Thursday, August 28, 2008
what is Payload?
When data is sent over the Internet, each unit transmitted includes both header information and the actual data being sent. The header identifies the source and destination of the packet, while the actual data is referred to as the payload. Because header information, or overhead data, is only used in the transmission process, it is stripped from the packet when it reaches its destination. Therefore, the payload is the only data received by the destination system.
Take advantage of the benefits of loosely coupled Web services:
Loosely coupled components can operate independently of each other with no problems. This is an excellent fit when designing Web services, where all components are not always available. Coupling generally refers to the act of joining two things together, such as the links in a chain. But in software development, coupling typically refers to the degree to which software components/modules depend upon each other. The degree to which components are linked defines whether they operate in a tightly coupled relationship or in a loosely coupled relationship. With tightly coupled components, each component and any auxiliary dependent objects must be present at execution time as well as compile time. On the other hand, loosely coupled components can operate independently from one another.
Loosely coupled components can operate independently of each other with no problems. This is an excellent fit when designing Web services, where all components are not always available. Coupling generally refers to the act of joining two things together, such as the links in a chain. But in software development, coupling typically refers to the degree to which software components/modules depend upon each other. The degree to which components are linked defines whether they operate in a tightly coupled relationship or in a loosely coupled relationship. With tightly coupled components, each component and any auxiliary dependent objects must be present at execution time as well as compile time. On the other hand, loosely coupled components can operate independently from one another.
The benefits of location transparency in an SOA:
- Chief among the benefits of a service oriented architecture is that services and clients operate independently of their locations, known as location transparency. Learn some of the advantages of using it and also a few issues that could arise.
- One of the major benefits provided by a service oriented architecture (SOA) is the decoupling of the client requesting the service and the service itself.
- Through a registration and discovery mechanism, the SOA provides location transparency, which allows clients to not know (or care) about where a component or service is actually located.
Difference between URL,URN,URI.
URL
The idea is that a URL is a mechanical link to a resource's location, where it can be downloaded. For this reason, a URL contains a hostname and a local part, all of which can be resolved anywhere on the Internet.URL
A URL is a specialization of URI that defines the network location of a specific resource. Unlike a URN, the URL defines how the resource can be obtained. We use URLs every day in the form of http://damnhandy.com, etc. But a URL doesn’t have to be an HTTP URL, it can be ftp://damnhandy.com, smb://damnhandy.com, etc.
URI
A URI identifies a resource either by location, or a name, or both. More often than not, most of us use URIs that defines a location to a resource. The fact that a URI can identify a resources by both name and location has lead to a lot of the confusion in my opionion. A URI has two specializations known as URL and URN.
URN
What a URN tries to do is different. It tries to give a description of a resource without actually pointing at it. For example:urn:isbn:90-365-17273
A URI identifies a resource by name in a given namespace but not define how the resource maybe obtained. This type of URI is called a URN.
URI is merely the possibly overlapping union of strings that are a URL or a URN
URL
The idea is that a URL is a mechanical link to a resource's location, where it can be downloaded. For this reason, a URL contains a hostname and a local part, all of which can be resolved anywhere on the Internet.URL
A URL is a specialization of URI that defines the network location of a specific resource. Unlike a URN, the URL defines how the resource can be obtained. We use URLs every day in the form of http://damnhandy.com, etc. But a URL doesn’t have to be an HTTP URL, it can be ftp://damnhandy.com, smb://damnhandy.com, etc.
URI
A URI identifies a resource either by location, or a name, or both. More often than not, most of us use URIs that defines a location to a resource. The fact that a URI can identify a resources by both name and location has lead to a lot of the confusion in my opionion. A URI has two specializations known as URL and URN.
URN
What a URN tries to do is different. It tries to give a description of a resource without actually pointing at it. For example:urn:isbn:90-365-17273
A URI identifies a resource by name in a given namespace but not define how the resource maybe obtained. This type of URI is called a URN.
URI is merely the possibly overlapping union of strings that are a URL or a URN
The SSL protocol was originally developed by Netscape, to ensure security of data transported and routed through HTTP, LDAP or POP3 application layers. SSL is designed to make use of TCP as a communication layer to provide a reliable end-to-end secure and authenticated connection between two points over a network (for example between the service client and the server).
The main objectives for SSL are:
Authenticating the client and server to each other: the SSL protocol supports the use of standard key cryptographic techniques (public key encryption) to authenticate the communicating parties to each other. Though the most frequent application consists in authenticating the service client on the basis of a certificate, SSL may also use the same methods to authenticate the client.
Ensuring data integrity: during a session, data cannot be either intentionally or unintentionally tampered with.
Securing data privacy: data in transport between the client and the server must be protected from interception and be readable only by the intended recipient. This prerequisite is necessary for both the data associated with the protocol itself (securing traffic during negotiations) and the application data that is sent during the session itself. SSL is in fact not a single protocol but rather a set of protocols that can additionally be further divided in two layers:
the protocol to ensure data security and integrity: this layer is composed of the SSL Record Protocol,
The protocols that are designed to establish an SSL connection: three protocols are used in this layer: the SSL Handshake Protocol, the SSL ChangeCipher SpecPprotocol and the SSL Alert Protocol. The SSL record protocol is responsible for data encryption and integrity. It is also used to encapsulate data sent by other SSL protocols, and therefore, it is also involved in the tasks associated with the SSL check data. The other three protocols cover the areas of session management, cryptographic parameter management and transfer of SSL messages between the client and the server. Prior to going into a more detailed discussion of the role of individual protocols and their functions let us describe two fundamental concepts related to the use of SSL.
The main objectives for SSL are:
Authenticating the client and server to each other: the SSL protocol supports the use of standard key cryptographic techniques (public key encryption) to authenticate the communicating parties to each other. Though the most frequent application consists in authenticating the service client on the basis of a certificate, SSL may also use the same methods to authenticate the client.
Ensuring data integrity: during a session, data cannot be either intentionally or unintentionally tampered with.
Securing data privacy: data in transport between the client and the server must be protected from interception and be readable only by the intended recipient. This prerequisite is necessary for both the data associated with the protocol itself (securing traffic during negotiations) and the application data that is sent during the session itself. SSL is in fact not a single protocol but rather a set of protocols that can additionally be further divided in two layers:
the protocol to ensure data security and integrity: this layer is composed of the SSL Record Protocol,
The protocols that are designed to establish an SSL connection: three protocols are used in this layer: the SSL Handshake Protocol, the SSL ChangeCipher SpecPprotocol and the SSL Alert Protocol. The SSL record protocol is responsible for data encryption and integrity. It is also used to encapsulate data sent by other SSL protocols, and therefore, it is also involved in the tasks associated with the SSL check data. The other three protocols cover the areas of session management, cryptographic parameter management and transfer of SSL messages between the client and the server. Prior to going into a more detailed discussion of the role of individual protocols and their functions let us describe two fundamental concepts related to the use of SSL.
Difference Between HTTP and HTTPS:
- HTTP utilizes tcp/udp (Transmission Control Protocol/User Datagram Protocol) port 80 to transfer packets for unencrypted web surfing. If you visit a website or webpage, and look at the address in the web browser, it will most likely begin with the following: http://. This means that the website is connected to your browser using the regular unsecure language, due to which there is a possiblilty for someone to spy on your computer’s conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.
- HTTPS The "S" in HTTPS indicates a secure site. It is utilizes tcp/udp port 443 for encrypted web surfing via SSL (Secure Sockets Layer) or the more recent TLS (Transport Layer Security) protocols. HTTPS provides for reasonably secure bi-directional encrypted communication on the Internet. Https is used in many situations, such as log-in pages for banking, forms, corporate log ons, and other applications in which data needs to be secure. However, if not implemented properly, https is not infallible, and therefore it is extremely important for end users to be wary about accepting questionable certificates and cautious with their personal information while using the Internet.
location transperency:
In computer networks location transparency describes names used to identify network resources independent of both the user's location and the resource location.
A distributed system will need to employ a networked scheme for naming resources.
In other words it is an idea that the resources can be accessed by a user from anywhere on the network without knowing where the resource is located. A file could be on the user's own PC, or thousands of miles away on other servers.
url:
Uniform Resource Locator is a compact string of characters used to represent a resource available on the Internet.[1] In popular usage and many technical documents, it is a synonym for Uniform Resource Identifier (URI).
uri:
a Uniform Resource Identifier (URI) is a compact string of characters used to identify or name a resource on the Internet. The main purpose of this identification is to enable interaction with representations of the resource over a network, typically the World Wide Web, using specific protocols. URIs are defined in schemes defining a specific syntax and associated protocols.
urn:
A Uniform Resource Name (URN) is a Uniform Resource Identifier (URI) that uses the urn scheme, and does not imply availability of the identified resource. Both URNs (names) and URLs (locators) are URIs, and a particular URI may be a name and a locator at the same time.
In computer networks location transparency describes names used to identify network resources independent of both the user's location and the resource location.
A distributed system will need to employ a networked scheme for naming resources.
In other words it is an idea that the resources can be accessed by a user from anywhere on the network without knowing where the resource is located. A file could be on the user's own PC, or thousands of miles away on other servers.
url:
Uniform Resource Locator is a compact string of characters used to represent a resource available on the Internet.[1] In popular usage and many technical documents, it is a synonym for Uniform Resource Identifier (URI).
uri:
a Uniform Resource Identifier (URI) is a compact string of characters used to identify or name a resource on the Internet. The main purpose of this identification is to enable interaction with representations of the resource over a network, typically the World Wide Web, using specific protocols. URIs are defined in schemes defining a specific syntax and associated protocols.
urn:
A Uniform Resource Name (URN) is a Uniform Resource Identifier (URI) that uses the urn scheme, and does not imply availability of the identified resource. Both URNs (names) and URLs (locators) are URIs, and a particular URI may be a name and a locator at the same time.
Wednesday, August 27, 2008
SECURE SOCKET LAYER(SSL):How It Works
Secure Sockets Layer (SSL) technology protects your Web site and makes it easy for your Web site visitors to trust you in three essential ways:
1.An SSL Certificate enables encryption of sensitive information during online transactions.
2.Each SSL Certificate contains unique, authenticated information about the certificate owner.
3.A Certificate Authority verifies the identity of the certificate owner when it is issued.
1.An SSL Certificate enables encryption of sensitive information during online transactions.
2.Each SSL Certificate contains unique, authenticated information about the certificate owner.
3.A Certificate Authority verifies the identity of the certificate owner when it is issued.
SECURE SOCKET LAYER
The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. Developed by Netscape, SSL also gained the support of Microsoft and other Internet client/server developers as well and became the de facto standard until evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.
Monday, August 4, 2008
Dynamic Link Library
Dynamic-link library (also written without the hyphen), or DLL, is Microsoft's implementation of the shared library concept in the Microsoft Windows and OS/2 operating systems. These libraries usually have the file extension DLL, OCX (for libraries containing ActiveX controls), or DRV (for legacy system drivers). The file formats for DLLs are the same as for Windows EXE files — that is, Portable Executable (PE) for 32-bit and 64-bit Windows, and New Executable (NE) for 16-bit Windows. As with EXEs, DLLs can contain code, data, and resources, in any combination.
Features of DLL
Memory management
In Win32, the DLL files are organized into sections. Each section has its own set of attributes, such as being writable or read-only, executable (for code) or non-executable (for data), and so on.
The code in a DLL is usually shared among all the processes that use the DLL; that is, they occupy a single place in physical memory, and do not take up space in the page file. If the physical memory occupied by a code section is to be reclaimed, its contents are discarded, and later reloaded directly from the DLL file as necessary.
Memory management
In Win32, the DLL files are organized into sections. Each section has its own set of attributes, such as being writable or read-only, executable (for code) or non-executable (for data), and so on.
The code in a DLL is usually shared among all the processes that use the DLL; that is, they occupy a single place in physical memory, and do not take up space in the page file. If the physical memory occupied by a code section is to be reclaimed, its contents are discarded, and later reloaded directly from the DLL file as necessary.
In contrast to code sections, the data sections of a DLL are usually private; that is, each process using the DLL has its own copy of all the DLL's data. Optionally, data sections can be made shared, allowing inter-process communication via this shared memory area. However, because user restrictions do not apply to the use of shared DLL memory, this creates a security hole; namely, one process can corrupt the shared data, which will likely cause all other sharing processes to behave undesirably. For example, a process running under a guest account can in this way corrupt another process running under a privileged account. This is an important reason to avoid the use of shared sections in DLLs.
If a DLL is compressed by certain executable packers (e.g. UPX), all of its code sections are marked as read-and-write, and will be unshared. Read-and-write code sections, much like private data sections, are private to each process. Thus DLLs with shared data sections should not be compressed if they are intended to be used simultaneously by multiple programs, since each program instance would have to carry its own copy of the DLL, resulting in increased memory consumption.
XSD Restrictions/Facets
When an XML element or attribute has a data type defined, it puts restrictions on the element's or attribute's content.
If an XML element is of type "xs:date" and contains a string like "Hello World", the element will not validate.
With XML Schemas, you can also add your own restrictions to your XML elements and attributes. These restrictions are called facets.
In otherwards,Restrictions are used to define acceptable values for XML elements or attributes. Restrictions on XML elements are called facets.
The following type of restrictions are allowed in xml schema:
Restrictions on Values
Restrictions on a Series of Values
Restrictions on Whitespace Characters
Restrictions on Length
Restrictions for Datatypes and
Other Restrictions on a Series of Values
If an XML element is of type "xs:date" and contains a string like "Hello World", the element will not validate.
With XML Schemas, you can also add your own restrictions to your XML elements and attributes. These restrictions are called facets.
In otherwards,Restrictions are used to define acceptable values for XML elements or attributes. Restrictions on XML elements are called facets.
The following type of restrictions are allowed in xml schema:
Restrictions on Values
Restrictions on a Series of Values
Restrictions on Whitespace Characters
Restrictions on Length
Restrictions for Datatypes and
Other Restrictions on a Series of Values
Definition For COM
Component Object Model (COM) is Microsoft's framework for developing and supporting program component objects. It is aimed at providing similar capabilities to those defined in the Common Object Request Broker Architecture (CORBA), a framework for the interoperation of distributed objects in a network that is supported by other major companies in the computer industry. Whereas Microsoft's Object Linking and Embedding provides services for the compound document that users see on their display, COM provides the underlying services of interface negotiation, life cycle management (determining when an object can be removed from a system), licensing, and event services (putting one object into service as the result of an event that has happened to another object).
OVERVIEW OF CORBA
The Common Object Request Broker Architecture (CORBA) [OMG:95a] is an emerging open distributed object computing infrastructure being standardized by the Object Management Group (OMG). CORBA automates many common network programming tasks such as object registration, location, and activation; request demultiplexing; framing and error-handling; parameter marshalling and demarshalling; and operation dispatching. See the OMG Web site for more overview material on CORBA.
Sunday, August 3, 2008
COM
Component Object Model (COM) is a Microsoft centric interface standard for software componentry introduced by Microsoft in 1993. It is used to enable interprocess communication and dynamic object creation in any programming language that supports the technology. The term COM is often used in software development industry as an umbrella term that encompasses the OLE,OLE Automation, COM+ and DCOM technologies.
Please refer to the below link for further details.
http://msdn.microsoft.com/en-us/library/ms809980.aspx.
CORBA
The Common Object Request Broker Architecture (CORBA) is a standard defined by the Object Management Group (OMG) that enables software components written in multiple computer languages and running on multiple computers to work together.
CORBA is a mechanism in software for normalizing the method call semantics between application objects that reside either in the same address space (application) or remote address space (same host or remote host on a network).
Saturday, August 2, 2008
Dynamic Link Library(DLL)
A dynamic-link library (DLL) is an executable file that acts as a shared library of functions. Dynamic linking provides a way for a process to call a function that is not part of its executable code. The executable code for the function is located in a DLL, which contains one or more functions that are compiled, linked, and stored separately from the processes that use them. DLLs also facilitate the sharing of data and resources. Multiple applications can simultaneously access the contents of a single copy of a DLL in memory.
Dynamic linking differs from static linking in that it allows an executable module (either a .dll or .exe file) to include only the information needed at run time to locate the executable code for a DLL function. In static linking, the linker gets all of the referenced functions from the static link library and places it with your code into your executable.
Using dynamic linking instead of static linking offers several advantages. DLLs save memory, reduce swapping, save disk space, upgrade easier, provide after-market support, provide a mechanism to extend the MFC library classes, support multilanguage programs, and ease the creation of international versions.
Dynamic linking differs from static linking in that it allows an executable module (either a .dll or .exe file) to include only the information needed at run time to locate the executable code for a DLL function. In static linking, the linker gets all of the referenced functions from the static link library and places it with your code into your executable.
Using dynamic linking instead of static linking offers several advantages. DLLs save memory, reduce swapping, save disk space, upgrade easier, provide after-market support, provide a mechanism to extend the MFC library classes, support multilanguage programs, and ease the creation of international versions.
Document Object model(DOM)
The Document Object Model (DOM) is a platform- and language-independent standard object model for representing HTML or XML and related formats.
The XML DOM (Document Object Model) defines a standard way for accessing and manipulating XML documents.
The XML DOM (Document Object Model) defines a standard way for accessing and manipulating XML documents.
The Common Object Request Broker Architecture (CORBA) is a standard defined by the Object Management Group (OMG) that enables software components written in multiple computer languages and running on multiple computers to work together.
please go through this link http://www.omg.org/gettingstarted/corbafaq.htm
please go through this link http://www.omg.org/gettingstarted/corbafaq.htm
Subscribe to:
Posts (Atom)