Monday, December 10, 2012

Components of Service Oriented Architecture (SOA) in Windows Communication Foundation (WCF)

I was studying implementation of web services (WCF - Windows Communication Framework) which used Simple Object Access Protocol (SOAP) and realized there are far too many concepts involved. In my research for making me better co-relate these concepts, I ended up creating basic definitions of the the concepts and finally make a pictorial representation of the components and represent how they relate with each other (which can be found in my next blog post called "Pictorial representation of Service Oriented Architecture (SOA)").

The components are:
Backend
Endpoint
Repository
Service Domain
BPEL
Enterprise service bus
Request-response
Service Lifecycle
BPMN
Heterogeneity
REST
SOAP
Choreography
Interface
Reusable
Versioning
Collaboration
Interoperability
Scalability
WCF
Composable
Orchestration
Security
Workflow
Consumer
Performance
Self-Contained
WS-*
Contract
Provider
Serialization
WSDL
DCOM
Registry
Service (Small s)
WWF
De-serialization
Reliability
Service (Big S)

Backend:
It is the conceptual part of a Service where the database should reside. All the data that is used for processing and needs to be stored should exist in this particular location. In the perspective of distributed systems, it can be interpreted that each system can have their unique and independent back ends. Another aspect that services should enforce is that, the services should not access data from each other’s service domains or systems, but they can interact with the services which are associated with them.


Endpoint:
It is a link or a point which exposes the service to the client for utilization. Without the exposed endpoint a consumer / client cannot consume the service. The endpoint should expose the metadata that is needed by the client.

Repository:
            It represents a business view of a service. It showcases the interfaces, the contracts and Service Level Agreements (SLA) that exist. The low level details about the content that exits in the repository can be found in the registries. Repository helps in designing and developing services but the actual implementation of the repository is actually done in registries, they contain the technical details.

Service Domain:
            Service domains represent individual systems that exist in a System as a whole. For example, in a passport issuing system, there are various individual systems that exist such as, Homeland Security system, Department of Transport System and Police Department system. These systems work together to work for the Passport Issuing system as a whole. These domains may have their own back ends / databases. 

BPEL:
            Business Process Execution Language (BPEL) is an XML based language used to orchestrate services to composed services or process services. The result of this language is a web service. This language is helpful since it helps to translate business requirements to the Information technology requirements. This language enables IT during implementation of the business requirements.

Enterprise Service Bus:
            This is a concept of how distributed systems should work together and how communication between them should take place. An important feature that ESB embraces is the interoperability of services. Its core task is to showcase a way of providing connectivity, routing and data transformation so that systems can communicate with services. A problem that ESB might create is that, it obscures the dependencies among systems.

Request-response:
            This is a message exchange pattern that allows communication to take place. It is normally initiated by the client / consumer. It is received by the server / service and further operations take place. The client waits for the response of the server. There can be a synchronous or an asynchronous request / response that could take place and it is solely depends on the client and server’s configuration.

Service Lifecycle:
            The service lifecycle can be defined as the life of the service. The service has a lifespan, it starts when it’s called / initiated and ends when the service is executed completely or the session between the client and the service ends. There might be various operations that need to take place during the lifecycle.

BPMN:
            Business Process Modeling Notation is a tool that can be used for preparing a business process that can be visualized in the terms of services, service domains and processes. It is a pictorial description of the business process. This helps in IT implementation especially when segregating services among the various domains.

Heterogeneity:
             It is a theory in services implementation which states that no matter what operating system, programming languages and data models they use they should be able to communicate and work together without any problem. This theory is used in Windows Communication Foundation (WCF) so that a Java application can communicate with a .NET based application.

REST:
            It is an alternative to Web Services that allows the same type of communication that WCF allows but in its unique manner. It refers to a collection of network architecture principles that focus on simple and stateless access to resources.

SOAP:
            Simple Object Access Protocol is a basic protocol used by web services. It uses XML based format that defines the format of the header and the body of a web service message.

Choreography:
            It is a way of aggravating services to business processes. It does not compose services to a new service or a central service that has total control over the whole process. It also defines rules and policies that enable different services to collaborate to form a business process.

Interface:
            It is an input/output region in the service, which allows the client / service to interact with each other. From a WCF perspective, it is the region which is exposed to the client or consumer.

Reusable:
            In the terms of WCF, it means that the code does not need to replicate. It can be referred and can be reused.

Versioning:
            There might be scenarios in which the service may need to be modified. Hence versions may need to be changed. This does not mean that the older version becomes obsolete. It still can be referenced by the services / systems that need it; the new version can be referenced by the systems / services that need it as well at the same time.

Collaboration:
            It basically means that all existing and being developed systems needs to work together at the end. From the formulation of ideas to the maintenance of its realization, distributed systems require collaboration.


Interoperability:
            It is the property of the system / service which states that different operating systems, programming languages or even different environments should be able to interact with each other. It is possible by the use of serialization and de-serialization in services / system communication.

Scalability:
            Its is the property of the system/service which allows new items to be added and removed as necessary without changing the overall working of the service / system.

WCF:
            Windows Communication Foundation is windows based service that embraces SOA. It allows communication by various clients not depending upon what operating system/programming languages it uses to communicate. It serializes the communication and allows interoperability.

Composable:
            It is a property or technique that allows multiple services to be related and finally compose into the making of a hybrid service. This allows a client to refer to services that will allow it to get its work done without creating new services or items in the service.

Orchestration:
            It is a theory that has the following characteristics:
·         There is one central controller that coordinates all the activities of the process.
·         You can apply the composite pattern, which means that the whole composition itself can be used as a service.

Security:
            In terms of WCF, it is the encryption of data that makes sure that data does not get transmitted as plain text and not captured by persons it is not intended to be sent.

Workflow:
            It describes how a certain result can be reached and it looks further into the details of all the steps that are needed to reach the results.

Consumer:
            It is the client or the system/service that consumer a service.

Performance:
            In WCF terms, performance is the time taken by the service to respond back to a client request. Performance can suffer due to network latency, programmatic error or data related problems that pertain to the database.

Self-contained:
            In WCF, it means that the service should be independent and autonomous.

WS-*:
            In WCF, it is a stack that adds extra headers to every message that goes out that pertains to object interaction.
            Some of the features that WS-* exposes are:
·         WS-Addressing
·         WS-AtomicTransaction
·         WS-Security

Contract:
            It is the part of a communication protocol between the consumer and provider that describes the semantics and behavior of the messages exposed in the interface.

Provider:
            It is the system that implements a service so that other systems can call it.

Serialization:
            It is the conversion of the data into a byte code for transmitting over the wire. When the data is converted into 0’s and 1’s it allows for interoperability by the use of web services.

WSDL:
            Web Services Description Language is the endpoint that exposes the service description to the client.

DCOM:
            Distributed components refer to a set of technologies designed to allow access to an object’s business logic across process and machine boundaries.

Registry:
            It showcases the technical details of the business process. It needs the repository to refer to the business process.

Service (Small s):
            It is the actual service implementation of the service that is exposed to the client.

Service (Big S):
            It is the name of the service that the business process has asked for. It does not deal with the actual implementation; it just exposes the functional elements of the service to the client. 

De-serialization:
            It is the process of converting the byte code to the code or interpretation that the client system can understand.

Reliability:
            In WCF, it is the property that allows communication to occur even if there is network latency or by any chance a particular data packet is lost. This feature forces the client to resend the lost packet until the whole data is collected / received.
Posted by at No comments:

Tuesday, September 11, 2012

Is Service Oriented Architecture (SOA) really new? Or it is just "Old wine in new skin" ?

In this post I am going to compare Service Oriented Architecture to the following:
  1. Object Oriented Programming (OOP)
  2. Enterprise-resource planning (ERP)
  3. Software Development Life Cycle (SDLC) also known as Traditional Waterfall Model
  4. Agile  Development

1. Object-oriented programming:
            Object-oriented programming (OOP) is a theory that revolutionized the programming world. It is a method of programming that allows classes and objects to be created in any manner and yet be called from any point during the execution of the main program. In a similar manner, SOA believes that there can be distributed systems and yet they can function together.
           
            OOP enhances portability as well scalability by the use of OOP technique. SOA is exactly the same in the scalability and portability perspective. The only difference is that OOP deals with objects and classes whereas SOA deals with services and system in a distributed environment.

            Even though both seem to be very similar, it is to be noted that one is programming language concept and another is a system development concept. Hence, I believe SOA is a new concept for software / system development.

2. Enterprise-resource planning (ERP):
            SOA is different from ERP since ERP believes in one central service / system which will act as a controller when it comes to data communication. In SOA, it is a more open system than ERP since it allows services to communicate with each other in the manner they want. There is no limitation or restrictions on how services should communicate with each other.

            On an overall perspective, even though ERP and SOA seem to be preaching the use of distributed systems. SOA seems to be more scalable and more direct as compared to ERP. SOA supports direct communication between services whereas ERP needs communication to take place through a central controller. I believe SOA is a new revolutionary theory as compared to ERP. 

3. SDLC (traditional waterfall method):
            SDLC is a strict method of software development method that is very rigid. One must follow each and every step while using this method. When compared to SOA, SOA is not as rigid and does not have rigid rules that one must follow. SOA is strict in the manner in which communication should occur between services and clients but there are no rules that demand any particular method of development.

            In contrast to SDLC in which each component is dependent upon its predecessors which limits scalability, in SOA, the theory is that services should be individually developed and should be scalable independently. Another feature of SOA that embraces scalability is the versioning which allows multiple version of the service to exist and work with individual services or systems as required.

            In my opinion SOA is contrast as compared to SDLC; SOA is a new technology as compared to SDLC.

4. Agile development:
            Agile development is a new software development technique that is similar to SOA. It is similar to SOA because it embraces scalability and embraces the concept of OOP. Agile Software development allows creation of classes and functions that can be used independently and yet can be used together if needed. This theory is very similar to what SOA preaches, the only difference being that SOA deals with services whereas Agile Software development deals with objects and classes. There is a very minute limitation in SOA; it is that there might be some minor dependencies among services.
           
Overall, I believe SOA is not at all a new technology as compared to Agile Software development. It does not seem to very different hence it feels like “Old wine in a new skin.”
Posted by at No comments:

Tuesday, July 31, 2012

NAT (Network Address Translation) Router, How does it work?


NAT (Network Address Translation) is a process by which private network devices can reach out to the devices on the Internet and receive responses. In a normal or usual scenario every household has a public address and this address is used by multiple devices internally (private devices). Without NAT, there would have been only one internal or private device accessing the Internet. Also NAT is required as it works as a gate way between the private network (for example network 192.169.x.x) and the public network (for example 203.246.x.x). By default and in real world the private devices are not accessible to the public network directly. They have to be accessed through the NAT router.

The process of making a private device available or able to access the internet is as follows:
1.      Local machine attempts to access www.google.com (74.125.229.34)
2.      NAT router creates a new entry in the lookup table associated with the local machine’s private network address and the internal source port.
3.      NAT router rewrites the machine’s IP address to that of the NAT’s public IP and open up a new source port and rewrites the original port number with the new one.
4.      The new combination of public IP and new source port number are recorded alongside the private source IP and original port number in the lookup table.
5.      The NAT router also adjusts the checksums so that it would reflect the changes that were made.
6.      The packet is forwarded to www.google.com (74.125.229.34)

When the response is received, the NAT router checks its lookup table for any entries whose public source port corresponds to the destination port of the inbound packet and whose destination IP corresponds to the source IP of the inbound packet. Once this is determined, the NAT router rewrites the IP header of the inbound packet according to the lookup table and forwards it to the correct private machine.

This process continues and runs successfully in the same manner, no matter how many devices are in the private network. 
Posted by at No comments:

Wednesday, June 13, 2012

Why should audio and video streams should typically transmitted over UDP instead of TCP?


To better answer this question we need to understand the working of TCP and UDP individually. TCP (Transmission Control Protocol) is a communication protocol on the internet, which routes packets between machines in a best effort fashion. It creates a protocol that guarantees or assures the sender that the packets or in broader view a message will be received by the specified receiver. TCP does this by a process called as TCP sessions. It has three basic components, namely,
1.      Initial SYN request (Handshake)
2.      Reception of SYN-ACK request
3.      Acknowledgement response

This process is also accompanied by sequence numbers that ensure that the packets are received in order and also used to check for completeness of messages.

On the other hand, UDP (User Datagram Protocol) does not have a lot of features as the TCP has. UDP does not make a guarantee that the packets or messages will be received in order and also does not check for correctness or completeness. It also does not have initial handshake as TCP has.

As we can infer from the above descriptions, TCP takes longer time than UDP does. Also in TCP if we are transmitting voice or audio and due to some issue a packet is lost. The receiver would stop accepting any more packets until the missing packets is received which will add latency to the communication and hence will disturb a real time communication. Whereas for the UDP based audio or video communication, even if a packet is lost, we humans are able to fill in the void by pattern recognition or by anticipating the voice and hence communication can occur. Even though there maybe packet loss in UDP communication, it is a more efficient and effective protocol for time-sensitive applications such as voice and audio.
Posted by at No comments:

Monday, May 14, 2012

Among radio frequency, optical and radio emissions, which poses the most significant privacy threat for a user?


Most significant privacy threat for a user is most likely to be from radio emissions as those used in wireless networks. This is probably the most common threat for a user given that an unauthorized user could possible gain access to a network or computer and eventually compromises its security.
Radio frequency would be the next significant threat, but usually this is done via RFID devices that are preconfigured and required prior knowledge of what is being accessed. However some military applications of this technology are quite complex and difficult to hack.

Finally optical, given that is not transmitted through the air, requires complex equipment to intercept and any loss of signal can be detected immediately by the receiving end.

For the home office case we can consider a wireless network as a place where some weakness can be found if not properly configured or open. 
In a public library we find the same threat for a wireless network as we do at homes, but with increase violation probability given the amount of traffic this kind of environment has. Any security associated with radio frequency devices are also vulnerable and must be carefully managed since they are exposed to the public, so the possible hackers are unknown. Finally optical threats are very unlikely and if equipped with this technology, then it should be physically secured and out of reach from potential intruders.

On a university department wireless network, the likelihood of unauthorized access to certain areas can be even higher, since you have large number of students that are learning and eventually become experts in this field. Same happens with optical devices, students and external hackers might try to gain access, so they must be properly configured to catch any change in signal strength and that way detect any breach as soon as it happens.  
Posted by at No comments:

Monday, April 2, 2012

Computer Network: Difference between a switch, a hub, and a IP router.


A hub is a device used to connect computers and or printers in a network without any type of decision making process, they simple act as concentrators, they can be passive or active meaning that they will regenerate the signal in order to increase the distance data can travel.  They forward all frames to all the attached devices in the network segment. This increases the ease for network eavesdropping, since all machines are receiving frames.

Switches are devices that work at the link layer level, handling frames within a network segment. They alleviate congestion and reduce collisions. This is accomplished by learning the MAC addresses of those machines in the network segment and the port in the switch. Over time the switch learns all these addresses and is capable of only forwarding frames to the port associated with the destination MAC address and not the other machines in the same network segment. This reduces collisions, increases the effective speed of the network and the effective bandwidth. By forwarding frames only to those machines that are the receivers and not every device in the segment, the chances of eavesdropping are greatly reduce.     

Routers are devices that operate at the network layer connecting two or more networks. Routers store information on the neighboring networks and a default gateway. The information store on the router and the protocols configured in a router allows it to take the appropriate action with the packets it receives: drop, deliver or forward. Based on network information routers can handle packets similar to the mail system using zip codes. Routers are susceptible to attacks so the first thing is to have strong passwords, turn off those services not used and in wireless network have strong security measures. Packet sniffing is almost unavoidable so if confidentiality is essential then it is necessary to implement some type of encryption.  

Thanks to Gustavo Ramirez (my classmate) and the to the book (Introduction to Computer Security) which helped me in composing this post. 
Posted by at No comments:

Friday, March 30, 2012

Do Financiers or Investors look into a Business Plan? or just the executive summary?

I have been planning a dream, a dream to open my own business at some point of time [though it is decades away from happening].  But, well we all have a power and that is imagination. So I have been imagining myself as a entrepreneur and trying to convince my investors to lend me funds.

From the past few marketing/business classes I realized that business plan will be a secondary source of information to our clients but what has to be perfect, short, point-to-point is the executive summary.

All business plans must have an executive summary, details of the culture, vision of the business, marketing strategy and financial analysis. But what makes a good business plan excellent is providing the funding request with a clear and compelling reason. It also helps if the owner has spent time, money in the business. The investors or the financiers would like to know how much you are emotionally, intellectually and financially invested in the business. Another factor is providing the financiers or investors with an exit strategy in which they can leave the company in a very planned and orderly manner. No matter how good your business might be, if an investor wants to leave you should provide him/her with a way to do that in an orderly and planned manner. Finally in the business plan, it is important to do the Strength, Weaknesses, Opportunity and Threat (SWOT) analysis and compare it with your competitors and make it a point to put it into the business plan which will ensure that the investors know what will they gain or lose if they invest. This all should be summarized and put into the executive summary which should be written at the end of the business plan creation.

Posted by at No comments:

Thursday, February 2, 2012

Errors of omission can sometimes be greater than errors of commission

For a change, I am going to write about business and especially entrepreneurship.

I saw a blog by G.Mohan which I saw a comment by Jeff Bezos, the founder of Amazon.com 
“We’ve made many errors. People over-focus on errors of commission. Companies over-emphasize how expensive failure’s going to be. Failure’s not that expensive….The big cost that most companies incur is much harder to notice, and those are errors of omission.”

Here is my critique about it: 

Errors of omission occur when the entrepreneur has a conflict of interest with an opportunity other than the idea one that he/she has in his/her mind but may exist in reality. In such a situation the entrepreneur completely ignores these opportunities and loses the first mover advantage and this could prove to be a big loss in the future. Errors of commission occur when the entrepreneur is solely looking at the loss that he/she may incur if the new opportunity is implemented. This is relevant to the business plan because the business plan is like a road map that the entrepreneur uses to make his business a success. If the entrepreneur does not document all of these opportunities and the research based on it in the “Opportunity Analysis and Research” then neither the financier nor the entrepreneur will be able to pursue the opportunity in the future. This error in omission may play a part in higher error in commission in the future.

Posted by at No comments:
Subscribe to: Posts (Atom)