Remote Development Center for Delivering and Supporting Cost Control System in Telecom

  • Duration: 4 years
  • Industries: Telecom Industry
  • Services: Backend Development; Frontend Development; Test Automation Services; Manual Testing Services; IT Consulting; Software Reengineering, Refactoring and Modernization. Cloud Migration; Software Maintenance and Support Services
  • Software Categories and Types: Workflow Management & Business Process Automation; Document Management Systems (DMS); Analytics Systems, Data Analysis & Visualization; Expense and Cost Management Systems
  • IT Architecture Paradigms and Approaches: Data Driven Testing (DDT); Object-Oriented Programming (OOP); Architectural Patterns
  • Technical Expertise: Java Server Side Development; Web Development; Databases; Expandable Software Solutions (Plugin Systems); Product Customization
  • DevOps Expertise: Advanced build organization; CI/CD Basics
  • Technologies: Data Bases; JUnit / TestNG; Java Persistence API (JPA); Hibernate; CI/CD Automation Servers; OWASP; Jenkins; Java Standard Edition (SE); Apache Maven; JSP Standard Tag Library (JSTL); Ubuntu; Java Enterprise Edition (EE); PL/SQL; Apache Subversion (SVN); Java; Operating Systems; Linux; Oracle DB; Apache Struts; Build and Dependency Platforms and Tools; NetCat; Backend; Mockito; AChartEngine; Spring; Spring Security; Android; Test Automation; Java API for XML Web Services (JAX-WS); Cybersecurity; Source Code Management (SCM); Chrome DevTools; GlassFish; CI/CD and DevOps; Java Servlets; Open SSH; Web Frameworks; Languages, Protocols, APIs, Network Tools; Network Tools; JavaServer Pages (JSP); JDBC; Software Engineering and Management Tools; Java Architecture for XML Binding (JAXB); ORM & Persistence; Ehcache; Other Technologies; FileZilla; Java Naming and Directory Interface (JNDI); Java Libraries; Web and J2EE Servers, Java Runtimes; Apache Commons; DB Languages; Apache POI; Super CSV
  • Team size (6):
  • 1 QA Manual
  • 1 Project Manager
  • 2 Backend
  • 2 Frontend

Project summary

Cost control and accounting system of telecom services allows controlling the telecommunication costs of the company.

The system is a group of applications:

  • Web application for clients.
  • Web application for system administrators.
  • Server component for event processing.

The web application for clients provides a single entry point for obtaining information about all customer accounts (mobile, fixed, RAS, data) and acts as a reporting service of the organization at all levels: corporate, regional, national, local (company management level) and user level. This application allows the client to manage information about the organization, delimit the rights within the company among employees, organize the structure of the company hierarchy, cost control for a specific period, etc.

The web application for administrators manages various aspects of the system: user management, system status monitoring, system events viewing, viewing and deleting customer accounts, managing email templates, adding localization, adding reference data to the system, etc.

The server component for event processing is a multithreaded java application that is responsible for handling various events that were initiated by other applications.

The main events of this application are:

  • Creating new customers
  • Loading and processing customer accounts in the system
  • Updating the structure of existing organizations
  • Removing outdated information
  • Recovering a user’s password
  • Activation and lockout of the user, etc.

These applications, with the help of analytics and diverse detailed reports, provide a complete picture of the costs, which helps to analyze and make decisions about optimizing the company’s expenses for telecommunications.

Another important element of the reporting service is the ability to provide employees with access to the service, which significantly increases their awareness of their costs for communication services and enables employees to take responsibility for telecommunication costs by dividing calls to business communications and calls for personal use.

Technical description of the project

The system is a multi-module Maven application. An automated build of projects with profiling configuration is implemented using Maven.

Web applications are implemented on the basis of the MVC pattern, which separates the model (business logic), view (HTML pages) and the controller (responsible for transferring data from model to view and vice versa).

The server side of the applications is implemented in Java, using well-known Struts2 and Spring frameworks.

The client part is implemented using HTML, CSS, JavaScript, JQuery, AJAX, Struts2 tags, JSTL tags.

To process non-standard cases, we created our own jsp-tags (for example, a multi-level menu with automatic data loading depending on the selected category).

To support user roles and manage them, Spring Security was used.

The system provides different users with different access levels to ensure the maximum security.

The connection between two web applications is organized through Single Sign On technology, which allows the administrator to switch to another application without reauthentication.

The application protection against various vulnerabilities and hacker attacks (for example: CSRF, XSS) was implemented with cross-browser compatibility support using CSP2.0 for newer browsers versions and our own solution by applying MutationObserverAPI for older versions of browsers. Tomcat was used as a web application server.

The server component for event processing is a multi-threaded console application. This application allows processing and downloading files of several formats (CSV, PDF, XML), and also receiving reference data from XLS and JSON files. Communication with other applications of the system is organized via the complex event model. The number of threads for event processing is defined by user. Flow management is organized using the standard package java.util.concurrent.

The system uses the Oracle database. There are 2 types of tables in the database:

  • tables for storing the service information of the application, which rarely changes (for example, localization, application settings),
  • tables that are used for storing data about companies, users, services costs and other business information.

To perform complex operations with data in the database, stored procedures in PL/SQL language are used, this increases performance, expands programming capabilities and supports data security functions.

Interaction with the database is implemented with the help of Hibernate and JPA. JDBC Connection is used to achieve better performance for some cases.

Technologies

Stack: Java, Maven, JPA (Hibernate), JDBC Connection, Servlet API, TagLib, JSTL, Jaxb, SuperCSV, JAX-WS, Apache commons, Apache POI.

Infrastructure: Jenkins, SVN.

Frameworks: Struts2, Spring, Spring security.

Test Automation libraries: Mockito, JUnit.

DB: Oracle, PL/SQL.

Other libraries: Ehcache, Achartengine.

Screenshots

Our responsibilities

Our team carried out the following works:

  • supporting stability of the application;
  • implementing new functionality;
  • refactoring;
  • bug fixing;
  • covering with unit, Data Driven, load and integration tests;
  • testing at all stages of development;
  • creating documentation for the project.

Cybersecurity activities

While we were working together on this project, the customer was in the process of obtaining ISO certification. To confirm its compliance with the necessary requirements and standards, the system of accounting and control of the costs of telecommunications services had to be audited by an authorized company.

The results of the audit, which was conducted in accordance with the OWASP Top 10 list of the most common security problems, came as an unpleasant surprise to the customer. It turned out that the project had a significant number of information security problems and risks. Since we were responsible for supporting their product, the customer assigned our team the task of fixing the identified defects.

In practice, the task turned out to be non-trivial and labor-intensive. In order to make the necessary changes to the relatively large code base, we had to dive into the product’s specifics and the nuances of each of the auditors’ comments. JazzTeam specialists not only made these changes, but also manually tested each fix. The systematic organization of the manual testing process played a major role in the success of this task.

As we worked to improve the product, the interaction with the audit firm was also fully transferred to JazzTeam. Our role was to negotiate and agree on the nuances of each issue. Some issues were very complex and not directly related to information security, or were advisory in nature. However, our team was able to fully process the audit firm’s comments and make the necessary improvements. As a result, the customer’s product successfully passed the certification and received confirmation of its compliance with the ISO standard.

JazzTeam delves deep into the specifics of the standards required to pass IT product certification. Not only do we effectively address the issues, we also manage the technological communication with the auditing companies and conduct comprehensive testing of the implemented changes.

Project features

  • One of this project features is its long-term cooperation with the customer: our joint work on the project lasted more than four years.
  • Work with the Legacy system. The application was developed over 10 years, old versions of libraries were used. There was a need to support the joint work of new and old versions of various libraries.
  • Communication and joint work with territorially distributed teams.
  • Integration of all system parts: web applications, the component for event processing, the mobile application for android platform.
  • Creation of stored procedures in PL/SQL for Oracle DBMS.
  • Initial lack of tests, javadocs and documentation.
  • The project management was based on Scrum methodology, using Jira to conduct the project and communicate with the customer.

Project results

  • New functionality was implemented and bugs were fixed.
  • Continuous Integration was implemented.
  • Automatic application deploy was carried out.
  • Tests for the UI using xml2selenium, unit tests for the server part and the android application are written.
  • The analysis of the application on OWASP Top 10 Most Critical Web Application Security Risks was carried out, we fixed problems concerning the applications vulnerability.
  • During the entire period of new functionality development, we also dealt with the support of the customer’s Live systems, and made this process stable.

Team achievements

  • Project documentation was made. About 30 documents with a technical description, manuals, diagrams, description of the operation of applications were created:
  • various diagrams to support the stability of the project throughout the period of time;
  • a document describing how to work with company hierarchies;
  • Installation guide;
  • video and audio tutorials to quickly immerse a new employee in the project.
  • We normalized the database: the structure of the links between the fields and tables was optimized to reduce the probability of errors, optimize the volume on the hard disk.
  • Continuous Integration and autotests were implemented, automatic application deployment to the customer’s server was done.
  • The methodology for automatic populating DB with database structure and data was improved.

Clients about cooperation with JazzTeam

Related projects

By industries:Telecom Industry

Recent Work

    Contact Us

    What happens next?
    • 1

      Leave your project request. We will contact you and schedule a call.

    • 2

      Signing of the NDA to ensure the project info confidentiality.

    • 3

      Negotiation of your request and the required services.

    • 4

      Team forming, coordination of workstages.

    • 5

      Contract signing and project start.