Sunday, December 27, 2009 |
|
|
One way to approach the different architectural implications is to look at the various vendor offering and see how they match to the various application types.
You can divide the cloud vendors into four categories, although one vendor might have offerings in more than one category:
Platform as a Service providers
Software as a Service providers
Application as a Service providers
Cloud Appliance Vendors
The Platform as a Service providers attempt to provide a cloud operating system for users to build an application on. An operating system serves two basic functions: it abstracts the underlying hardware and manages the platform resources for each process or user. Google App Engine, Amazon EC2, Microsoft Azure, and Force.com are examples of platform providers.
The most restrictive platform is the Google App Engine because you program to the Google API which makes it difficult to port to another platform. One the other hand, precisely because you program to a specific API, Google can scale your application and provide recovery for a failed application.
At the other extreme is Amazon. Amazon gives you a virtual machine which with you can program directly against the native OS installed on the virtual machine. This freedom comes with a price. Since the Amazon virtual machine has no knowledge about the application you are running, it cannot provide recovery or scaling for you. You are responsible for doing that. You can use third party software, but that is just a means of fulfilling your responsibility.
Microsoft tries to achieve a balance between these two approaches. By using .NET you have a greater degree of portability than the Google API. You could move your application to an Amazon VM or even your own servers. By using metadata to describe your application to the cloud fabric, the Azure infrastructure can provide recovery and scalability.
The first architectural dimension (ignoring for a moment the relative econonmics which will be explored in another post) then is how much responsibility you want to take for scaling and recovery vs. the degrees of programming freedom you want to have. Of course the choice between the Google API and Microsoft Azure might come down to the skill set of your developers, but in my opinion, for any significant application, the architectural implications of the platform choice should be the more important factor.
|
|
|
|
|
Thursday, December 24, 2009 |
|
Thursday, November 05, 2009 |
|
|
One of my clients,
ITNAmerica has become a Microsoft case study for the idea of software +
services. The idea behind software + services is that software should run where
ever it makes sense: in the cloud, on the desktop, or on a mobile device, not
just in a thin client such as a browser.
Latency, bandwidth
limits, and the need for software to
work if the connection to the cloud disappears makes this a logical
approach. Anybody who has tried to get a
cell phone signal should understand the issues about continual connectivity.
Curt Devlin, a
Microsoft evangelist, demonstrates another reason why this approach makes
sense. It makes the transition to a cloud provider such as Azure much simpler.
If you want some
further ideas on how to take a software + services application to a cloud
platform. Check out my recent ARCast on "Software + Services in the
Cloud."
|
|
|
|
|
|
 ARCast.TV Special - Michael Stiefel on Software as a Service in the Cloud The Architecture Innovation Cafe presents my discussion of Software as a Service in the Cloud, I discuss how architecting and building a software as a service application requires solving a series of problems that are independent of a particular software platform. I focus on three areas of designing and building the application that you can leverage on new platforms such as Microsoft Azure.
Tags
ARCast, Architects, Architecture, Cloud Architecture, Cloud Computing, Cloud Patterns, Cloud Services, Software + Services, software as a service, Windows Azure
|
|
|
|
|
Wednesday, November 04, 2009 |
|
|
The application delivery scenarios focus around software as
a service. Software as a service applications fall into three varieties: pure
service, and software + service, hosted application.
The hosted application scenario is similar to hosted
application delivery. Examples are SalesForce, or Hosted Microsoft Exchange.
People provide or buy an application that runs in the cloud. At the other
extreme is the pure service play. Providers create web services (SOAP or REST
based) that provide services used by other applications. Examples are credit
card approvals, or certain loan applications. Applications written by third
parties use this software to compose their applications in conjunction with
their own software. Then there is the mixed play. Providers create both web applications
and web services to be used by third parties. These applications consume the
same web services that are available to others to build their own applications.
This is often done to allow the provider to share the web services among
various offerings, or because they need to boot strap the application
marketplace. The need for rich clients does not necessarily disappear here. If
applications (such as emergency services) have to run with loss of internet
connectivity, stand alone apps may be necessary with synchronization software
used when connectivity is re-established. Transactional queuing is not enough
here because substantive work has to be done by the rich client app when
connectivity is absent.
Internet scale is the last class of application. The first
scaling factor is number of users. In order to achieve such scale you may to
use cloud features such as tables (Google Big Table, Azure Tables, Amazon
Simple DB) instead of or in addition to relational databases. Note that
transactional guarantees are often impossible to make here. The second scaling
factor is geographic distance. If your clients are geographically separated by
enough distance, the latency caused by the speed of light in fiber optic cable actually matters. You
may have to use the cloud features mentioned previously to achieve the responsiveness
for writeable data because transactions, especially distributed transactions
are not feasible to achieve scalability.
The next post in the series will start to discuss the architectural implications of these different types of applications.
|
|
|
|
|
Wednesday, October 28, 2009 |
|
|
Cloud computing is utility computing. No up front commitment
required. You buy only what you need, and when you do not need it any more you
do not pay for it.
There are three basic cloud computing scenarios:
infrastructure scenarios, application delivery scenarios, and scaling
scenarios. These scenarios are not independent, one or all of them can come into
play. Each, however, has different
technological implications.
The three basic scenarios are: infrastructure, application
delivery, or the need to reach internet scale.
Fundamentally, cloud computing is a software delivery
platform. Are the economics of working with the cloud cheaper than doing it
yourself? Doing it yourself could mean self-hosting, or traditional delivery of
desktop software. Self-hosting could be in your own data center, or in a
hosting facility.
Not needing to build to your peak capacity drives the
infrastructure scenarios. This is not an all or nothing proposition.
Some small and medium sized companies may decide they do not
want to run their own data centers. The savings in terms of not having to buy
machines and pay employees is enormous. This money could be put to use in
building better applications. This might be the entire compute infrastructure,
or just running an email server.
Other companies may have an occasional need for massive
computation. Say you have to do a stress analysis of a new airplane wing, or a
geographical routing of a complicated delivery, decide among alternative new financial models, or even a human genome search. Any of the classic grid
computations fall into this category. Your existing infrastructure is just fine, but for these not
every day scenarios (they might actually be frequent) it makes sense to rent
space in the cloud to do the computations.
A related scenario is cloud-bursting. You can handle your
everyday computing demands, but occasionally you get a burst of orders that
overwhelms your system. Ticket agencies are a classic example when tickets for a popular event first go on sale. So are stores
around the holidays. Here you use the cloud to handle the overflow so that
people wanting to order do not get unresponsive web pages, or busy signals on
the telephone.
Small divisions in large companies may find the cloud appealing
for prototyping, or even developing certain applications. Their central IT may
be unresponsive or slow to respond to their needs. It is well within the
capacity of a departmental budget to rent space in the cloud.
The next post will explore the other two scenarios, and look
at how the various vendor options would meet your needs.
|
|
|
|
|
Tuesday, October 06, 2009 |
|
Tuesday, August 11, 2009 |
|
|
Microsoft has yet to release all the details of its Azure SLA, but it has said that you will have a 99.95 per cent up-time for compute and 99.9 per cent up-time for SQL Azure.
How does this compare with my electric utility?
With my latest electric bill, my local utility listed its 2008 average number of service interruptions per customer as 1.051, and the average number of minutes without power for a customer at 78.55 minutes. So my electric utility has an up-time of .9998. I guess they don't get 4 or 5 "9"s either.
I presume these numbers include outages due to winter storms, but I do not know what the utility regulators allow them to exclude. Microsoft, to my knowledge, has not stated whether the SLA percentages include planned downtime for upgrades.
How many outage minutes per year could we expect with Azure under the SLA? That comes to about 262.8 compute minutes per year, or about 4.36 hours. Of course when those outages occur matters, and whether they are concentrated in one or many interruptions.
For SQL Azure that SLA is on a per month basis. So for data you could loose access to it for 43.8 minutes per month.
Is 4 hours a long time? Could you live without data access for 45 minutes a month?
For Facebook probably, for emergency services you would need some sort of fallback just like they have backup generators now.
I wonder what a cloud computing brownout looks like?
|
|
|
|
|
Sunday, July 05, 2009 |
|
|
I just did an interview on .NET rocks about cloud computing.
We covered a whole bunch of topics including:
what is cloud computing
comparing the various offering of Google, Force.com, Amazon, and Microsoft
the social and economic environment required for cloud computing
the implications for transactional computing and the relational model
the importance of price and SLA for Microsoft whose offerring is different from Amazon and Google
the need for rich clients even in the world of cloud computing.
|
|
|
|
|
Wednesday, June 24, 2009 |
|
|
One of the big advantages of cloud computing is its utility computing model. Customers can use as much compute power or as little as they want without paying for what they do not need. Normally, most data centers have to be built for peak demand, with the servers unused when they are not needed.
Utility computing is based on the electric utility model. While this comparison has a lot of merit, there is one particular part of the analogy that really does not work.
Data are not electrons.
If someone steals some of your electric power by diverting it, you can get replacement power. If one part of the country's electric demand exceeds its generating ability, it can get power from another part of the grid. One electron is as good as another.
Data has identity, latency, and relationships to other pieces of data.
If someone steals your data, another piece of data cannot take its place. if your data is stolen, or even delayed it, can aversely affect you. Depending on your resolution of the CAP Theorem dilemma, your replication strategy might leave you with a window of vulnerability for data loss.
Curiously, the argument has been made that the utlity computing model makes denial of service attacks unfeasible because the economics of trying to get enough bot driven computers to assualt a hugh data center is prohibitive. Sooner or later, somebody is going to try to get the servers of one data center to attack the servers of another data center. Hopefully, the software that monitors the transactions would realize that somebody is exceeding their credit limit. |
|
|
|
|
Tuesday, June 23, 2009 |
|
|
It's time for me to be interviewed on .NET Rocks again!
Carl and Richard will interview me about Cloud Computing. The interview will be published on June 30 at http://www.dotnetrocks.com/.
Based on my previous show (and related DNR TV segments) it will be a lot of fun to do and to listen to.
|
|
|
|
|
Wednesday, May 27, 2009 |
|
|
Many people have misconceptions about cloud computing. For example, applications do not have to be built so they are all in the cloud. You can put the application in the cloud (to handle parallel computation), and have the database in your enterprise. I was interviewed at TechEd about some of the misconceptions about computing in the cloud. Other misconceptions discussed include what size business is right for the cloud, the role of the browser, guaranteed connectivity, and cloud security. |
|
|
|
|
Wednesday, May 20, 2009 |
|
|
Small or medium sized companies can have the advantages of being able to act as a big company while maintaining the advantages of being small.
A hosted solution has many advantages.
You no longer need the staff, or have to spend money on installing and upgrading software on your clients' machines. Your customers and clients can use your application anywhere, not just on their office computers. If you provide services as well as an application, third parties can easily use your solution as part of their offering. Sometimes these services can be used in your own applications such as portals, or future applications. Perhaps your customers can extend your application making it more valuable to them. Having your application in the cloud means that your intellectual property (your secret sauce) is better protected because it is not in the hands of your users.
All these arguments also apply to small business units within a large enterprise.
Nonetheless, small businesses very often do not have the financial ability to economically run, or even rent a significant hosted application solution beyond a small scale web application.
Cloud computing offers a way out of the dilemma.
Cloud computing offers businesses a utility model for computation. Host your application on a cloud platform and you pay only for what you use. With minimal initial investment, you can scale up or down as your customers use more or less of your application or services.
With many cloud vendors (Amazon being a major exception) you do not even know on what infrastructure your machine runs on. Scaling and failover happen in those environments with minimal work on the client's part.
Clearly the cost and reliability of the cloud provider is crucial. Google's most recent outage shows that this is not a unreasonable fear. Private IT centers also have had their outages, but they are not made public.
Microsoft, Amazon, Google and others are spending huge amounts of money to build cloud data centers. Clearly they see the opportunity.
Right now many large companies already have data centers that can offer cheaper compute power than the current generation of cloud providers. This will eventually change.
But right now, small companies, start-ups, and other similar organizations should think about cloud computing for their hardware infrastructure. |
|
|
|
|
Sunday, January 25, 2009 |
|
|
I have uploaded the slides and code for my talk on Windows Azure at the Microsoft MSDN day in Boston on January 22.
The talk was a combination of slides from several PDC talks with some of my own additions. I went through the fundamental architecture of the Azure cloud operating system and the basic elements of the Azure cloud services (i.e. Identity, Workflow, Live, SQL Data Services).
I did two demos. The first was a simple thumbnail generator. It illustrated a simple, scalable architecture using web roles and worker roles that used the primitive Azure operating system storage for blobs and queues. It also demonstrated how you model and configure a cloud application. The second, using the SQL Data Services, demonstrated how to integrate a non-cloud application (on a desktop or server) with the cloud. The app used a variety of industry standard mechanisms (WS*, REST, HTTP Get) to create and query data.
|
|
|
|
|
Friday, January 23, 2009 |
|
|
I will be speaking at VSLive! San Francisco on February 25 on "Advanced Topics in Windows Workflow Foundation".
The conference will be at the Hyatt Regency Embarcadero from February 23-27. Workshops are offered on Feb 23 and 27. The conference sessions are on Feb 24, 25 and 26. If you register with promo code NS9F20 you will receive a $500 discount off the price. The event web site is vslive.com/2009/sf.
There is some great content that covers ALM and Development Tools, .NET, Data Management, Infrastructure, Rich Clients, Distributed Systems, and Web Development. I hope to see you there.
|
|
|
|
|
Sunday, January 04, 2009 |
|
|
"Once upon a time, we wrote a book called A Pattern Language and that is how we got our name. Now, a pattern is an old idea. The new idea in the book was to organize implicit knowledge about how people solve recurring problems when they go about building things. "
Christopher Alexander
What is a software pattern?
How do writers about software patterns decide what software artifacts are patterns? How do these writers decide what patterns are worthy of note?
Christopher Alexander is the writer most associated with originating the idea of a pattern as a design concept.1 As the above quotation makes clear patterns are about making explicit solutions to recurring problems that people have created.
So a pattern formalizes knowledge that the profession has already arrived at.
Alexander never defined the word pattern. Nothing wrong with that. In fact the whole idea that we should define all our terms before we use them is misguided. The best definitions emerge from discussion and debate. Relying on people's intuitive notions on what a pattern is, is better than trying to spend time defining what a pattern is. In fact philosophy has long realized that good definitions arrive over time and debate. 2
My dictionary has various definitions for pattern. To use "a model for making things" seems to be the most useful stake in the ground to start the discussion.
In other words, a pattern is not just a solution to a problem. It is an abstraction of a solution that can generate several possible implementations. This of course, corresponds to Alexander's use of the word. His patterns such as "agricultural valleys" or "house for one person" do not have one possible implementation.
So a good software pattern is not a software technology. Hence WS* and REST are not patterns. They are implementations of a standard.3 The standards operate the same way on different platforms. This is no different than a mold for a cup being used to cast a bronze or sliver cup.
Given this point of view, a looping construct is not a pattern. A linked list is not a pattern. What about file systems? Anybody who remembers JCL realizes that there is more than one way to work with disk sectors.
But don't looping constructs come in several flavors? Aren't they different ways to solve the problem of control of software programs. Way back in the early days of computing people had to come up with these various ways of handling control flow. They were not divine revelations; that had to be invented. Anybody who remembers the arguments over the use of "goto"s , whether programs should have single or multiple entry and endpoints, or whether co-routines were a good idea might think of all of these as control flow patterns.
It is just that we take them for granted now that we might not consider them as patterns, just as technological givens. So patterns do need a context. Whenever somebody discusses patterns you need to clarify the domain of discourse. There are certainly patterns in certain "application domains" such as "double-entry" bookkeeping in accounting.
In fact looping constructs, assignment constructs and the like perhaps should be considered patterns once again. The rise of multi-processors, and distributed computing force us to think once again about what it means to do an assignment statement. In a distributed environment, where there is a latency in updating the value of any value, saying "x=y" is not always simple.
Whenever you discuss patterns, you must state the context in which you are talking. A pattern in one context could be a foundational technology in another context.
- http://www.patternlanguage.com/leveltwo/caframe.htm?/leveltwo/../bios/douglea.htm
- http://www.sfu.ca/philosophy/swartz/definitions.htm
- The OAIS reference model for SOA (http://docs.oasis-open.org/soa-rm/v1.0/soa-rm.pdf) would consider WS* and REST as implementations.
|
|
|
|
|
Wednesday, October 29, 2008 |
|
|
At the PDC Microsoft announced its answer to Amazon and Google's cloud computing services.
This answer has two parts: the Azure platform and hosted applications. Unfortunately people confuse these two aspects of cloud computing although they do have some features in common.
The idea behind Azure is to have a hosted operating systems platform. Companies and individuals will be able to build applications that run on infrastructure inside one of Microsoft's data centers. Hosted services are applications that companies and individuals will use instead of running them on their own computers.
For example, a company wants to build a document approval system. It can outsource the infrastructure on which it runs by building the application on top of a cloud computing platform such as Azure. My web site and blog do not run on my own servers, I use a hosting company. That is an example of using a hosted application.
As people get more sophisticated about cloud computing we will see these two types as endpoints on a continuum. Right now as you start to think about cloud computing and where it makes sense, it is easier to treat these as distinct approaches.
The economics of outsourcing your computing infrastructure and certain applications is compelling as Nicholas Carr has argued.
Companies will be able to vary capacity as needed. They can focus scarce economic resources on building the software the organization needs, as opposed to the specialized skills needed to run computing infrastructure. Many small and mid-sized companies already using hosting companies to run their applications. The next logical step is for hosting on an operating system in the cloud.
Salesforce.com has already proven the viability of hosted CRM applications. If I am a small business and I need Microsoft Exchange, I have several choices. I can hire somebody who knows how to run an Exchange server. I can take one my already overburdened computer people and hope they can become expert enough on Exchange to run it without problems. Or I can outsource to a company that knows about Exchange, the appropriate patches, security issues, and how to get it to scale. The choice seems pretty clear to most businesses.
We are at the beginning of the cloud computing wave, and there are many legitimate concerns. What about service outages as Amazon and Salesforce.com have had that prevent us from accessing our critical applications and data? What about privacy issues? I have discussed the cloud privacy issue in a podcast. People are concerned about the ownership of information in the cloud.
All these are legitimate concerns. But we have faced these issues before. Think of the electric power industry. We produce and consume all kinds of products and services using electric power. Electric power is reliable enough that nobody produces their own power any more. Even survivalists still get their usual power from the grid.
This did not happen over night. Their were bitter arguments over the AC and DC standards for electric power transmission. Thomas Edison (the champion of DC power) built an alternating current electric chair for executing prisoners to demonstrate the "horrors" of Nikola Tesla's approach. There were bitter financial struggles between competing companies. Read Thomas Parke Hughes' classic work "Networks of power: Electrification in Western society 1880-1930". Yet in the end we have reliable electric power.
Large scale computing utilities could provide computation much more efficiently than individual business. Compare the energy and pollution efficiency of large scale electric utilities with individual automobiles.
Large companies with the ability to hire and retain infrastructure professionals might decide to build rather than outsource. Some companies may decide to do their own hosting for their own individual reasons.
You probably already have information in the cloud if you have ever used Amazon.com. You have already given plenty of information to banks, credit card companies, and other companies you have dealt with. This information surely already resides on a computer somewhere. Life is full of trust decisions that you make without realizing it.
Very few people grow their own food, sew their own clothes, build their own houses, or (even in these tenuous financial times) keep their money in their mattresses any more. We have learnt to trust in an economic system to provide these things. This too did not happen overnight.
I personally believe that Internet connectivity will never be 100% reliable, but how much reliability will be needed depends on the mission criticality of an application. That is why there will always be a role for rich clients and synchronization services.
Hosting companies will have to be large to have the financial stability to handle law suits and survive for the long term. We will have to develop the institutional and legal infrastructure to handle what happens to data and applications when a hosting company fails. We learned how to do this with bank failures and we will learn how to do this with hosting companies.
This could easily take 50 years with many false starts. People tend to overestimate what will happen in 5 years, and underestimate what will happen in 10-15 years.
Azure, the color Microsoft picked for the name of its platform, is the color of a bright, cloudless day. Interesting metaphor for a cloud computing platform. Is the future of clouds clear? |
|
|
|
|
Monday, September 22, 2008 |
|
|
"Software + Services" is Microsoft's representation of what a large part of the future of computing is going to be. Microsoft, however, has not done a great job of explaining what "Software + Services" is.
Based on what I have read and heard, let me try to explain it as I see it.
The fundamental question that one has to ask is "Where does computation happen?"
The obvious answer to everyone today is: "Everywhere".
We compute on mobile devices, appliances, desktops and laptops, and remote computers. We communicate with text and voice.
Everybody understand this. The key question is: "Why?"
I think the answer is because "Hardware is cheap, and data is expensive to move."
The late Jim Gray did an analysis1 of the economics of distributed computing. His analysis came to two conclusions:
1. Put the computation near the data. Unless you have something that is very compute intensive, it is much cheaper to not move the data.
2. If you need data from multiple sites, push the processing closer to the data source by filtering the data early.
The assumption here is that telecommunication prices drop slower than Moore's Law. So far this has always been the case.
The natural conclusion is to do the computation where the data naturally resides. In other words: Do what makes sense. Some things will be in the cloud, some things will still be on the desktop. As long as Internet connectivity is not ubiquitous, and not always connected, you may have to cache data somewhere. Depending on the mission criticality of your application, a few seconds could be a long time.
As Ray Ozzie put it in his MIX Keynote, we live in a "World of small pieces loosely joined."
Software + Services means some things will be services in the cloud, others will be software as we know it today. That includes mobile devices and appliances that we are learning to love and hate, just as we have always done with traditional software.
1. MSR-TR-2003-24 "Distributed Computing Economics"
|
|
|
|
|
Tuesday, September 09, 2008 |
|
|
To further simplify
the example, let us assume that the we want to use the certificate to encrypt
a message from the client to the service. It is easy to apply what we discuss
here to other scenarios. As we discussed in
the previous post, we need to generate two certificates, the root certificate
that represents the Certificate Authority, and the certificate that represents
the identity of the client or service. We will also create a Certificate Revocation
List (CRL). We will use a tool
called makeCert to generate our certificates. Makecert, which ships with the
.NET platform, allows you to build an
X509 certificate that can be used for development and testing. It does three
things: Generates a public and private key It associates the key pair
with a name It binds the name with the
public key.
Many of the
published examples use makecert to both create and install the certificate. We
will do the installation in a separate step because this approach is closer to
the use of real certificates.
Separating the certificates also allows the certificates to be
installed on many machines instead of just one. This makes distributing
certificates to developer machines much easier. First we will
create the Root Certificate with the following command: makecert
-sv RootCATest.pvk -r -n "CN=RootCATest" RootCATest.cer -n specifies the
name for the root certificate authority. The convention is to prefix the name
with "CN=" where CN stands for "Common Name" -r indicates that
the certificate will be a root certificate because it is self-signed. -sv specifies the
file that contains the private key. The private key will be used for signing
certificates issued by this certificate authority. Makecert will ask you for a
password to protect the private key in the file. The file
RootCATest.cer will just have the public key. It is in the Canonical Encoding Rules (CER) format. This
is the file that will be installed on machines as the root of the trust chain. Next we will create
a certificate revocation list. makecert -crl -n
"CN=RootCATest" -r -sv RootCATest.pvk RootCATest.crl -crl indicates we
are creating a revocation list -n is the name of
the root certificate authority -r indicates that
this is the CRL for the root certificate, it is self-signed -sv indicates the
file that contains the private key RootCATest.crl is
the name of the CRL file. At this point we
could install the root certificate, but we will wait until we finish with the
certificate we will use in our scenario.
Here we need two files. We will need a CER file for the client machine
so that we can install the public key associated with the service. Then we
will create a PKCS12 format file that
will be used to install the public and private key in the service. The initial step is
: makecert -ic
RootCATest.cer -iv RootCATest.pvk -n "CN=TempCert" -sv TempCert.pvk -pe -sky exchange TempCert.cer -n specifies the
name for the certificate -sv specifies the
file for the certificate. This must be unique for each certificate created. If
you try to reuse a name, you will get an error message . -iv specifies the
name of the container file for the private key of the root certificate created
in the first step. -ic specifies the
name of the root certificate file created in the first step -sky specifies what
kind of key we are creating. Using the exchange option enables the certificate
to be used for signing and encrypting the message. -pe specifies that
the private key is exportable and is included with the certificate. For
message security is this required because you need the corresponding private
key. The name of the CER
file for the certificate is specified at the end of the command. Now we need to
create the PKCS12 file. We will use a the Software Publisher Certificate Test
Tool to create a Software Publisher's Certificate. You use this format to
create the PKCS12 file using the pvkimprt tool. cert2spc
TempCert.cer TempCert.spc pvkimprt -pfx
TempCert.spc TempCert.pvk We now have four
files: RootCATest.cer RootCATest.crl TempCert.cer TempCert.pvk The next step is to
install these on the appropriate machines. I could not get certmgr to work
properly to do an automated install.
The Winhttpcertcfg tool works for PKCS12 format files, but not CER
format files. We will use the MMC snap-in for this. Run the mmc snapin
tool (type mmc in the Run menu). First we will open the Certificates
snap-in. Choose: Add/Remove Snap-In.
When you add the
snap-in, choose local computer account for the computer you want to install
the certificate (usually the local one).
We want to install
the root certificate on both the client and service machines in the Trusted Root Certificate Store.
Select that store, right mouse click and
install both the RootCATest.cer and RootCATest.crl files. On the client side you want to install only
the public key in the TempCert.cer file.
On the service side only you want to install the PKCS12 format file
(TempCert.pvk) which has the private key for the certificate. Install that in
the Personal store. For private key installation you will have to provide the
password for the PKCS12 file. On the service
side, we need to give the identity of the running process (NETWORK SERVICE)
the rights to read the private key. We use two tools FindPrivateKey and cacls
to do this. Run the following command: for /F
"delims=" %%i in ('FindPrivateKey.exe My LocalMachine -n
"CN=TempITNCert" -a') do (cacls.exe "%%i" /E /G "NT
AUTHORITY\NETWORK SERVICE":R) Remember to delete
these certificates when you are finished with them.
|
|
|
|
|
Sunday, August 24, 2008 |
|
|
Working with X509
certificates can be very frustrating for WCF developers.
This is the first of
two posts. In this post I will explain just enough of the background for X509
certificates so that I can explain in the next post how to create and use
certificates during .NET development with WCF. The second post is here.
I do not know any
good books for a developer that explains how to use certificates. Even the
excellent books on WCF just give you the certificates you need to get the
sample code to work. They do not really explain to you why you are installing
different certificates into different stores, or how to generate the
certificates you need to get your software to work. Very often the examples run
on one machine with the client and service sharing the same store. This is not
a realistic scenario.
Obviously I cannot
explain all about certificates in one blog post. I just wish to share some
knowledge. Hopefully it will spare you some grief.
Here is the problem
I want to solve.
Suppose you have a
set of web services that is accessed by either an ASP.NET or rich client. The
service requires the client application to use an X509 certificate to access
the service. This could be to encrypt the data, to identify the client, to sign
the data to avoid repudiation, or for a number of other reasons. How do you
install the certificates on the client and service machines?
Certificate
technology is based on asymmetric
encryption.
In the encryption
scenario, the client would use the public key of the service to encrypt the
traffic. The service would use its
private key to decrypt the message. In
the identification scenario the service would use the public key of the client
to identify a message signed with the client's private key.
One of the key
issues is how you can be sure that the public key is associated with a given
identity. Perhaps somebody substituted their key for the one you should be
using. Perhaps somebody is hijacking
calls to the service, or you made a mistake in the address of the service. A classic example of these types of
vulnerabilities is the "man in the middle
attack". Another key issue is
that the private key cannot be read or modified by unauthorized parties.
Public Key
Infrastructure (PKI) is the name for a technology that uses a certificate
authority (CA) to bind the public key to an identity. This identity is unique
to the certificate authority. X509 is a standard for implementing a PKI. An X509 certificate represents an association
between an identity and a public key.
An X509 certificate
is issued by a given Certificate Authority to represent its guarantee that a
public key is associated with a particular identity. Depending on how much you
trust the CA, and the amount of identity verification the CA did, would determine how much trust you have in the certificate. For example VeriSign issues
different types of certificates depending on how much verification was done.
Sometimes organizations will be their own certificate authorities and issues
certificates because they want the maximum amount of control.
This relationship
between a CA and its issued certificates is represented in the "chain of
trust". Each X509 certificate is signed with the private key of the CA. In
order to verify the chain of trust you need the CA's public key. If you are your own CA authority you can
distribute the X509 certificate representing this "root
certificate". Some browsers and
operating systems install root certificates as part of their setup. So the
manufacturer of the browser or operating system is part of the chain of trust.
The X509 standard
also includes a certificate revocation list (CRL) which is a mechanism for
checking whether a certificate has been revoked by the CA. The standard does not specify how often this
checking is done. By default, Internet Explorer and Firefox do not check for certificate
revocation. Certificates also contain an expiration date.
Another approach to
trust is called "peer
to peer" trust, or "web of trust". Given the difficulties of peer trust it is
not practical for most Internet applications. It can, however, make development
scenarios simpler. Your development environment, however, should mimic your deployment
environment. Hence I do not recommend
using peer to peer trust unless that is practical for your deployed solution.
There are various
protocols for transmitting certificates.
We will be interested in two of them.
The Canonical
Encoding Rules (CER) protocol will be used to digitally transmit the public key
of a given identity. The PKCS12 protocol will be used to transmit the public
and private keys. The private key will be password protected.
The next post will
describe the mechanisms for creating and installing certificates in a .NET
development environment.
|
|
|
|
|
Sunday, June 01, 2008 |
|
|
On Friday, June 6 of Microsoft's Tech-Ed I will be hosting a Birds of a Feather Session on the topic "Software + Services is For Small Companies Too". It will be held in Room S330 E at noon. To continue the conversation, please add your comments and opinions to this blog post. If you are unable to attend feel free to add your thoughts as well here. Here are some questions to get you started thinking about the topic: What is Software + Services? Are small companies afraid of software + services? Are they afraid of cloud computing? Why? Doesn't cloud computing leverage the efforts of small companies? If cloud computing makes IT a commodity, doesn't this allow small companies to be even more nimble in their development efforts? What are the real advantages that large companies have over small companies? What about the innovators dillemma? How do large companies keep their current customers happy and assure future growth through innovation? Doesn't this help small companies. Doesn't cloud computing help small companies innovate even more?
|
|
|
|
|
Thursday, April 03, 2008 |
|
|
I have put my VSLive! talk, explaining how to use Windows Comunication Foundation and Windows Workflow Foundation together to create distributed applications in the Presentations section of my web site. |
|
|
|
|
Friday, March 28, 2008 |
|
|
Quick answer: When I don't know about it? When two experienced co-workers do not know also? I was working on a workflow code sample for an upcoming talk, when I started getting ridculous compilation errors. The compiler could not find the rules definition file when it was clearly available. The workflow designer could find it because I could associate it with a policy activity. The compiler falsely complained about an incorrect type association in a data bind, but it was clearly correct. Once again the designer had no problem doing the data bind. I tried to find an answer on Google with little success. After two hours of experimenting, I tried a different Google query and came up with the following link: https://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=612335&SiteID=1.The essence of the solution is the following: "this is a well-known
problem with code files that have desigable classes in them - the class
that is to be designed has to be the first class in the file. If you
do the same thing in windows forms you get the following error: the class Form1 can be designed, but is not the first class in the file. Visual Studio requires that designers use the first class in the file. Move the class code so that it is the first class in the file and try loading the designer again." It turns out I had changed a struct that was defined first in my file to a class. I moved that class to the end of the file and "mirabile dictu" everything worked. So if this is a well known problem, why can't we get an error message just like in the Windows Forms case?
While it was clearly my mistake, Microsoft has a share of the blame here. Clearly this requirement makes it easier to build the workflow designer. It would have been just as easy to check if this class was not defined first, and issue an error message.
|
|
|
|
|
Thursday, March 06, 2008 |
|
|
I did a short podcast for Consortio Services about Software as a Service as part of their weekly techcast. I very briefly cover what SaaS is about and some of the critical issues facing organizations looking at delivering services using the SaaS model. |
|
|
|
|
Tuesday, March 04, 2008 |
|
|
I am going to be giving two talks and a workshop at VS Live! in San Francisco. The first talk is an "Introduction to Windows Workflow Foundation" where I explain both the business reasons why Microsoft developed Workflow Foundation as well as the technical fundamentals. This talk will help you understand not only how to build workflows, but when it makes sense to do so and when to use some other technology. The second is " Workflow Services Using WCF and WWF". WCF allows you to encapsulate business functionality into a service. Windows Workflow Foundation allows you to integrate these services into long running business processes. The latest version of the .NET Framework (3.5) makes it much easier to use these technologies together to build some very powerful business applications. On Thursday I will give a whole day tutorial on Workflow Foundation where will dive into the details of how to use this technology to build business applications. Other speakers will talk about VSTS, ALM, Silverlight, AJAX, .NET Framework 3.0 and 3.5, Sharepoint 2007, Windows WF, Visual Studio 2008, SQL Server 2008, and much more. If you have not already registered for VSLive San Francisco, you can receive a $695 discount on the Gold Passport if you register using priority code SPSTI. More at www.vslive.com/sf
. |
|
|
|
|
Tuesday, February 12, 2008 |
|
|
One of the great features in Visual Studio is the ability to startup more than one project at the same time. You do not need to create two solutions, for example, for a client and a server to be able to debug them both. I thought everybody knew how to do this, but when I found out that two members of a project team I am working with did not, I decided to blog how to do this. Select the solution in the Solution Explorer, right mouse click and you will see the following menu:  Select the Set Startup Projects menu item, and a property page will appear that lists all the properties in the project. For example:  You can associate an action with each of the projects: None, Start, or Start without debugging.  When you start execution, the projects that you wanted to startup will begin execution. If you allowed debugging, and set breakpoints, the debugger will stop at the appropriate places. |
|
|
|
|
Monday, February 11, 2008 |
|
Thursday, January 17, 2008 |
|
Thursday, November 22, 2007 |
|
|
The Windows Workflow
Foundation (WF) ships with a Policy Activity that allows you to execute a set
of rules against your workflow. This activity contains a design time rules
editor that allows you to create a set of rules. At run time, the Policy
Activity runs these rules using the WF Rules engine.
Among other
features, the rules engine allows you to prioritize rules and to set a chaining
policy to govern rules evaluation. The
rules engine uses a set of Code DOM expressions to represent the rules. These
rules can be run against any managed object, not just a workflow. Hence, the
mechanisms of the rules engine have nothing to do with workflow. You can
actually instantiate and use this rules engine without having to embed it
inside of a workflow. You can use this rules engine to build rules-driven .NET
applications.
I gave a talk at
the last Las Vegas VSLive! that demonstrates how to do this. The first sample
in the talk uses a workflow to demonstrate the power of the rules engine. The
second and third samples use a very simple example to demonstrate how to use
the engine outside of a workflow.
Two problems have to
be solved. You have to create a set of
Code DOM expressions for the rules. You have to host the engine and supply it
the rules and the object to run the rules against.
While the details
are in the slides and the examples, here is the gist of the solution.
To use the rules
engine at runtime, you pull the workflow rules out of some storage mechanism.
The first sample uses a file. A WorkflowMarkupSerializer instance deserializes
the stored rules to an instance of the RuleSet class. A RuleValidation instance validates the rules
against the type of the business object against which you will run the rules
against. The Execute method on the RuleExecution class is used to invoke the
rules engine and run the rules.
How do you create
the rules? Ideally you would use some domain language, or domain based
application, that would generate the rules as Code DOM expressions. If you were
masochistic enough, you could create those expressions by hand.
As an alternative,
the second sample hosts the Workflow rules editor dialog (RuleSetDialog class)
to let you create the rules. Unfortunately, like the workflow
designer, this is a programmer's tool, not a business analyst's tool. A WorkflowMarkupSerializer
instance is used to serialize the rules to the appropriate storage.
I would be
interested in hearing about how people use this engine to build rules driven
applications.
|
|
|
|
|
Wednesday, October 31, 2007 |
|
|
Meditation is supposed to develop awareness, help focus your attention, and relax while increasing your focus. At one of my current clients we are developing a Software as a Service (SaaS) application. We have developed the following "meditative principles": 1. It's not done until the tests are done. 2. If it's broke, fix it first. 3. If it's not in a script or code, it doesn't exist. 4. Don't explain, do it (but ask questions if you don't understand). And finally (with apologies to Bobby McFerrin), "Don't worry, be agile". Here is a little song I wrote You might want to sing it note for note Don't worry be agile In every software we have some trouble When you worry you make it double Don't worry, be agile Ain't got no place to lay your head Somebody came and took your machine Don't worry, be agile The manager say your code is late He may have to litigate Don't worry, be agile Look at me I refactor Don't worry, be agile Here I give you my url When you worry call me I make you agile Don't worry, be agile Ain't got no time ain't got no style Ain't got not money to make you smile But don't worry self organize Cause when you worry Your face will frown And that will bring everybody down So don't worry, be agile (now) There is this little song I wrote I hope you learn it note for note Like good little developers Don't worry, be agile Listen to what I say In your software expect some trouble But when you worry You make it double Don't worry, be agile Don't worry don't do it, be agile Put a smile on your face Don't bring everybody down like this Don't worry, it will soon pass Whatever it is Don't worry, be agile |
|
|
|
|
Monday, August 20, 2007 |
|
|
My series of four digitial articles have been published by Addison-Wesley. You can get the links to purchase them and the associated source code from my web site.
I have tried to explain, in practical terms, what you need to know to actually build real world software using Windows Workflow. There is a tiny amount of theory to explain the underpinnings. The vast majority of the explanation uses code examples to illustrate all the key points. The last shortcut in the series has two extended examples that illustrate how to build custom activities. |
|
|
|
|
Sunday, May 20, 2007 |
|
|
If you were to believe some of the more vocal advocates of the agile approach to building software, you would think that the word planning is evil. If you change the comparison to agility and discipline, then the contrast is more interesting.
This is exactly what Barry Boehm and Richard Turner do in their book "Balancing Agility and Discipline". They argue that the agile approach to software development, and the discipline approach to software development have much to teach each other. Any given project must achieve the right mix of agility and discipline based on the nature of the project.
One of the more interesting graphs in their book makes this point clear:
You have to understand:
How mission critical your project is?
How many people are on the project?
How experienced are your people?
Do the people on your project handle uncertainty well, or do they prefer order?
How dynamic can the changes to requirements be? Do you understand the domain model well?
As the graph makes clear, the more experienced developers you have that can handle vagueness and ambiguity, the more likely you can use more agile methods. On the other hand, the more mission critical, the more lives at stake, and the larger the project, the more project discipline you need.
This is not an all or nothing choice. As the book makes clear, most of your projects will need some combination of agility and discipline. Nonetheless, no method is a silver bullet.
Arthur Pyster (the Deputy Chief Information Officer for the FAA) writes in his foreword that even building air traffic control systems can incorporate some agile processes.
I had not read their book in 2005 when I made this entry to my blog: http://www.reliablesoftware.com/DasBlog/PermaLink,guid,847f84e5-3629-400b-807b-c6f8a1345454.aspx. Reading this book reinforced my belief that one must continually evaluate the risk associated with a project, and adopt the appropriate methods that reduce that risk.
|
5/20/2007 7:48:02 PM (Eastern Standard Time, UTC-05:00) | | 
|
|
|
|
Sunday, October 29, 2006 |
|
|
Here are good instructions on how to install RC1 for the .NET Framework 3.0: http://blogs.msdn.com/pandrew/archive/2006/09/07/745701.aspx. People, including myself, have been having problems getting the Workflow Extensions for Visual Studio 2005 installed. I moved the installer file (Visual Studio 2005 Extensions for Windows Workflow Foundation RC5(EN).exe) to a different directory from the other installation files. The workflow extensions then installed just fine. |
|
|
|
|
Friday, September 29, 2006 |
|
|
David Chappell (http://www.davidchappell.com/HTML_email/Opinari_No16_8_06.html) argues that SOA may not foster the service reuse that everyone has been hoping for. I think his analysis is correct, but I think with business services we at least have a reasonable hope of achieving reuse. Here we are least dealing with the way things actually happen in the world as opposed to programmer abstractions such as objects or components. That combined with the looser coupling of services gives me some hope.
The reason why frameworks like .NET are successful is they reflect years and years of experience with programming problems. Many examples of reuse (such as file systems and compilers) are so embedded in our experience that we no longer see them for what they are.
Reuse may fail here as well for all the reasons mentioned in David Chappell's analysis. At least now I feel we are on the right track. |
9/29/2006 5:00:37 PM (Eastern Standard Time, UTC-05:00) | | All | SOA
|
|
|
|
Friday, September 01, 2006 |
|
|
The Reference Model for Service Oriented Architecture defines a vocabulary for building service-oriented systems. Put together by a technical committee operating under the auspices of the OASIS standards organization, it is the result of individuals and organizations representing vendors, users, governments, consulting organizations, and academic institutions.
The Reference Model (RM) sees SOA as a means for organizing and using distributed capabilities that may be under the control of different ownership domains. The RM is not an architecture. It does not attempt to make any architecture normative. It does not try to make any standard or set of standards normative.
It does provide a common set of semantics that can be used across different implementations. This does sound rather fancy. Nonetheless, just like Moliere's bourgeois gentlemen that found out he was speaking prose all his life, many industries have been using reference models all along. They just never had to define them explicitly.
An architect for a residential dwelling knows that if they use the term door or window, the builder will understand what is meant. There are widely varied implementations of doors and windows depending, for example, if you are building a space station or an igloo. Nonetheless, everyone knows what the terms mean. Many of these terms are codified in building codes, and by standards bodies, and have evolved over the years. The software architecture community moves too quickly for such evolution; this is where standards organizations can help.
Software architectures, for sure, can have views and viewpoints, but the terms in which they are discussed have to be understood.
The core concepts that the RM discusses are service, visibility, execution context, service description, real world effect, interaction, and contract and policy.
I will discuss these core concepts over the next few posts.
None of this work is going on in isolation, or is it intended to denigrate other work such as the WS* specifications, or organizations such as the ISO, IEEE, IETF, the Ontolog Forum or other groups. The reference model just supplies standard definitions so that it becomes easier for each group to communicate with the others. |
9/1/2006 11:32:59 AM (Eastern Standard Time, UTC-05:00) | | All | SOA
|
|
|
|
Monday, August 14, 2006 |
|
|
I have updated the workflow examples on my site to the most recent Workflow version. |
|
|
|
|
Monday, July 03, 2006 |
|
|
I would like to thank all those who helped me achieve an Microsoft MVP award for Visual Developer - Solutions Architect. |
|
|
|
|
Wednesday, June 28, 2006 |
|
|
"You are so young; you stand before beginnings. I would like to beg of you,
dear friend, as well as I can, to have patience with everything that remains unsolved in your heart. Try to love the questions themselves, like locked rooms and like books written in foreign languages. Do not now look for the answers. They cannot now be given to you because you could not live them. At present you need to live the question."
- Rainer Maria Rilke, Letters to a Young Poet
I learned programming in high school from a Fortran IV manual, which was like learning how to drive a car from the owner's manual—unexciting. Later, after taking an operating systems course at MIT, I gave up entirely on programming as a profession. I did not want to spend my life doing the same thing over and over again.
What made me change my mind and become a professional programmer? In large part it was Gerald M. Weinberg's The Psychology of Computer Programming, which I first read in 1982. Weinberg not only demonstrated that programming was more than technology, it is a social activity, but he showed how the social element related to the technical. In essence, he identified and addressed the types of fundamental questions that Rilke advised the young poet Franz Kappus to study. Such as:
- “What does it mean when we say a program is good?” I learned from Weinberg that a good program is as much a matter of cultural fit as technological merit. A designer has to understand that tradeoffs are made not only among technical factors, but among technical, social and economic constraints. Too often, I have seen engineers try to build the “perfect” product while ignoring ease of use or budget constraints.
- “How do you get programmers to work together as a team?” One programmer cannot do it all. Different people have different skills, different skills are needed at different parts of the project.
- “What is leadership all about?” How do you manage change and performance? Why do many managers manipulate programmers and tread them poorly and then wonder why they get poor results?
-
- “How do you find good programmers?” And just what does it mean to be a good programmer? Weinberg was one of the first to point out the stupidity of aptitude testing for programmers, and the importance of understanding individual psychology in dealing with programmers.
Weinberg confirmed my own intuition that software could have an enormous impact on society, and his discussion of programming as a social activity helped explain much of the “strange behavior” I saw around me as I began working on my first programs. For example, during one of my first projects, I saw that the inability of certain people to work together had more impact on the project’s outcome than the technological issues being debated.
Weinberg examined what a naïve programmer would consider just technical topics and demonstrated how the elements of human personality and interactions between people had just as much, if not more influence over the outcome of a computer programming project than the technical issues and debates.
By understanding the importance of questions such as these, even if not every question can be answered in every situation, my value as a programmer and designer transcends whatever today’s technology du jour happens to be. I would have to say that Weinberg’s book took years off my apprenticeship, and saved me much aggravation.
To this day, I view programming primarily as a human activity, with the technical merits secondary. This does not mean you can ignore the technical merits. What makes a programmer really great is not technical genius, but an understanding of the human context of what he or she is doing. Any programmer who creates a truly revolutionary and world-changing program understands this. Others did not, or did not care to, and their contributions are hidden behind or overwhelmed by others’ accomplishments.
It is incredible that a twenty-five year old programming text containing examples illustrated with technologies that many programmers today cannot even conceive of—I recently taught a programming class where not one of the students had any idea what a punched card or paper tape was—is still a great book. |
|
|
|
|
Wednesday, June 21, 2006 |
|
|
I have signed the petition at: http://www.mwdadvisors.com/resources/stop-the-madness.php. SOA does not need another buzz word. I think SOA 2.0 ranks belong even ESB on the buzz word list.
This is also an experiment. We have heard of viral marketing. Let us see if we can have viral common sense.
|
|
|
|
|
|
How do workflow and service oriented architecture relate?
The real question is how service oriented architecture (SOA) and business processes relate.
Service orientation is about how to organize and utilize distributed capabilities that could be under the control of different owners.1 Business Process Management (BPM) is about modeling, designing, deploying and managing business processes.2 Business processes are the capabilities, or the users of those capabilities. Workflow is a technology that builds the automated part of a business process. It integrates human decision with synchronous and asynchronous software systems. Of course this is somewhat recursive because a workflow could use other services in its implementation.
For me, SOA and BPM are not in conflict. People talk about layering BPM on top of SOA. Or that SOA is for IT folks, and BPM is for business people. In today's world, business cannot afford to have people who just think IT, or just think business. Given the way the human mind works, multiple models are often needed to think about certain problems.3 SOA and BPM are two different ways to think about the same problem: how organizations can best accomplish their missions. Thinking about business process will transform how you architect your services. Architecting your services will impact how you model your business processes.
1 For more information about service oriented architecture take a look at the Reference Model that the OASIS TC that I am a member of has produced: http://www.oasis-open.org/committees/download.php/18486/pr-2changes.pdf
2 See http://ww6.infoworld.com/products/print_friendly.jsp?link=/article/06/02/20/75095_08FEbpmmap_1.html
3 See "Mental Models" by P.N. Johnson-Laird in Foundations of Cognitive Science edited by Michael I. Posner
|
|
|
|
|
Monday, June 19, 2006 |
|
|
I was interviewed by Carl Franklin and Richard Campbell on .NET Rocks: http://dotnetrocks.com/default.aspx?showID=183. Yes we talked about Workflow and SOA. But we touched on other topics such as the failure of technology to really make foreign language learning any better. |
|
|
|
|
Sunday, June 04, 2006 |
|
|
Here is the first of four talks on Microsoft Windows Workflow Foundation that are appearing on Carl Franklin's dnrTV. This one was broadcast on June 2. Each of the following ones should appear in subsequent weeks.
http://dnrtv.com/default.aspx?showID=21
|
|
|
|
|
Tuesday, February 07, 2006 |
|
|
(Apologies to Christopher Alexander)
Christopher Alexander, the architect who inspired the Design Patterns movement, wrote a two part article that appeared in the April and May 1965 issues of Architectural Forum entitled “The City is Not a Tree.” The tree in the title is not a biological tree, but refers to a hierarchy being used as a way to organize how modern cities are built.
We all try to organize the world into neat categories. It helps us make sense of the world. Unfortunately, those categories and subcategories force us to view the world as a set of hierarchical categories. Alexander argued that architects who think that way produce buildings and cities that are sterile and unlivable. For example, zoning that refuses to mix residential, industrial and commercial use has some very severe drawbacks in transportation, living conditions, and tax policy.
The world has too many interrelationships to be viewed as a hierarchy, it is really a semi-lattice. Now there are parts of the world that are hierarchies. But a hierarchy is a semi-lattice, but the reverse is not true. The point is that if you view the world as a hierarchy you miss the true picture.
Software often has to model some part of the world. The World Wide Web is a semi-lattice. Image what the Web would be like if it could only be structured as a hierarchical directory such as Yahoo. Don’t get me wrong; neat categories are often useful. But Search has become such an important part of the Web because it allows you to capture the relationships in a semi-lattice.
Take the classic example I used to give my software engineering students when teaching them about abstraction and object-oriented systems: How do you define a chair? Of course they start out with a standard definition. A chair has a back, a seat, and four legs. But what about a bean bag? Or even a table? In the end, what emerges is that a chair is about a relationship between a piece of anatomy and surface that can support it.It is a relationship, not an object with constraints.
This is what led Alexander to focus on patterns and not components. Of course, some patterns could become components. But components (software or otherwise) are packaging artifacts, not fundamental abstractions. This is why the authors of Design Patterns have the principle of "Favor object composition over class inheritance." Class inheritance is a hierarchy. Object composition allows you to build a semi-lattice if that is appropriate.
Focusing on relationships means you focus on behavior, on what happens in the real world. Systems built on behavior are more flexible and more scalable than those based on constrained objects. Of course not all systems have to be flexible and scalable. Flexible and scalable often conflict with other desired goals such as performance.
Service orientation is based on focusing on the relationships or behaviors between the capabilities of distributed services because ultimately, a service performs some action in the real world. In service oriented systems you do not focus on constrained objects. You try to model the world as the semi-lattice it really is. 1
[1] Look at http://polaris.gseis.ucla.edu/pagre/simon.html for another interesting perspective. |
|
|
|
|
Saturday, November 19, 2005 |
|
|
One of the dogmas of messaging technology is that the "truth is always on the wire." In the context of interoperability that is certainly true. The message, not the platform object model that generated the message, is all that really exists between a service provider and consumer.
Like all principles it has its limits. The statement the "truth is on the wire" only means that using an agreed upon message format is equivalent to a using a common syntax for a language such as English. It does not matter how you define the message format. XML Schema, RelaxNG, or just "ask Alice" are all equivalent. Humans are better at handling ambiguity than machines, hence English syntax can be a lot looser than a message format. Nonetheless, the point remains valid.
Syntax tells you nothing about the semantics of the message. For those of you who abhor fancy terminology, semantics means nothing more or less than the real world actions that arise from processing the message.
Just like you can misunderstand an English sentence, you can "misunderstand" a SOAP message. This misunderstanding may be a programming error, or a misunderstood or mismatched policy.
For example, I send to my bank a correctly formatted message that says transfer $1000 from my cash reserve to my checking account. If the bank transfers the money from savings to checking, that is a programming error. The "wire truth" however was not violated.
Now suppose that the bank made the correct transfer, but the bank's policy (which I did not know of at the time) was to report such transfers to a credit bureau. My altered credit score resulted in a higher interest rate on the loan I was applying for. Understanding a service's policy is as important as understanding the message format.
Truth is not on the wire, truth is the real world effect of what happens when a SOAP message is processed. Truth is semantics.
|
|
|
|
|
|
|
|
| Archive |
| March, 2010 (1) |
| December, 2009 (2) |
| November, 2009 (3) |
| October, 2009 (2) |
| August, 2009 (2) |
| July, 2009 (1) |
| June, 2009 (2) |
| May, 2009 (3) |
| January, 2009 (3) |
| October, 2008 (1) |
| September, 2008 (2) |
| August, 2008 (1) |
| June, 2008 (1) |
| April, 2008 (1) |
| March, 2008 (3) |
| February, 2008 (2) |
| January, 2008 (1) |
| November, 2007 (1) |
| October, 2007 (1) |
| August, 2007 (1) |
| May, 2007 (1) |
| October, 2006 (1) |
| September, 2006 (2) |
| August, 2006 (1) |
| July, 2006 (1) |
| June, 2006 (8) |
| February, 2006 (1) |
| November, 2005 (1) |
| October, 2005 (1) |
| August, 2005 (1) |
| March, 2005 (2) |
| December, 2004 (2) |
| November, 2004 (1) |
| August, 2004 (1) |
| June, 2004 (2) |
| March, 2004 (1) |
| February, 2004 (1) |
|
|
|
|
| Themes |
| Pick a theme:
|
|
|
|