Technology Philosophy
The CitizenDeveloper Platform is our 3rd generation platform.
While witnessing the emergence of cloud technology, browser-only software, and advancements in technologies such as containerization, mobile, machine learning, and natural language, the platform was conceptualized. The process of rebuilding this cloud platform from scratch, identified 10 critical technology concepts that any tool wishing to withstand the next decade of cloud evolution must possess. Failure to embody these principles would make it difficult for a technology to be competitive against those that do.
10 Critical Technology Principles Embraced by CitizenDeveloper
Traditional software is one rather large piece of code. Frequently hundreds of thousands or millions of lines. Any part of it can slow down, have a bug, a security vulnerability, or even get corrupted. When a small part becomes the bottleneck or crashes the entire thing fails. Working in such a monolithic piece of software, or trying to upgrade or replace a part, is very difficult. After a couple major overhauls, it’s usually cheaper just to start over.
The Microservice philosophy means that you separate that monolithic code into many small programs that are each focused on accomplishing a specific, discrete goal. And then you let them all run at the same time, asynchronously. Each Microservice runs in its own Container giving it the power to be independently enlarged, shrunk, or replicated, each according to the demand for that piece of code in that moment of time. And then you put those Containers on the cloud, each in their own High-Availability environment. Your monolithic program has transformed into a society of independent programs all working together to deliver you unparalleled google/facebook-esque scalability, security, performance and uptime.
A code component (micro service) is stateless when it is not the single or primary owner of information about the system. In other words, if stateless code experiences an unplanned failure, nothing about the system, user experience, or user data is adversely affected. All of the CitizenDeveloper Platform, other than the User’s Browser and for some Customers, the database, is stateless. Any part of the CitizenDeveloper Platform can shut down, the User will barely notice a blip, and no data will be lost. Of course, with the CitizenDeveloper Platform’s Ultra-High Availability backbone, there is little chance of a shutdown occurring in the first place.
Asynchronous Processing
With the power of the cloud at our fingertips, there is little sense in lining up processes in a row and making them wait in a line. Asynchronous processing occurs when many processes each process independently, “in parallel”, without having to wait for each other. Imagine your plane is waiting to take off, and there are 30 planes lined up in front of you (sigh!). You sit there and wait. This is traditional “procedural” software processing.
Now imagine that there are not 1 but 30 runways, and now every plane can take off at the same time; this is asynchronous processing. And because it’s the cloud, if you had 50 planes, let’s turn on 50 runways. And if you have 5,000 planes, do you want your application to quickly turn on 5,000 runways, and turn them off again five minutes later when done?
This is the CitizenDeveloper Platform.
Server Processing
The CitizenDeveloper Platform processes stateless microservice activities on its servers asynchronously using javascript’s Node.js. Containerized microservices, asynchronous processing, stateless code and redundant, high speed delivery are the keys to achieving performance, scalability, and security, out of the box! CitizenDeveloper uses Docker container services.
CitizenDeveloper’s core mission has always been to provide no-code presentation, data and logic layers that empower non-technical people to build or configure robust and sophisticated solutions.
However, the CitizenDeveloper Platform expands on that concept with three distinct development architectures to accommodate the full spectrum of development interests: Open Source microservice code (with a full set of community support tools, coming soon!), settings based development in a graphical user interface, and finally language and pattern based development powered by machine learning and natural language, all in a visually interactive environment (currently in beta).
Our commitment to natural language based development is so strong that after 5 years of R&D on using language patterns to build sophisticated applications, in 2022 we actually filed the patent on it! Please stay tuned as we promote our language tools from Beta to GA as these are truly game changers.
Although Cloud Computing could become the future of computing, traditional computing models are still the dominant models in-place today. The CitizenDeveloper Platform supports the best of both by allowing a wide spectrum of cloud-only capabilities while also accommodating behind-the-firewall computing demands.
Cloud-First
The CitizenDeveloper Platform incorporates a cloud-first systems stack philosophy (versus a cloud-only philosophy which does not support private or hybrid clouds). As a part of the standard offering, all CitizenDeveloper Customers have their Application hosted on an Ultra-High Availability server stack (multi-zone, multi-region) and have their static content transmitted across dark fiber and delivered through a global content delivery network (CDN). Note that database configurations can vary, incorporating a wide range of Availability models (CitizenDeveloper recommends the Ultra-High Availability Google Spanner SQL database or similar for many enterprise grade applications). Data Backups, although theoretically unnecessary in Ultra-High Availability models, are themselves maintained on Ultra-High Availability systems or delivered to you locally.
Private, Public and Hybrid Cloud options, and use of “Runners”
The CitizenDeveloper Platform systems architecture is based on microservices that themselves are wrapped in Docker Containers. This means that Customers can deploy their Application on any technology stack that supports and manages a containerized environment including such services as Amazon AWS, Digital Ocean, and of course Private-cloud offerings behind the Customer’s firewall. CitizenDeveloper uses Kubernetes and Docker Cloud for container management. For Customers who need the highest levels of security on their internal systems, they can even build all of their no-code integrations using Runners that sit behind their firewall.
The CitizenDeveloper Platform supports a multi-tiered data management architecture which includes a master data controller (an asynchronous microservice) that in turn controls database specific controllers (also asynchronous microservices). This means that new database controllers can be added according to the preferred database of the Customer. CitizenDeveloper recommends two types of Databases, although the Customer is free to request others.
SQL
SQL databases allow discrete transactions that enforce integrity. This means that a query will always return the precisely correct results, with the penalties of query time, database cost and interface flexibility (e.g. a “Google-style search” isn’t natively achieved in a SQL database). Most SQL databases are not managed on High- or Ultra-High Availability networks and therefore require additional expensive setup and management. CitizenDeveloper utilizes a number of Ultra-High availability SQL databases such as Google, AWS and Azure, and also ultra-high availability blob databases such as Google Spanner SQL.
NoSQL
NoSQL databases are cheap to set up and allow fast affordable queries at the cost of accuracy and query sophistication. NoSQL databases usually operate in a High- or Ultra-High Availability environment. CitizenDeveloper generally recommends NoSQL usage for specific types of jobs such as storing large quantities of blob data or files, where “eventual consistency” is acceptable.
CitizenDeveloper has widely believed in the browser as the Application platform of choice since 2002, and has pioneered its use ever since. Today, more than ever before, the browser remains the right platform to deliver most line of business applications to a User with. Increasingly, we expect that not just your desktop application capabilities and your online mobile activities will be delivered by the browser, but soon your offline and even your native mobile activities will all be delivered using browser technology as well. CitizenDeveloper positions you to enjoy each of these future advances without having to “start over” on your software.
HTML
The core rendering language of CitizenDeveloper client-side is HTML. CitizenDeveloper closely monitors and stays ahead of the latest HTML trends and standards, and embraces key future standards including browser based data storage and offline data management.
JavaScript portability, React / Flux, and Runners
JavaScript is offloaded from the server to the browser, in increasing proportions, to deliver a rich interface experience to the User. Written and supported by Facebook, the React framework for DOM component rendering and Flux architecture for in-memory data binding make a solid foundation for rich, data driven application development.
In other words, increasing amounts of workload can be rapidly transmitted to the Client’s browser, dramatically speeding up the Users perceived page performance, and significantly freeing up computing resources on the Server.
As a result, we are able to give CitizenDevelopers a choice as to where logic is expected to run, on the server or in the Users browser. And interestingly, this same choice can be used to power a “runner” installed on the customers network, which managers integrations with behind-the-firewall and highly secure applications in such a way that the network managers don’t have to open up additional holes in the firewall.
CSS with Bootstrap 4.0 Theming
The CitizenDeveloper Platform leverages CSS classing and offers compatibility with Twitter’s Bootstrap 4.0 theming framework to make it fast and easy to make sweeping interface modifications and stylistic enhancements. The result experienced by your User is beautiful desktop, tablet and mobile interfaces, specifically designed for their needs.
By virtue of the Application being built on the CitizenDeveloper Platform, organizations enjoy the benefit of all of their applications, regardless of who built the application, having a high level of security based on (1) architecturally designed security features, (2) overlapping and redundant security features with CitizenDeveloper’s cloud vendor (Google, AWS, Azure, etc.) as well as (3) a full Security Information and Event Management policy.
Architecturally Hardened Against Common Attack Vectors
The CitizenDeveloper Platform is architecturally hardened against most common vectors of attack including SQL injection and XSS. As part of this design, there are architectural barriers to code hacks (specifically, a non-code based, metadata driven processing model). By design, all queries are filtered through Record Security, enforced by the Record Processing microservice. Furthermore, all data is encrypted in transit using SSL using TLS 1.2 (or greater) and when specified, at rest.
Table Security Enforced at the Database Level
Citizen developers, without writing code, can set database triggers controlling what data is released by the database to the back end. Put simply, if the citizen developer does not want certain data being released to certain users, the database will not release it.
Cutting Edge Security Posture
The CitizenDeveloper technology and organization were both designed with compliance and security in mind, as evidenced by the SOC 2 Type II compliance letter available upon request. Utilizing everything from FIPS 140-2 compliance for encrypted data in transit and at rest, to 24/7 monitors and a robust SIEM policy, CitizenDeveloper is proud to boast it has never had a security breach.
Security SLA
CitizenDeveloper is one of the few providers to offer a Service Level Agreement (SLA) backing up its security claims.
Client “Runners”
Interestingly, because JavaScript based logic processing is now “portable”, it also can be transported to special servers that sit behind the Client’s firewall called a “runner”. These runners can process for example all internal integration activity. This means that the Client no longer needs to open up firewall ports to the outside world, all integrations can take place safely on a protected network. The Runner processes the data and sends and receives communication to the web server.
CitizenDeveloper tools make it easy to build processes that are both desktop, tablet and mobile optimized. In fact, most CitizenDeveloper applications can deploy mobile optimized variants of relevant desktop pages after only a few minutes of refinement . How is that for organizational agility and cost savings?!
This is because CitizenDeveloper was built from the ground up with mobile in mind. In fact, key technologies built into CitizenDeveloper include:
Responsive Components
All CitizenDeveloper components are natively responsive, meaning that they dynamically adjust as the browser window grows or shrinks.
Fluid Grid System
CitizenDeveloper components are fluidly arranged on top of the industry standard grid system called React, making it easy for citizen developers to dynamically reposition elements when building a dedicated mobile version of a desktop page (no code required!).
Bootstrap
CitizenDeveloper is built around the leading CSS framework for building responsive web applications.
Media Queries at key Breakpoints
Importantly, CitizenDeveloper allows for stark, mission critical changes to layouts, component rendering, queries and logic, all based on the form factor of the browser. This means that a page which looks a certain way on the desktop can suddenly render and even behave completely different on a mobile device. For example, the navigation of an application can appear as “Tabs” when viewed from a desktop browser, but can change automatically to a “hamburger menu” when viewed on mobile. As another example, an application can change from 2 columns of information when viewed on a desktop browser, but switch automatically to a single column of information when viewed on a mobile device. As a final example, field components (like address fields) can render one way on the desktop, and can be stripped down to render a different way, or hidden entirely, when viewed from a mobile device. This is all possible thanks to native use of media queries at breakpoints.
CitizenDeveloper believes in defeating Vendor Lock-in by doing two things; using an industry-standard database schema that is easily exportable, and allowing customers to extract their microservice code. To this end, we are diligently deploying new tools to allow anyone to copy, add or modify the microservices of the Platform itself, as desired (coming soon!).
CitizenDeveloper Has Been Pioneering No-Code Since 2002
Discovering the Technologies that Empower Our Cloud-First Approach
During our extensive research and development journey, we have been early adopters of several crucial technologies, such as the LAMP Stack in 2002, AJAX in 2003, virtualization through VMware in 2006, and Amazon AWS and Rackspace.
Currently, we have also widely embraced Docker Containers, as well as other cloud providers, including the Google Cloud Platform (GCP) and Microsoft Azure. Along the way, we have also embraced many other technologies that enable a cloud-first and browser-first approach.