Architecture Overview

Aida Platform uses a hybrid architecture that combines cloud services with on-premise infrastructure for optimal performance, security, and reliability.

High-Level Architecture

Architecture Principles

1. Hybrid Cloud-Local Approach

Cloud: Authentication, user management, real-time features
Local: Building data, IoT devices, sensitive information
Benefits: Data sovereignty, offline capability, cost efficiency

2. Security-First Design

Dual Authentication: Cloud-based with local fallback
Row-Level Security: Multi-tenant data isolation
Encryption: AES-256 for data in transit and at rest
Access Control: Role-based permissions with audit logging

3. Performance Optimization

Real-time Response: < 100ms for device control
Local Processing: IoT data processed on-premise
Caching: Redis for frequently accessed data
CDN: Static assets served from edge locations

Technology Stack

Frontend

React 18+ with TypeScript
Material-UI (MUI) v5 for component library
Redux Toolkit for state management
React Router v6 for navigation
Recharts for data visualization
Vite for build tooling

Backend

Node.js with Express
Prisma for database management
PostgreSQL for local data storage
Redis for caching and real-time features
WebSocket for real-time updates
MQTT for IoT device messaging

Cloud Services

Supabase for authentication and real-time features
PostgreSQL for user data and preferences
Real-time subscriptions for live updates
Edge functions for serverless processing

Infrastructure

Docker for containerization
Nginx for reverse proxy and load balancing
PostgreSQL for data persistence
Redis for caching and sessions

Data Flow Architecture

Authentication Flow

Device Control Flow

Security Architecture

Multi-Layer Security

Network Security: HTTPS, VPN support, firewall integration
Authentication Security: JWT tokens, bcrypt hashing, 2FA
Data Security: Row-level security, encryption at rest
Access Control: Role-based permissions, audit logging

Row-Level Security (RLS)

-- Supabase RLS policies
CREATE POLICY "Users can only access their buildings" ON buildings
  FOR ALL USING (
    id IN (
      SELECT building_id FROM building_users 
      WHERE user_id = auth.uid()
    )
  );

Local Database Security

// Prisma middleware for access control
prisma.$use(async (params, next) => {
  const user = getCurrentUser();
  
  if (params.model === 'Device') {
    params.args.where = {
      ...params.args.where,
      zone: {
        building: {
          users: {
            some: { userId: user.id, userType: user.userType }
          }
        }
      }
    };
  }
  
  return next(params);
});

Scalability Considerations

Horizontal Scaling

Load Balancers: Distribute traffic across multiple API instances
Database Sharding: Partition data by building or region
Caching Layers: Redis clusters for high availability
CDN: Global content delivery for static assets

Vertical Scaling

Resource Optimization: Efficient memory and CPU usage
Database Tuning: Query optimization and indexing
Caching Strategy: Multi-level caching for performance
Connection Pooling: Efficient database connections

Deployment Architecture

Development Environment

Frontend (Vite) → Backend (Node.js) → PostgreSQL (Local)

Production Environment

Nginx → React App → API Gateway → Microservices → Databases

Container Architecture

services:
  frontend:
    image: aida-platform/frontend
    ports: ["80:80"]
  
  api:
    image: aida-platform/api
    environment:
      - DATABASE_URL=postgresql://...
      - REDIS_URL=redis://...
  
  database:
    image: postgres:13
    volumes:
      - postgres_data:/var/lib/postgresql/data
  
  redis:
    image: redis:6
    volumes:
      - redis_data:/data

Performance Metrics

Real-time Response: < 100ms for device control
Data Visualization: 60fps smooth animations
Mobile Performance: Optimized for 3G+ networks
Scalability: Support for 1000+ devices per building
Uptime: 99.9% availability target

Compliance & Standards

Data Encryption: AES-256 for data in transit and at rest
Access Control: Role-based permissions with audit logging
Compliance: GDPR, CCPA, SOC 2 Type II
Network Security: VPN support, firewall integration
Physical Security: Integration with building access systems

Next Steps

Authentication System - Deep dive into dual auth
Database Architecture - Hybrid database design
Security Implementation - Security best practices
Performance Optimization - Scaling strategies

This hybrid architecture provides the optimal balance of security, performance, and functionality for smart building management systems.

High-Level Architecture​

Architecture Principles​

1. Hybrid Cloud-Local Approach​

2. Security-First Design​

3. Performance Optimization​

Technology Stack​

Frontend​

Backend​

Cloud Services​

Infrastructure​

Data Flow Architecture​

Authentication Flow​

Device Control Flow​

Security Architecture​

Multi-Layer Security​

Row-Level Security (RLS)​

Local Database Security​

Scalability Considerations​

Horizontal Scaling​

Vertical Scaling​

Deployment Architecture​

Development Environment​

Production Environment​

Container Architecture​

Performance Metrics​

Compliance & Standards​

Next Steps​