SE 4353
What are some of the qualities what we would use to judge the usability of a Graphical User Interface (GUI)?
Several mentioned in the slide but generally: 1. How many actions (selections, keyboard entries, etc.) does the user make to accomplish some task. For example, how many actions are needed to enter a customer? 2. How much training does it take for the average person to become efficient with the interface? 3. Does the interface protect / prevent the user from making irreversible mistakes. For example, deleting a customer or other information.
What are three of the system metrics a monitoring agent can examine for trends that indicate a potential fault / failure? Note: a few are mentioned in the slides but others are possible. Use your imagination.
Students: These specific answers may appear on the exam. • A rising number of timing errors or retries on some operation. • Message response time in a client-server architecture. • An increase in the amount of application memory usage. • A sensor that detects mechanical problems such as vibrations in a motor or pump.
Describe the difference between Synchronous and Asynchronous messaging.
Synchronous messaging almost always describes a client-server architecture and implies a synchronization between the client and server processes. That is when the client makes its request of the server, the client's execution (thread) is halted (block) until the service delivers a response. Asynchronous messaging describes a messaging protocol. Communicating processes share a peer-to-peer relationship and their execution is not synchronized. A process is capable of sending messages with application-specific properties but are not addressed to a 'server' process. Instead, a second process can request that messages with certain properties be delivered to it. Between the sender and receiver processes is a 'middleware' server that routes messages from sender to receiver based on the properties maintained on the message.
Which of the six quality attributes is most likely to be in contention with the other five? Why?
System performance is often in contention with the other five. This is because maximizing performance often requires comprises to other aspects of the design. For example, isolating and/or encrypting sensitive data requires additional processing to access the data which reduces the number of transaction that can be processed per time unit. Increasing modifiability or availability often involves introducing additional layers of abstraction or indirection which because of additional processing also hurts performance.
How is the Layered Architecture Pattern related to implementing a distributed object framework like SOAP?
The Layered Architecture Pattern describes how the client and server interact across a network communication channel that has been decomposed into layers. As shown above, the client logically interacts (calls) with the service (server). Physically, the client interacts with the adjacent layers (down one side and up the other) to the service object. The stack is made up of the technologies and infrastructure that have been selected to implement the system e.g. SOAP, JSON, HTTP, etc.
What are the three roles the Monitoring Agent plays in implementing availability tactics?
The Monitoring Agent is responsible for: 1. Detecting: Monitoring the components under its supervision for faults. 2. Reporting: Reporting any faults detected. 3. Acting: Executing programmed actions designed to recover from or prevent the fault from becoming a failure.
Which tactic / pattern would you use to make necessary changes to a service while maintain the old service interface for existing clients. Briefly describe the Bridge pattern.
The bridge pattern is an object that is placed between existing clients and a service whose interface has been modified to the extent that existing clients will no longer compile / work against. It. The bridge class / object maintains the old service interface for existing clients and translates each of the old interfaces into a format that can be used to invoke the new service interfaces. The bridge is a stop-gap measure that allows a new service to be deployed without needing to modify possibly many client classes.
How can the subject matter expert contribute to increasing the modifiability of the system's design?
The customer can identify those features of the system which are most likely to require modification / extension in future releases. With this information, the system architects can utilize the tactics described in this section to design the components implementing the identified features to be modifiable.
What design pattern is suggested to implement and encapsulate application workflows between the user and the system?
The design pattern is MVC i.e. Model, View, Controller. The Model describes the data being manipulated (CRUD) by the system. Views are presentations of the state of the models i.e. GUI screens that present the entity to the user. A Controller is an 'orchestrator' class that takes responsibility for implementing an application's workflows.
What is meant by a "service's granularity"? What is the trade-off in defining the granularity of services provided by a SOA architecture?
The granularity of a service refers to how much is accomplished by the service. Large grained services have these characteristics • They implement several steps in a workflow in a single operation. • They assume several responsibilities in the overall system's design. • They are likely to encapsulate application-specific business rules (bad). Fine (small) grained services are just the opposite in that they implement simple, single responsibilities and will need to be combined with other fine-grained services to accomplish something useful. The trade-off is: Because large grained services encapsulate several processing-steps / responsibilities, it is less likely they can be utilized in a wide range of applications. This is because it is unlikely that more than one application will require all of the responsibilities encapsulated in the large grained solution. Because fine grained services accomplish little, the application will be required to combine the invocation of several services in its workflow to accomplish something useful. In a monolithic application, a large number of service invocations would not be a problem. However in a SOA application, each service invocation requires a distributed (network) SOAP operation which is much slower than a method call and the overhead of many invocations can make the overall application's performance unacceptably slow.
What two pieces of information does the client need to establish a connection (socket) with a service process that has been established on the network?
The network address of the machine hosting the service process and the port number that the service process has attached to and listening for incoming connection requests.
What is the difference between resource management via the Singleton and Object Pool design patterns? (This question may require researching)
The object maintained as a singleton is shared across the entire system so it must be thread-safe or must be restricted from being accessed by more than one thread at a time. Like the singleton, the object pool is a service that provides access to a service class for a client without requiring the objects be created and initialized before each use e.g. database connections are expensive to create and destroy. The difference between the patterns is that pools can be used to manage objects are not thread safe. In order to allow multiple requests / threads to be concurrently serviced, the object pool maintains a collection of N objects and an interface that allows clients to checkout (obtain an object), utilize, and checkin (return to the pool).
Describe a proxy's relationship with the service interface and the proxy & reverse-proxy's role in the network stack.
The service object's interfaces (i.e. methods) are implemented in the proxy and reverse-proxy. The client interacts with the service proxy that translates service request (method and arguments) into a message that can be transported by the next layer in the stack. The message descends and ascends the stack until it is delivered to the server's reverse-proxy. The reverse-proxy parses the request message and invokes the correct method on the service object. The response generated by the service method (return value) is translated by the reverse-proxy into a network message that is returned to the client service proxy.
Describe two caching tactics that can improve the system's performance. What is the problem associated with caching?
The system can maintain information read from files or the network in memory rather than retrieve it a second time from the slow I/O channel. This is especially true of read-only data where we do not have to worry about the copy of the data maintained in memory from becoming 'stale' when the external source changes. The system can retain calculated data rather than re-calculate each time it is needed. The danger of caching information is that the data can become stale. For example, if we cache data read from disk (e.g. from a database), there is the danger that some other process will update the data maintained in the DBMS and our cached version will be out of date. The same is true of calculated data. If we cache a calculation it is possible that the underlying values that contributed to the calculated value can change.
Provide an example of two availability tactics used together to implement a fault tolerant system. Hint: Fault Detection and Failure Prevention.
The system's design may use a detection tactic to identify a faulted processor / component, and use a recovery tactic to mask the fault from the overall system. For example, the agent may utilize ping/echo or heartbeat fault detection to identify the fault and then utilize passive redundancy to recover the system from the fault.
What is the minimum number of processors needed to make the voting tactic work? Describe why this is the case?
Three processors are needed. This is because the voter compares three and faults the processor with the result that diverges from the other two. Obviously two processors would not work with this strategy.
What are two types of interactions between the system and the user implemented in a GUI?
User Initiated: An action taken by the user triggers an interaction with the system e.g. a mouse or keyboard event. System Initiated: An action initiated by (or detected by) the system triggers an interaction with the user. For example, a process monitoring application detects a condition that requires operator attention may signal the user using a visual and/or audible alarm.
Describe in some detail the purpose of the Service Proxy and Reverse-Proxy in a client-server distributed object technology like SOAP.
When we talk about distributed objects architectures, we are almost always discussing client-server. The role of the service proxy is to act as a proxy for the client when interacting with a server. The service proxy translates the client's service method call into a network message that will be transported to the machine / process hosting the remote service i.e. the proxy serializes the method's arguments into a message can be sent over a socket to the remotely executing service object. At the process hosting the service object, the reverse proxy translates the network message into a method call on the service object. If the method generates a return value (i.e. a function), the reverse proxy will serialize the return value into a network message which is the response message returned the client, where the service proxy translates the response back into the return value that is passed to the client object.
Describe the primary difference between the active and passive redundancy tactics?
With active redundancy, there are 2+ processors which receive each of the client's requests. The client uses the first response and ignores the others. Processors that have faulted will not respond to the requests. With passive redundancy, there is an active processor and standby processor(s). The active processor responds to the client's requests. The passive processor(s) do not. When the active processor faults the standby processor is required to take over request processing i.e. becomes the active processor. Passive redundancy assumes a monitoring agent that detects the faulted active and switches the processor's roles.
Describe the two methods of measuring performance described in the slides. Provide examples of both.
Work Performed: The amount of work the system can execute usually measured over a time period i.e. transactions (units of work) processed per minute. Event Response Time: The amount of time the system needs to respond to an event i.e. the amount of time between the arrival of and event and the execution of a handler routine. The amount of time needed to generate a response after receiving a request.
1. Briefly describe the TCP socket and its relationship with communicating processes. 2. How is each end of a socket presented to its process i.e. how does a process / thread use a socket to communicate with the 'other end' of the connection? 3. What is the primary mechanisms used to synchronize a receiving process with a sending process over sockets?
1. A TCP socket is a two-way communication channel between two processes usually on two machines separated by a network. (Sockets are also used to communicate between two processes on the same machine.) 2. Each end of the socket is presented as an input stream and output stream. A sending process 'writes' data to its output stream and the data is transported to the receiving process at the other end. The receiving process reads() the data from its input stream. Both ends of the socket have input and output streams so both ends can act as sending or receiving processes. 3. The socket's input stream is blocking i.e. if the receiving process / thread reads from its input stream, and the channel (socket) is empty, the thread will block until data is placed into the channel at the other end's output stream. This is how the receiver process / thread synchronizes with the sending.
1. Explain in a short paragraph how a load-balanced cluster works. 2. How does this tactic protect the system from the failure in the event of a single processor fault? 3. How does this tactic accommodate scaling of the system's throughput?
1. A load balanced cluster is a set of N processors, each of which provides the same services i.e. runs the same software. The cluster includes a 'load balancer' which is a simple device which assigns incoming requests to processors in the cluster. The balancer utilizes some algorithm that determines which processor to assign the next incoming request e.g. round-robin assigns request to P1, 2, 3, 1, 2, etc. 2. The load balancer is also a monitoring agent capable of detecting when one of the cluster's processor has failed. This could easily be done using ping / echo. When a failed processor is detected, the balancer can suspend assigning request to that processor until such time as the fault is repaired and the processor becomes available. This tactic works when all of the processors are able to respond to incoming request i.e. are executing the same services. 3. The system's performance can be scaled up by adding additional processors to the cluster. Additional processor roughly equates to addition request processing capacity. Naturally, this strategy of adding additional processors will not scale (1x, 2x, 3x, etc) indefinitely. There are always critical sections and shared resources which will block one or more processors when the resource comes into contention e.g. a shared database server.
1. Describe the purpose of the perimeter subnetwork. 2. How is a perimeter subnet established in the enterprise?
1. A perimeter subnet is an enterprise subnetwork that is accessible from the public internet. It is called a perimeter subnet because it lies on the edge between the public internet and the enterprise's private network. Publically accessible servers are placed in the perimeter subnet and not in the enterprise' private network. Perimeter subnets are also called DMZ. 2. As described in the slides, the perimeter subnet lies between two firewalls: the perimeter firewall and private firewall. The perimeter firewall separates the DMZ from the public internet and provides address translation as described above. The internal firewall separates the DMZ from the enterprise's private network. The internal firewall prevents traffic that originates in the DMZ from accessing the private subnet. Its purpose is to protect against intruders that manage to break into the DMZ from having access to the private network.
1. Describe how symmetric Single Key Encryption works. 2. What is the problem to be overcome when using symmetric keys?
1. A symmetric key is be used for both the encryption and decryption operation described above in question 1. 2. The main problem is 'shared key distribution' i.e. providing the key to both parties wishing to exchange secret messages. Assuming one of the two parties generates the key, the key must be sent to the other party in a secure channel to keep MITM from obtaining the key and decrypting the cypher text. This is a classic Catch 22: We need a secure channel to distribute the key and can't establish the secure channel using symmetric keys until the key is distributed.
What are three categories of modifiability tactics described in the slides?
1. Anticipate future change through the use of extension points. 2. Reduce coupling between components. 3. Architectural patterns that enhance modifiability e.g. Factory patterns and deferred binding.
1. Describe the meaning of Authentication. 2. Describe the meaning of Authorization. 3. Describe the purpose of "Roles" in determining a client's access-rights to a service.
1. Authentication refers to the establishing the identity of a client that wishes access to a protected service. This is most often accomplished by challenging the client to submit an id & password, but can be established using PPK and other techniques. 2. Once the client's identity is established (authenticated) a method of describing what services the client is authorized to access. 3. A user / client's identity in the system includes their role in the system's operations. Each client is assigned one or more roles. Each role identifies a system service the client is permitted to access. If the client attempts to access a service and they lack the needed role, the client will be denied access to the service.
Match each of these stimuli to one of the six quality attribute it best matches: 1. System crash or failure in response to invalid inputs. 2. Change in system configuration or adding additional features to the system design. 3. The arrival rate of work / events to be processed. 4. Unauthorized access to the system. 5. Determining the correctness of a completed project iteration. 6. Minimizing the potential for user entry errors.
1. Availability 2. Modifiability 3. Performance 4. Security 5. Testability 6. Usability
What are the 6 quality attributes the chapter is concerned with?
1. Availability: The ability of the system to remain available in spite of abnormal processing conditions including system failures, incorrect inputs, and others. 2. Modifiability: The ability of the system to accommodate changes to the system's services or environment the system executes within. 3. Performance: The ability of the system to meet expected execution requirements such as response time and transactions executed per minute. 4. Security: The ability of the system to prevent or detect unauthorized access to services or data maintained by the system. 5. Testability: The ease in which defects (bugs) in the system's components can be identified. 6. Usability: The ease in which the system's users are able to productively use the system.
Briefly describe the six steps presented in the slides that describe the process of a client making a request for services across a network connection.
1. Client obtains the network address of the server. 2. Client creates a connection (socket) to the server across the network. 3. Client sends a request message to the server and waits for a response. 4. The server processes the request message and produces the information needed by the client. 5. The server builds and sends a response message with the needed information back to the waiting client. 6. The client continues processing with the information in the response message.
What are the Four Structural Qualities of well-designed architectures?
1. Cohesive / Loosely Coupled Components: The architecture should be feature components whose functional responsibilities are allocated on the principles of information hiding and separation of concerns i.e. encapsulated, cohesive, and loose coupled designs. 2. Encapsulation w/ Interfaces: Each component should have an interface that encapsulates changeable aspects of the implementation. Interfaces should allow multiple teams to implement their components independently of each other. 3. Based on Architectural Patterns: The architecture should be based on architectural and design patterns. There should be a minimum of wheel reinvention when solid, well understood solutions are available. 4. Maintain the Design's Integrity: The system should do the same things in the same way throughout. Consistently use the same patterns and control-strategies.
1. Describe container-based authorization. 2. Describe application-based authorization.
1. Container based authorization are mechanisms built into the application deployment container (e.g. Tomcat) that verifies a client's access-rights before permitting the client access to the protected service. The service's configuration in the container includes the roles needed to access the service. Container-based authorization is easy to configure. It requires no special code in the service implementation to utilize role-based access-rights. However container-based authorization lacks flexibility in determining whether access is granted. 2. Application-based authorization are role-based checks that are implemented in the service's implementation. This involves embedding access-rights checks directly in the system's implementation by the software developer. This makes application-based authorization difficult to maintain. However, application-based authorization allows the developer to implement sophisticated rules for service access that goes beyond what can be accomplished using container-based approaches. For example, access control rules can include roles and the time of day when making a decision concerning access to controlled services.
Name and describe the purpose of each of the basic XML elements of a SOAP message.
1. Envelope: The Body element is the outer wrapper of the inner two Header and Body elements. 2. Header: The Header element contains routing and transport related XML elements. This is the information needed to route the message to the correct message handling endpoint so that its Body can be processed. 3. Body: The Body element contains the application-specific message elements that is the payload being transported between sender and receiver i.e. request or response message in a client-server architecture.
What are the four advantages of JSON given in the slides?
1. JSON consumes fewer resources with smaller messages when compared to XML. 2. JSON is built into JavaScript and so is easily utilized in browser-based applications. 3. JSON provides the same structural advantages of XML i.e. lists, maps, objects and nested structures. 4. JSON offers many server-side generator and parsing tool for translating objects and data structures to / from JSON-encoded strings.
Identify each of these example application as being better suited for a SOA or Microservice architecture. 1. A Spotify-like streaming service 2. A retailer making purchase request from one of several vendors 3. A service that relies on industry standard message formats 4. A single-page application
1. MS 2. SOA 3. SOA 4. MS
1. What is meant by Message Authentication? 2. How is PPK used to authenticate messages?
1. Message authentication is a means of validating that the sender of a message is who they claim to be. For example, an organization wishes to send a legal document to a second party who in turn needs to authenticate the identity of message's sender. That is, the second party needs proof that the document was in fact created and sent by the sender and not an attempt to impersonate the sender. 2. The PPK algorithm can be used to 'sign' the document. The sender can use their private key to encrypt the document into cypher text. Only the sender's public key can decrypt the cypher text back into the original document. In this way the receiver can be assured that the sender originated the document as only the sender has access to their private key.
1. Briefly describe the three Fault Detection Tactics discussed in class. 2. Which of these tactics requires a two phase exchange of messages between the monitoring agent and the component being monitored? 3. Which of these tactics does not require a monitoring agent to implement?
1. Ping / Echo, Heartbeat, & Exceptions Ping / Echo is the two phase protocol where the agent sends a 'ping' message to the component and the component replies with a 'yes I am' echo message. Heartbeat is a single message periodically sent by the monitored equipment to the agent i.e. once every minute. The agent detects a component failure when it stops receiving the component's heartbeat. 2. Ping/Echo requires two phase exchange. 3. Exceptions are generally used to detect and act on faults internally to the process, and doesn't rely on an external monitoring agent.
Identify the type of coupling described by each of the following statements. 1. The correct operation of a component depends on the accuracy or frequency of the data it is provided. 2. A client component cannot operate correctly if an instance of a server cannot be created or located. 3. The correct operation of a service component depends on the order in which information is passed from its clients. 4. The correct operation of a service depends on the allocation of resources controlled by a different component. 5. A client must be aware of the physical address of its servers.
1. Quality of Service 2. Existence Of 3. Sequence Of 4. Resource Behavior Of 5. Location Of
What are resource demand tactics given in the slides to use if the rate of essential and nonessential event delivery exceeds the system's capacity i.e. the events that must be processed?
1. Reduce the rate of delivery of nonessential events in favor of events containing important information. 2. If event delivery cannot be controlled, ignore nonessential events (to the extent possible) to free up processing capacity for the essential events.
1. What is the meaning of "Regression Testing"? 2. Why is regression testing important when the project utilizes an iterative (incremental) process?
1. Regression tests are designed to uncover faults that have been introduced into the system's implementation during implementation. Generally, these are faults in features / interfaces / services that were once working correctly but have been broken (regressed) during recent development activities. 2. Regression testing is especially important in an incremental development process where new features are continually being added during each iteration and each new addition may break code that was added (and working) from a previous iteration.
1. What is Secure Socket Layer (SSL)? 2. Describe the 4 steps involved with establishing a SSL connection.
1. SSL is a secure TCP socket (two-way communication channel) whose contents is encrypted on the sending side and decrypted on the receiving side. The encryption is accomplished using a fast Single Key Encryption algorithm. The problem with establishing a secure socket is distributing the symmetric key to both parties across an insecure internet. PPK is used to encrypt the symmetric key so that it can be securely sent across an unsecured socket. 2. The steps in this process have been described in the slides. a. The client (e.g. a browser) requests a SSL connection with the server. b. The Server provides the client its signed certificate that contains the server's public key. c. The client generates a shared symmetric key, encrypts the key with the server's public key, and send the encrypted shared key to the server. Only the server can decrypt and use the shared key. d. With the shared key held by both client and server, the data passed over the TCP socket can be encrypted / decrypted at both ends of the connection creating a secure communication channel.
1. Describe the purpose of protected subnetworks. 2. How is a protected subnet established in the enterprise?
1. Servers that maintain sensitive data (e.g. a database that maintains customer credit card records) cannot be maintained in the DMZ or the enterprise's private network. These sensitive servers must be protected from intrusions that originate from internet (DMZ) and from the enterprise's private network (an inside job). To facilitate the protection of these servers, the enterprise configures a third protected subnet where the sensitive servers are placed (see the slides). 2. The protected subnet is connected to the DMZ through a third internal firewall. The internal firewall serves to prevent access from intrusion from both the DMZ and from the enterprise's private network.
What are three GOF design patterns that can be used to implement the Resource Management Tactics described in the slides?
1. Singleton Pattern 2. Factory Pattern 3. Object Pool Pattern
What are the six components of a Quality Attribute Scenario?
1. Source of Stimulus : Whatever generates the stimulus e.g. an internal or external failure. 2. Stimulus : The condition that arises in, or is delivered to the system. 3. Artifact : The part of the system effected by the stimulus (Sometimes the entire system or a subsystem, sometimes a single component). 4. Environment : The system's state that exist when the stimulus occurs or arrives. 5. Response : The activity undertaken by the system (component) in response to the stimulus e.g. to remove or mitigate the effects of the stimulus. 6. Response Measure : The quality or metric that quantifies the effectiveness of the response.
What are the three categories of Availability Tactics?
1. Tactics that allow the system to detect system faults. 2. Tactics that allow the system to recover from system faults. 3. Tactics that allow the system to prevent system faults.
1. How is the public and private keys (PPK) used to encrypt data? 2. How does PPK solve the key distribution problem? 3. Why do we still need Single Key Encryption when PPK is available?
1. The PPK (aka RSA) algorithm relies on a utility to generate a 'key pair' that contains a matched set of public key and private key. The public key is intended to be distributed to anyone that wishes to communicate securely with the holder of the private key i.e. the pubic key is 'public'. The private key is to be held securely by the key owner. Each key (public or private) can be used to encrypt a message / data into cypher text that can only be decrypted using the alternate key. For example, to send a secure message, the sender would use the receiver's public key to encrypt the message into cypher text that can only be decrypted with the private key. The owner of the private key is assumed to securely hold their private key(s) so only the key holder is able to read the sender's message. 2. Unlike Single Key Encryption, the public key can be openly distributed across unsecure channels. For example, the owner of the key pair can email their public key to anyone they wish to securely communicate with. Certificate Authorities (CA) is an organization that securely distributes pubic keys to the public in 'signed certificates'. 3. Although PPK is revolutionary in how keys are exchanged, the actual encryption / decryption algorithm is computationally expensive and not practical when used to create secure communication channels. Single key encryption algorithms are an order of magnitude faster than PPK. However PPK plays an important role in establishing a secure channel by allowing the secure exchange of the encryption / decryption key using a public key. See the slides concerning SSL for detailed explanation of how this is accomplished.
What are the six practices that produce quality architectures?
1. The architecture should be the product of a single architect or a small team with an identified leader. Move the team towards the system's design goals. 2. Provide the architect the system's functional requirements and a prioritized list of quality attributes i.e. security > performance > extendibility etc. 3. Communicate the architecture to the stakeholders. The stakeholders understand how their concerns are being addressed. 4. Evaluate the architecture's ability to meet functional and quality requirements early in the project lifecycle. 5. Maintain the architecture's documentation. 6. Look out for resource bottlenecks. Performance Bottlenecks i.e. Database performance is usually an issue. Project Resource Bottlenecks i.e. the size of the development team vs. the number of features and delivery schedule.
Describe the layers of an enterprise's SOA infrastructure.
An enterprise's SOA infrastructure can be partitioned / categorized into 2-3 layers / categories. Task Layer: This layer contains the applications that implement workflows. Components in this layer are orchestrators (controllers) that utilize the agnostic services provided in the Service Layer. Service Layer: This layer contains enterprise's agnostic services. That is, the capabilities that are combined by controllers to implement the enterprise applications / workflows. Utility Layer: This layer is optional. It maintains services that are not service specific. That is, services that can are utilized by multiple services e.g. persistence, logging, configuration, etc.
1. What is meant by public and private networks? 2. Describe the purpose of a Firewall. 3. Describe what is meant by 'Address Translation' between public and private networks.
1. The internet standards define ranges of IP addresses that cannot be used to address publically accessible networks. For example, Class C networks fall into the range 192.168.xx.xx and servers that are meant to host a publically accessible service cannot be assigned an address in this range. Enterprise and private networks use private addresses. 2. A firewall is a device that manages network traffic between two networks, typically the public internet and a private subnetwork. A firewall is configured to block all network traffic between these networks except for traffic from the internet addressed to servers hosting publically accessible services. 3. A publically accessible service must be reachable at a public internet address. But to increase protection from threats from the internet, machines hosting those services are placed on private networks. The firewall provides an address translation mechanism that forwards network traffic aimed at a public server address to the private network address of the server in the enterprise network.
Describe two methods that can be used to synchronize the state of a new or restarted processor when it is introduced to the cluster.
1. The new processor can request the state from the active processors using network messages or some other inter-process communication. 2. The system's state can be maintained on, and recovered from, a repository such as a database or distributed cache.
Provide a brief description of the three goals of modifiability tactics.
1. To add new services without the need to modify the implementation of existing (working) services. 2. To make changes without modification of the system's existing architecture and high-level design. 3. Minimize the cost of development, testing, and deployment of new services.
Name and describe the two types of testing described in the slides? Which of these two is used to determine whether the system meets its non-functional requirements e.g. security or performance?
1. Unit Testing: Testing of individual classes or components in the implementation. Integration Testing: Testing of the system as an integrated, functioning whole. 2. Non-functional testing is performed against the integrated system so would be considered an integration test.
Fill in the blanks: 1. Agile system designs should be good enough i.e. with no _______ _______. 2. Microservices emphasize _______ in both design and implementation. 3. Microservice identify the service to activate using both the HTTP _____ and _____
1. unnecessary complexity 2. simplicity 3. HTTP Request Type and URL
Which of the following is an advantage of monolithic architectures? 1. Reuse of individual components 2. Transactional performance (TPM) 3. Loose component coupling 4. Application modifiability / extensibility
2 because components are linked into a single executable module and not interacting over a client-server network connection.
What is the role of a workflow controller in a SOA-based application?
A SOA application is created by combining multiple agnostic services through a workflow that describes the decisions and other application-specific business logic that tie the services together. For example, producing a report that describes an ecommerce customer's purchasing habits will require information about the customer, their purchase history, and the products purchased. Each of these information sources are provided by an individual SOA service. However, a report-specific workflow is also needed. The workflow gathers and aggregates information from these three services into the presentation needed by the report.
In two short paragraphs: 1) Describe System Faults and System Failures 2) The relationship between the two in terms the System's Availability.
A failure occurs when the system is unable to deliver one or more of its design services to the users. A fault is a runtime problem that occurs during system's operations that does not necessarily result in a failure. If the fault can be masked from the users by some recovery or preventative measure the system design has employed (a recovery or preventative tactic) the fault does not become a failure.
Describe the differences between a service implemented as a monolithic application and in a Service Oriented Architecture.
A monolithic application is the traditional executable file. An application that is written and compiled into an executable module, and is run as a process on a host machine. The services and business rules that define the application are maintained in a static executable. Changes to either the rules or services require the module be recompiled and redeployed to take effect. A SOA application is defined as a collection of simple, discrete services and a workflow that coordinates and ties together the activation of SOA services. Services are maintained as individual network endpoints that are accessed using SOAP or another network protocol. Applications / workflows are created to solve individual problems and are maintained independently of the services they use.
Describe the problem of, and general solution to, secure message transfer over the internet.
A system has the requirement of transporting a 'secret' message over a network channel. Because the channel is inherently insecure (i.e. a Man-In-The-Middle can observe the data as it moves from send to receiver), the system needs a means of making the message unintelligible to the MITM. This requirement is met by encrypting the message at the sending end into unintelligible cypher text which is sent across the channel. The receiver decrypts the cypher text back into the original message.
Explain how the use of an interface decreases the coupling between the client and server's implementation?
Abstracting the service's public methods into an interface allows the architect to decouple the service from the service's implementation. Notice in the following diagram that the client now interacts with an interface. In practice, any implementation of the service can be provided to the client without any changes to the client's design.
Describe the meaning of "agnostic services" when describing the design of a SOA service. Describe why SOA architects strive to design 'agnostic services'?
An Agnostic service is agnostic of the applications in which they are used. Agnostic services are not written to the requirements of any specific application. Agnostic services are more likely to be applicable in several application workflows. Each agnostic service provide a single, cohesive capability to the enterprise it serves. This makes an agnostic service applicable to the widest possible range of applications in their problem-domain. SOA Architects are concerned with providing a catalog of agnostic services that are useful to analyst.
What is the meaning of the term "extension point" in a software design? Where do extension points come from? What is an example of how extension points can be incorporated into a design?
An extension point is a feature of the design intended to simplify the inclusion of new features into the system i.e. to extend the design with the least impact on the implemented features / code. An extension is a feature identified by the SME / requirements that will not be included in the version of the system currently under development, but is expected to be included in future system releases. The extension point is placed into the design to make the eventual implementation less intrusive into the system's implementation i.e. less reworking of existing services when integrating the new service(s). Grader: There may be other valid examples... For example, the use of inheritance and polymorphism can be used to add new a new feature as a subclass of an existing abstract operation or command. For example, the use of an interface to decouple a service from its definition allowing the replacement of the service's implementation with little impact on the service's clients.
What are the two user roles used to make SOA successful? What are the characteristics of each of these roles?
Architect and Developers are needed to design, construct, and deploy SOA services. This role requires both a deep understand of the application domain (to build successful services) and a deep understanding of the technologies used to implement the SOA. Business Analyst employs the tools and services provided by the SOA to solve their business problems. The Analyst also requires a deep understanding of the application domain, but only minimal technical skills to build and deploy solutions
What does DevOps stand for? What are three of the advantages of DevOps given in the slides?
Development and operations 1. DevOps is agile development and deployment processes. 2. DevOps is responsive to customer's needs. 3. DevOps produces higher quality applications (fewer bugs, etc.)
What are the REST interpretations of the four HTTP request types discussed in class?
GET: Return a Resource. PUT: Create a Resource. POST: Request a Service. DELETE: Remove a Resource.
What type of system resources is almost always the bounding factor in a system's performance?
I/O: Transferring data into or from the system is almost always the bounding factor in its performance. For example, disks, network connections, serial devices, and human interfaces all operate as speeds that are several orders of magnitude slower than the processor.
Describe how multi-core processors are employed to increase a system's event processing rate.
If the processor provides multiple cores, it is capable of executing multiple threads concurrently (at the same time). In this situation multiple treads can be tasked with handling multiple events simultaneously increasing the event processing rate linearly (in theory, but seldom in practice) with the number of processors.
What are the benefits that Quality Attribute Scenarios have over Non-Functional Requirements?
Non-functional requirements are simple statements that describe some aspect of the system's design. Quality Attribute Scenarios are specific in that they: 1. Describe specific conditions (stimulus) that effect the system's execution. 2. Describe specific features of the system's design that address the issue or mitigate the effects of a failure. 3. Describe metrics that measure the effectiveness of the proposed solution.
Define "Conceptual Integrity" in a system's design.
Put another way, conceptual integrity means 'doing the same things the same way". There are usually 1-2 overarching architectural design patterns that should be adhered to throughout the system's design. If the pattern is ignored or violated by some aspect of the system's implementation this is a violation of the architecture. For example, if a web application's architecture uses the three-tier architecture, all the components having access to the database should be located in the 'service tier'. If a developer embeds a database access in the presentation tier (GUI), it is a violation of the architecture and of the conceptual integrity of the system's design.
What are the three steps in registering and accessing a remote service object through a service registry e.g. SOAP UDDI.
Registration: The process hosting the distributed service object starts and creates the service object instance. The process then uses the distributed technology (e.g. SOAP) to register the service object' information (including its address & port) with the registry service. It does so by interacting with the registration (naming) service that is running behind the enterprise firewall or as a public service. Service Lookup: The process hosting the client object contacts the registration service searches for a service using names or other criteria that matches the information provided by the server during its registration. The registration service responds with information used to contact the server object. Remote Access: The client object uses the server's information to establish a connection with the remote service and make service requests.
What is the major goal of deploying SOA in the enterprise?
SOA principles and the supporting tools and servers (Enterprise Service Bus) allow non-technical business analyst (experts in the enterprise business domain) to create solutions to problems without the need for programming, database, networking, and other IT skills. Analyst utilize an ESB workbench that provides them access to catalogs of available services. The workbench provides an authoring tool that allows them to graphically define an application (workflow) using nodes and edges much like a UML editor. Applications are maintained and executed by the workbench and ESB infrastructure.
How does Microservice differ from SOA in terms of how services are developed? Hint: Smart Endpoints, Dumb Pipes.
SOA provides rich, but complex infrastructure on which services are defined, hosted, and discovered. Enterprise Service Bus is an example of a capable but complex tool that provides the capabilities needed to host and manage SOA services. ESB provides authentication, routing, transformation, connectors and many other smart capabilities to the SOA developer. All this makes an ESB a smart pipe that lies between the client and server. Microservices relies on a dumb (minimal) pipe between the client and server. MS utilizes the basic HTTP protocol to facilitate the delivery of a client's messages to the service. MS's approach is to embed the complex services provided by an ESB in the server or client applications as needed. MS embeds it's smarts in the Client & Server service endpoints.