Monday, November 9, 2009

Notes from btsummit Nov 2009

Business Technology Summit
3rd-4th November, 2009
Indian Institute of Science
Bangalore

Alas... some time for sharing wisdom gained from btsummit 2009. I'd share some links and keywords referring to Cloud computing and SOA,

Web Service
- SoapUI, an extellent tool for testing webservices. This java based tool that has a nice interface for defining and testing webservices. A MUST have.

SAAS - Software as a service
- Example: Say, we need a software on a very urgent basis to manage and process some user data for some finite time. We'd have 2 alternatives.
1) Develop the app ourself following the complete software lifecycle which may take months.
2) Or, buy a third party software that does the same and bear the licensing costs for a year or so and install and maintain the software within the company, adding to the costs.
3) Look for a SAAS, where you pay for what you use. No software installation, No maintanace costs, All that is needed is "Internet".
Example: salesforce.com, force.com

Cloud Computing
Where all you need is computing power, like computing power for rent.
Example: Amazon EC2, Microsoft Azure, Google Appengine

SOA
Where you need multiple web services to interact and create a whole ecosystem out of them. Here, Web services serve as building blocks.

Economics of the Web based computing model [Excluding private clouds and implementations]

Factors that need to be taken into account:
  • Save on Network implementations?
  • CPU hours on cloud [How costly is it?]
  • Expense on storage
  • Capacity management [Am I expecting variable load on these apps?]

REST - Representational State Transfer
Refer http://www.ics.uci.edu/~fielding/pubs/webarch_icse2000.pdf
  • Noun oriented, example: PUT /user//, DELETE /user/,...
  • Architectural style (Check the above url for details)
  • Built around resources. For the web, URI are resource identifers!
  • Cacheable (by various network elements)
  • Uniform interface
SOAP
Refer www.w3.org/TR/soap/
  • Verb oriented, example: UpdateUser(), DeleteUser(),...
  • schema defined XML based.
  • Not easily cacheable.
Web Security
  • Never trust the user!
  • Do not implement security as an add-on in the later stage of the project.
  • Use standard encyption methods.
  • Validate all inputs from the user. While validation, use white-listing style of validation (allow known good)
  • Use Custom Error Pages. [The error trace shown by tomcat could be misused]
  • Code Reviews, Vulnerability assesment, Penetration testing.


Lots more to cover! [Over to next post for details on Enterprise Dashboards]
Posted by at 5:00 PM
Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)