Industry
Smart Access System, Non-profit
Technology
About Our Client
The client operates CloudAccess, a secure, cloud-based access control platform delivered as part of the Lockt Portal Platform. The platform serves multiple enterprise tenants in a multi-tenant environment, enabling centralized management of physical access systems across locations. The solution integrates with leading third-party access technologies such as Dormakaba SwitchTech, Dormakaba EVO LZ, and Nexkey, while maintaining strict data isolation and security for each tenant.
Challenge
The client required a highly available, secure, and scalable cloud architecture capable of handling access control requests in real time across multiple tenants and integrations. Key challenges included:
- Ensuring data isolation in a multi-tenant architecture
- Supporting stateless API processing for reliability and scalability
- Managing load balancing and synchronization across multiple production servers
- Enabling configurable features per customer (e.g., doors, credentials, integrations)
- Securely integrating with multiple third-party access control systems
- Restricting infrastructure access while maintaining operational efficiency
Solution
A robust, distributed cloud architecture was designed and implemented with the following core elements:
- Dual-server deployment behind a load balancer, distributing traffic using round-robin routing
- Stateless API architecture, where each request is authenticated and processed independently
- Private network isolation, with servers accessible only via OpenVPN
- Centralized SQL Server with strict tenant-based keying (accounted, switch_instance_id, switch_site_id)
- File synchronization between production servers using lsyncd for certificates, configurations, and application data
- Dynamic feature control via the Lockt Admin Portal, allowing UI, limits, and integrations to vary by customer
- Seamless integration with Dormakaba and Nexkey systems through custom helper files and Google Protobuf
This architecture ensured security, flexibility, and high availability while supporting future integrations.
Results
The implemented solution delivered measurable operational and technical benefits:
- High availability through load-balanced, redundant servers
- Improved scalability, supporting multiple tenants and access control instances
- Enhanced security via private networking and per-request authentication
- Operational flexibility, allowing feature enablement per customer without redeployment
- Reliable synchronization of configurations and certificates across servers
- Seamless multi-vendor integration, expanding platform compatibility
As a result, CloudAccess became a stable, enterprise-ready access control platform capable of serving diverse customer requirements.
Tools & Technologies
Infrastructure & OS
- Ubuntu 20.04.03 LTS
- Private network with OpenVPN
Web & Application Stack
- Nginx 1.18.0
- PHP-FPM 7.4.3
- JSON-based REST APIs
Architecture & Operations
- Load balancer (round-robin routing)
- Stateless request processing
- lsyncd for file synchronization
Data & Security
- Centralized SQL Server
- Multi-tenant data model with strict key-based access
Integrations
- Dormakaba SwitchTech
- Dormakaba EVO LZ
- Nexkey
- Google Protobuf