×
Southern Railway
Marker Terminal
Enterprise Isolated
×
×
An ultra-secure serverless platform and geodetic progressive web app engineered for Southern Railway contractors to catalog, verify, and lock physical railway markers with zero spoofing exposure.
The platform architecture isolates computing resources into three separate nodes to maximize security boundaries, withstand spike queries, and ensure zero public document exposure.
Administrative control desk for contractors to import CSV registries, audit updates, and manage assets.
Hardware-optimized native Android application (.APK) enabling field engineers to calibrate markers securely with biometric and high-precision GPS locks directly at track-sides.
Laravel API layer executed inside isolated AWS Lambda containers via Bref, ensuring zero server overhead.
Technical layout documents are locked inside private S3 containers, accessible only via temporary, signed URLs.
Built using React, TailwindCSS, and Outfit typography, the admin panel allows contractor managers to assign track segments, audit updates, and upload trench layouts.
Upload track coordinates lists containing thousands of records in a single action, instantly assigning cryptographically signed tags.
Dynamic dashboards group track masts by their status (Pending vs. Calibrated), giving managers live feedback on geodetic coverage.
The console strictly operates on official Southern Railway endpoints, preventing cross-site scripting and unauthorized data queries.
Every single blueprint download, parameter look up, and telemetry calibration is logged in a read-only historical ledger.
A high-performance native Android application (.APK) engineered with Capacitor, featuring secure hardware-backed encryption, precise hardware geolocation, biometric auth, and offline SQLite synchronization for field engineers.
Protects field access with native fingerprint verification and secure JWT session tokens, shielding geodetic marker specs if a device is compromised.
Utilizes multi-sample hardware GPS readings to capture exact latitude and longitude boundaries (within ±1.8m accuracy) directly at trackside.
Syncs and stores track mast configurations and engineering blueprints locally in an encrypted SQL DB, allowing full offline telemetry audit in tunnels.
Leverages native device camera APIs for instantaneous, lightning-fast QR scanning and secure digital token lookup to identify and load physical marker records.
Data integrity is strictly locked at the physical layer to shield coordinates databases from spoofing, tag tampering, and outer-domain manipulation.
Every track marker specification is cryptographically sealed during creation. Modifying any coordinate breaks the signature immediately.
QR code verification requires payloads to match official Southern Railway domain prefixes. Outer scans are rejected immediately.
Strict server-side origin policies deny non-aligned clients from triggering transactions, blocking data injections.
Restricts geodetic calibration and blueprint lookup capabilities strictly to authenticated site engineers.
Southern Railway's geodata assets are protected by top-tier transport layer privacy, auto-resilience recovery systems, and strict software standard compliance alignments.
Aligned with OWASP Top 10 guidelines to prevent injections, enforce secure direct object reference mappings, and sanitize all parameters.
Encrypts all operations-side telemetry in transit using strong TLS 1.3 cryptographic suites, preventing passive man-in-the-middle sniffing.
Database uses continuous hourly automated snapshot backups with a 30-day retention log, guaranteeing zero data loss on infrastructure failures.
API containers and server databases are hosted in isolated virtual networks (VPC) with continuous security scanning and dependency audits.
Engineered to isolate satellite parameters and calibrate precise marker positioning directly at track side.
Gathers sequential coordinates logs, filtering out distorted satellite samples to capture the highest-accuracy lock before committing.
Field engineers initiate localized proximity radar scans to find the 5 nearest masts, displaying distance and boundary offset guides.
Calibrated GPS positions are permanently patched to central database records, linking user ID, time, and coordinates.
Server verifies reported geometries against technical boundaries logs to flag layout anomalies during placement.
Every transaction, verification scan, blueprint request, and credential rotation is recorded in a read-only security vault, providing absolute contractor accountability.
Logs all physical QR HMAC code queries at trackside, identifying the site engineer's session and the specific marker.
Logs the multi-sample satellite lock details, GPS signal accuracy, and coordinates locked to database specifications.
Tracks all S3 blueprint pre-signed access URL requests, locking access timestamps and engineer IDs to prevent drawing leaks.
Rotations of security passcodes, user account provisioning, and contractor track sector mappings are logged in immutable entries.
Leverages isolated cloud microservices to withstand traffic spikes, separate resources, and prevent document leaks.
API layer is mapped to microservices using Laravel and Bref, scaling instantly to handle concurrent calibrations.
Layout PDF blueprints are sealed inside private S3 storage units, completely blocked from public directories.
Blueprint layout links are generated dynamically with a 10-minute expiration token, preventing download leaks.
Reference lookups run via JSON HTTP POST parameters to handle complex characters safely and prevent injection attacks.
×
The Geodetic Marker Roster and Telemetry system is fully synchronized, committed, and ready for deployment to Southern Railway Contractors.
Ready to process thousands of coordinates references en-masse.
High-precision geodetic tracking with offline SQLite sync and secure hardware GPS locks.