Support center
Go back to application
Support center
Go back to application
Get started
Welcome to Your Carbon Management Journey with CarbonSig!Climate Change OverviewKey Terms in Climate Technology and Carbon Footprint
Onboarding Guides
Company Onboarding Guide without SSOUser onboarding processExternal User onboarding
Architecture & Deployment
Understanding CarbonSig's Multi-Instance Architecture
Using CarbonSig
System page
Libraries Management
Carbon Attested Products (CAP)
Relations (managing supplier / vendor relationships)
User Management
Account & User profile
Deeper Reading: Carbon Concepts & Definitions
Definitions & concepts found in the CarbonSig system
Greenhouse Gas Emission Basics
Calculating Product Carbon Footprint
Latest Updates

Understanding CarbonSig's Multi-Instance Architecture

Overview

CarbonSig operates as a multi-instance application designed to provide flexible deployment options while maintaining data security and sovereignty. Unlike traditional single-application multitenancy, CarbonSig offers separate, dedicated instances for enterprise customers alongside shared infrastructure for smaller organizations, all coordinated through a central Registry system.

Deployment Models

CarbonSig offers three distinct deployment models to meet different organizational needs:

CarbonSig Enterprise

  • Dedicated Instance: Each enterprise customer receives their own complete CarbonSig application instance
  • Deployment Options: Can be hosted on-premise or on the customer's preferred cloud provider
  • Data Control: Customers maintain full control over where their data is stored and processed
  • Authentication: Full Single Sign-On (SSO) integration support
  • Isolation: Complete data and infrastructure isolation from other customers
  • Best For: Large enterprises with strict data sovereignty, compliance, or security requirements

CarbonSig Professional

  • Managed Dedicated Instance: Each customer receives their own dedicated application instance
  • Deployment: Fully managed by the CarbonSig team on CarbonSig infrastructure
  • Data Isolation: Complete separation from other customers while being professionally managed
  • Authentication: Full SSO integration support
  • Best For: Medium-sized organizations wanting dedicated resources without infrastructure management overhead

CarbonSig Basic

  • Shared Instance: Multiple customers share the same application instance
  • Deployment: Traditional multiaccount model within shared infrastructure
  • Management: Hosted and managed by CarbonSig
  • Best For: Small organizations and suppliers needing cost-effective access to carbon footprint capabilities

The Registry System

The Registry serves as the central coordination hub for all CarbonSig instances worldwide. It acts as a federation controller that enables secure communication and resource sharing between separate instances.

Registry Functions

Instance Management

  • Maintains a comprehensive directory of all CarbonSig instances
  • Stores instance metadata including:
    • Instance name and location
    • IP address/URL endpoints
    • Customer account information
    • Instance configuration details

Health Monitoring

  • Performs continuous "heartbeat" health checks on all instances
  • Provides real-time status indicators for each instance
  • Monitors instance availability and performance
  • Alerts administrators to potential issues

Resource Distribution

  • Distributes Life Cycle Inventory (LCI) databases to instances
  • Manages updates to EcoInvent database across all instances
  • Coordinates sharing of Carbon Assessment results between authorized instances
  • Ensures data consistency across the CarbonSig ecosystem

Access Coordination

  • Routes external data requests to the appropriate instance
  • Manages secure cross-instance data sharing when authorized
  • Preserves and verifies carbon footprint claims between instances
  • Maintains audit trails for all cross-instance operations

Data Organization and Access Control

Instance-Level Separation

Each Enterprise and Professional customer enjoys complete infrastructure isolation:

  • Dedicated Infrastructure: Separate databases, application servers, and storage systems
  • No Data Mixing: Customer data never mingles with other customers' information
  • Independent Scaling: Each instance scales based on individual customer needs
  • Custom Configurations: Instances can be tailored to specific customer requirements

Organizational Hierarchy

Within each instance, CarbonSig implements a structured organizational hierarchy:

Account (Organization)

├── Groups (Business Units)

│   ├── Divisions

│   │   └── Workspaces (Sites/Facilities)

Access Control Features

  • User Assignment: Every user must be assigned to a specific workspace
  • Hierarchical Permissions: Users can access data at their assigned level and below
  • Entity Restrictions: Processes, attestation units, and other entities can be restricted to specific organizational levels
  • Workspace Isolation: Data access is automatically filtered based on user workspace assignments

Security and Compliance Benefits

Data Sovereignty

  • Geographic Control: Enterprise customers can specify data storage locations
  • Regulatory Compliance: Easier adherence to industry-specific regulations (GDPR, HIPAA, etc.)
  • Audit Capabilities: Complete audit trails for data access and modifications

Security Isolation

  • Infrastructure Separation: No shared resources between customer instances
  • Network Isolation: Separate network boundaries for each instance
  • Access Controls: Multi-layered authentication and authorization systems

Performance Advantages

  • No Noisy Neighbors: Customer workloads don't impact each other
  • Dedicated Resources: Guaranteed performance levels for each instance
  • Independent Scaling: Resources scale based on individual customer needs

Registry-Mediated Operations

When instances need to share data or verify information:

  1. Request Initiation: A user or system initiates a cross-instance operation
  2. Registry Lookup: The Registry identifies the target instance and validates permissions
  3. Secure Communication: The Registry facilitates encrypted communication between instances
  4. Data Exchange: Information is securely transferred with full audit logging
  5. Verification: The Registry maintains records of all cross-instance activities

Use Cases and Examples

Enterprise Scenario

A large manufacturing company uses CarbonSig Enterprise with an on-premise instance to:

  • Maintain complete control over sensitive production data
  • Integrate with existing enterprise systems
  • Meet strict industry compliance requirements
  • Share verified carbon footprint data with suppliers through the Registry

Professional Scenario

A mid-sized company uses CarbonSig Professional to:

  • Access dedicated resources without infrastructure management
  • Maintain data isolation from competitors
  • Scale resources as business grows
  • Collaborate with partners through Registry-mediated sharing

Basic Scenario

A small supplier uses CarbonSig Basic to:

  • Access cost-effective carbon footprint tools
  • Respond to customer sustainability requests
  • Potentially upgrade to dedicated instances as business grows
  • Connect with larger customers through the Registry system

Getting Started

To determine which CarbonSig deployment model is right for your organization, consider:

  • Data sensitivity and compliance requirements
  • Organizational size and user count
  • Integration needs with existing systems
  • Budget and resource constraints
  • Future growth and scaling plans

Contact your CarbonSig representative to discuss which deployment option best meets your organization's needs and to begin the implementation process.

For technical support or additional questions about CarbonSig's architecture, please contact our support team or refer to the technical documentation in your instance.


 

Was this article helpful?

English
Powered by Product Fruits