TagB: A scalable parking and valet management system

Category: Automobile/SaaS
Services: Managed Engineering Teams, AWS Managed Service WAF, Cloud Architecture Design, and Review

Tagb - WAF
  • Reduced downtime by almost 99% with a reduction in failure rate
  • Manual process eliminated, MTTR improved 10X.
  • 95% decrease in security incidents.

About TagB

Tag B Group is a well-known transportation, parking, garage management, and valet service provider based in Washington, D.C. It wanted to create a scalable solution to maintain a full parking and valet management system for multiple users and vendors, with a focus on multi-tenancy, security, database, and infrastructure as a code.

Problem Statement

  • TagB encountered challenges in securing and maintaining availability for their web applications and APIs.
  • Lack of a robust security system exposed the applications to potential cyber threats and malicious traffic.
  • Absence of real-time visibility into user behavior hindered data-driven decision-making for business growth.
  • Manual infrastructure management resulted in errors and inefficiencies in handling parking reservations and valet services.
  • The client sought reliable and secure code and a highly available, cost-effective infrastructure as part of the solution.

Proposed Solution & Architecture

  • Simform leveraged AWS WAF to implement a robust security system for TagB’s web applications and APIs. This allowed us to protect against potential cyber threats, such as DDoS attacks, SQL injection, and cross-site scripting (XSS).
  • Implemented secure and robust microservices-based architecture for seamless third-party integration.
  • Created a safe and reliable payment management system that allows users to add several payment methods.
  • By configuring AWS WAF rules and filters, we ensured that only legitimate traffic was allowed to access TagB’s applications, preventing malicious traffic from reaching the servers.
  • Our team implemented rate-based rules in AWS WAF to control the number of requests from individual IP addresses, safeguarding the applications from abusive behavior and potential overloads.
  • Ensured data privacy and security with multi-tenancy support using AWS CloudFormation.
  • With AWS WAF, we provided TagB with a flexible and scalable security solution that could adapt to their evolving business needs, ensuring a safe and reliable experience for their customers.
  • To efficiently manage our infra with high availability and low budget, our experts have set up frontend service on CDN networking which are serving private Amazon S3 bucket data. The backend services are running on Amazon ECS service. Apart from that Amazon RDS is set up for data tier.
  • Another concern was that of minimum budget utilization. We have implemented an AWS ECS service container as a service (CAAS) platform for resolving this issue. We have used AWS cloud formation for automation of all our network resources.

Metrics for Success

Our solution delivered the following results for our client:

  • Improved scalability: With our automated infrastructure provisioning and management using AWS CloudFormation, our client was able to easily scale its infrastructure up or down based on demand.
  • Faster and more reliable releases: Our CI/CD pipeline using AWS CodePipeline and AWS CodeDeploy enabled our client to deploy changes faster and with a lower risk of downtime. Mean time to recover (MTTR) increases by 10x with faster rollbacks.
  • Proactive monitoring and issue resolution: Our monitoring and alerting using AWS CloudWatch enabled our client to proactively identify and address issues before they affected end-users.
  • Successful multi-tenancy implementation: Secure and scalable architecture using AWS ECS, with dedicated containerized environments and isolated databases per tenant, ensuring efficient management and data security.
  • Achieved 99.99% Uptime: With AWS WAF’s protection against DDoS attacks and web exploits, the application maintained exceptional uptime, ensuring continuous availability for end-users.

Architecture Diagram

valet management system

AWS Services

  • Amazon RDS: Amazon RDS was employed to store application and user data, including user account information, parking lot information, license plate number recording, and so on.In Amazon RDS, restricted access has been kept for specific IP addresses for security purposes. 
  • Amazon ECS: Containerized APIs were developed and hosted in Amazon ECS With EC2, which can be used by front end applications.For delivering new modules and updates, Amazon Elastic Container Service (ECS) manages the application’s microservices backend. Examples include various modules and functionalities such as advanced parking booking, payment and refund administration, parking lot creation, etc. 
  • AWS Task Definition: Task definition gives commands to ECS; for example, each task will have certain configurations such as data volumes, memory utilization required, and the number of containers required. 
  • AWS WAF: Leveraged AWS WAF to protect against cyber threats, implemented rate-based rules, and ensured data privacy with multi-tenancy support for TagB’s security needs.
  • AWS Lambda & Lambda Edge Security Headers: The main function of AWS Lambda function is to compress users’ profile pictures. Lambda edge security headers add a security layer when content is displayed using CloudFront from an S3 bucket. For example, several users will book parking spots from various places using the app, posing a significant security concern.
  • S3 Bucket: Documents belonging to various users, such as administrators, customers, and clients, were stored in an S3 bucket. Clients of Tag B, for example, will have access to data on revenue tracking, parking spots, and booking slots. These individuals will register as customers on the site and will need to upload documents, which will be stored in S3.
  • Amazon CloudFront: CloudFront was used to distribute static and dynamic content across the application front ends. It helped create customized user experiences and deliver content with high speed using its edge computing capabilities across multiple channels. CloudFront distribution, for example, pulls files from S3 and displays them in the front end, as indicated in the diagram. Also, it chooses and restricts access to particular information for specific people. For example, admin users can not access the company’s financial information.
  • AWS SES & SNS: AWS SES is a service that sends emails to users. An email will be sent to the user after a successful registration with the application, for example. Alternatively, bills will be delivered through email after consumers make a payment. Users receive notifications from AWS SNS. Notifications for communications about offers, payment refunds, pass expiration, and other topics will be sent.
  • Amazon ECR: Docker images were stored in Amazon Elastic Registry(ECR) for deployments.
  • Application Load Balancer: In the case of multiple requests from different users worldwide, the application load balancer distributes traffic across various targets, such as EC2 instances of ECS containers in multiple availability zones. 
  • Monitoring: CloudWatch is used to keep track of infrastructure-related logs, metrics, and data, while CloudTrail is used to keep track of operational actions in AWS accounts.

Related Case Studies

ONA dating - case study
Freewire - case study

Speak to our experts to unlock the value of Mobility, IoT, and Data Insights!

Contact Us
Revisit consent button

We value your privacy

We use cookies to enhance your browsing experience, serve personalised ads or content, and analyse our traffic. By clicking "Accept All", you consent to our use of cookies.

How we use your personal information

We do not collect any information about users, except for the information contained in cookies. We store cookies on your device, including mobile device, as per your preferences set on our cookie consent manager. Cookies are used to make the website work as intended and to provide a more personalized web experience. By selecting ‘Required cookies only’, you are requesting Simform not to sell or share your personal information. However, you can choose to reject certain types of cookies, which may impact your experience of the website and the personalized experience we are able to offer. We use cookies to analyze the website traffic and differentiate between bots and real humans. We also disclose information about your use of our site with our social media, advertising and analytics partners. Additional details are available in our Privacy Policy.

Required cookies Always Active

These cookies are necessary for the website to function and cannot be turned off.

Optional cookies

Under the California Consumer Privacy Act, you may choose to opt-out of the optional cookies. These optional cookies include analytics cookies, performance and functionality cookies, and targeting cookies.

Analytics cookies

Analytics cookies help us understand the traffic source and user behavior, for example the pages they visit, how long they stay on a specific page, etc.

Performance cookies

Performance cookies collect information about how our website performs, for example,page responsiveness, loading times, and any technical issues encountered so that we can optimize the speed and performance of our website.

Targeting cookies

Targeting cookies enable us to build a profile of your interests and show you personalized ads. If you opt out, we will share your personal information to any third parties.