SSL enabled MySQL instances for on-premises:

Setting the connection property on JDBC URL, useSSL=true, and optionally any other relevant properties related to nature of certificates being used.

Example:

jdbc:mysql://<hostname>:<port>/<schema_name>?autoReconnect=true&useSSL=true&key1=value1&……..&keyN=valueN

The following settings must be applied on the MySQL instance before use.

SET GLOBAL group_concat_max_len= 16777216;
SET GLOBAL max_allowed_packet= 16777216;