Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice NFPs Reid Holmes Lecture 5 - Tuesday, Sept 27 2010.

Similar documents
Organizational Requirements Engineering

Data Management in an International Data Grid Project. Timur Chabuk 04/09/2007

BM482E Introduction to Computer Security

Introduction to Security

The Data Grid: Towards an Architecture for Distributed Management and Analysis of Large Scientific Datasets

Enterprise Service Bus

Service Oriented Architecture

Aerospace Software Engineering

What SOA can do for Software Dependability. Karl M. Göschka Vienna University of Technology

Evaluation of the Iceland State Financial and Human Resource System REPORT OF THE INDIVIDUAL EVALUATOR. Annex 2 SYSTEM AND SOFTWARE QUALITY

Introduction to Database Systems

Customer Bank Account Management System Technical Specification Document

Principles of Computer Security. Dr George Danezis

Software Architecture

Security Controls for the Autodesk 360 Managed Services

Distributed Systems Lecture 1 1

CHAPTER 2 MODELLING FOR DISTRIBUTED NETWORK SYSTEMS: THE CLIENT- SERVER MODEL

SANE: A Protection Architecture For Enterprise Networks

Architecture. Reda Bendraou

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Web Application Architectures

DESIGN OF A PLATFORM OF VIRTUAL SERVICE CONTAINERS FOR SERVICE ORIENTED CLOUD COMPUTING. Carlos de Alfonso Andrés García Vicente Hernández

Techniques for Composing REST services

Software Engineering

Advanced Analysis and Design

Observation and Findings

How To Design An Intrusion Prevention System

Evolution of Peer-to-Peer Systems

Performance Monitoring AlwaysOn Availability Groups. Anthony E. Nocentino

Deploying a distributed data storage system on the UK National Grid Service using federated SRB

TÓPICOS AVANÇADOS EM REDES ADVANCED TOPICS IN NETWORKS

Highly Available Mobile Services Infrastructure Using Oracle Berkeley DB

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Cryptography and Network Security

The EMSX Platform. A Modular, Scalable, Efficient, Adaptable Platform to Manage Multi-technology Networks. A White Paper.

TÓPICOS AVANÇADOS EM REDES ADVANCED TOPICS IN NETWORKS

Storage Clouds. Enterprise Architecture and the Cloud. Author and Presenter: Marty Stogsdill, Oracle

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

Web DNS Peer-to-peer systems (file sharing, CDNs, cycle sharing)

Applying 4+1 View Architecture with UML 2. White Paper

Overview TECHIS Carry out security testing activities

BigData. An Overview of Several Approaches. David Mera 16/12/2013. Masaryk University Brno, Czech Republic

Distribution transparency. Degree of transparency. Openness of distributed systems

Parallel Programming at the Exascale Era: A Case Study on Parallelizing Matrix Assembly For Unstructured Meshes

Software Service Engineering Architect s Dream or Developer s Nightmare?

Enterprise Architecture and the Cloud. Marty Stogsdill, Oracle

NIST s Guide to Secure Web Services

CHAPTER THREE, Network Services Management Framework

GoodData Corporation Security White Paper

WebFOCUS 8: Technical Overview

Service-Oriented Architectures

LinuxWorld Conference & Expo Server Farms and XML Web Services

CSE331: Introduction to Networks and Security. Lecture 1 Fall 2006

Outline. Definitions. Course schedule

Oracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data

Implementing Portfolio Management: Integrating Process, People and Tools

Enterprise Architecture and the Cloud. Marty Stogsdill, Oracle

Big data management with IBM General Parallel File System

CMPT 471 Networking II

1.1.1 Introduction to Cloud Computing

The Role and uses of Peer-to-Peer in file-sharing. Computer Communication & Distributed Systems EDA 390

Technical Overview Simple, Scalable, Object Storage Software

Software design (Cont.)

DATABASE SECURITY, INTEGRITY AND RECOVERY

How To Understand The Concept Of A Distributed System

Socio-Technical Systems

Using Peer to Peer Dynamic Querying in Grid Information Services

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS

Practical Cassandra. Vitalii

Cryptography and Network Security Chapter 1

DESIGN REPORT FOR THE PROJECT INVENTORY CONTROL SYSTEM FOR CALCULATION AND ORDERING OF AVAILABLE AND PROCESSED RESOURCES

IP Storage On-The-Road Seminar Series

Building Remote Access VPNs

Software Life-Cycle Management

What is Middleware? Software that functions as a conversion or translation layer. It is also a consolidator and integrator.

Comparing Microsoft SQL Server 2005 Replication and DataXtend Remote Edition for Mobile and Distributed Applications

Adapting Distributed Hash Tables for Mobile Ad Hoc Networks

Lecture 17 - Network Security

Vragen. Architecture presentations in practice. Some terms (from IEEE standard)

A blueprint for an Enterprise Information Security Assurance System. Acuity Risk Management LLP

Embracing Microsoft Vista for Enhanced Network Security

DISTRIBUTED DATABASES MANAGEMENT USING REPLICATION METHOD

EII - ETL - EAI What, Why, and How!

Infrastructure that supports (distributed) componentbased application development

Active Network Defense: Real time Network Situational Awareness and a Single Source of Integrated, Comprehensive Network Knowledge

Introduction to Service Oriented Architectures (SOA)

Transcription:

Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice NFPs Reid Holmes Lecture 5 - Tuesday, Sept 27 2010.

NFPs NFPs are constraints on the manner in which the system implements and delivers its functionality. E.g., Efficiency Complexity Scalability Heterogeneity Adaptability Security Dependability

FP vs NFP Products are sold based on their FPs. e.g., Cell phone, Car, Tent. However, NFPs play a critical role in perception. This program keeps crashing It doesn t work with my [...] It s too slow

Design guidelines for NFPs Provide guidelines that support various NFPs. Focus on architectural level: Components Connectors Topologies

NFP: Efficiency Efficiency is a quality that reflects a system s ability to meet its performance requirements. Components: Keep them small. Simple and compact interfaces. Allow multiple interfaces to the same functionality. Separate data from processing components. Separate data from meta data. Connectors: Carefully select connectors. Be careful of broadcast connectors. Encourage asynchronous interaction. Be wary of location/distribution transparency. Topology: Keep frequent collaborators close. Consider the efficiency impact of selected styles.

Multiple Interfaces

Distribution transparency REID HOLMES - SE2: SOFTWARE DESIGN & ARCHITECTURE

Topological distance

NFP: Complexity Complexity is a property that is proportional to the size of a system, its volume of constituent elements, their internal structure, and their interdependencies. Components: Separate concerns. Isolate functionality from interaction. Ensure cohesiveness. Insulate processing from data format changes. Connectors: Isolate interaction from functionality. Restrict interactions provided by each connector. Topology: Eliminate unnecessary dependencies. Use hierarchical (de)composition.

Connector complexity!"#$%&'()$*!"#$%&'()$* +$*,-'% +./.0$- 1$)2,-3% 4/)$-5.6$ +$*,-'% +./.0$- 1$)2,-3% 4/)$-5.6$ 8-,6$((% &6;$<:#$- 4/)$-78-,6$((% 9,**:/"6.)",/( 8-,6$((% &6;$<:#$- 4/)$-78-,6$((% 9,**:/"6.)",/( 4/")".#"=.)",/ >"?-.-' 4/")".#"=.)",/ >"?-.-'

NFP: Scalability / Heterogeneity Scalability: The capability of a system to be adapted to meet new size / scope requirements. Heterogeneity: A system s ability to be composed of, or execute within, disparate parts. Internal: Ability to accommodate multiple kinds of components and connectors. External: Ability to adjust to different platforms and environments (e.g., portability). Portability: The ability of a system to execute on multiple platforms while retaining their functional and non-functional properties.

NFP: Scalability / Heterogeneity Components: Keep components focused (avoid bottlenecks). Simplify interfaces (ease adding new components). Avoid unnecessary heterogeneity (arch mismatch). Distribute data sources (avoid bottlenecks). Replicate data (caution: mutable vs immutable data). Connectors: Use explicit connectors (natural scaling points). Clearly define connector responsibilities (avoid bottlenecks). Choose the simplest connectors (complexity dec. perf.). Direct vs. indirect connectors (loose coupling, easy ext.). Topology: Avoid bottlenecks. Place data close to consumer (reduce network traffic). Location transparency (move / expand services, data).

NFP: Evolvability Evolvability: The ability to change to satisfy new requirements and environments. Components: Same as for complexity. Goal is to reduce risks by isolating modifications. Connectors: Clearly define responsibilities (make it easy track risk). Make connectors flexible. Enable connector composition (support new comps.). Topology: Avoid implicit connectors (hard to understand). Encourage location transparency (supports obliviousness).

NFP: Evolvability

NFP: Dependability Reliability: The probability a system will perform within its design limits without failure over time. Availability: The probability the system is available at a particular instant in time. Robustness: The ability of a system to respond adequately to unanticipated runtime conditions. Fault-tolerance: The ability of a system to respond gracefully to failures at runtime. Faults arise from: environment, components, connectors, component-connector mismatches. Survivability: The ability to resist, recover, and adapt to threats. Sources: attacks, failures, and accidents. Steps: resist, recognize, recover, adapt. Safety: The ability to avoid failures that will cause loss of life, injury, or loss to property.

NFP: Dependability Components: Control external component dependencies (insulation). Support reflection (e.g., querying about health). Support exception handling (adjust to failures). Specify key state invariants (best, normal, worst-case). Connectors: Use explicit connectors (insulate components). Provide interaction guarantees (know how to react). Use advanced connectors (replicas, mocks, etc.). [Support seamless dependability] Topology: Avoid single points of failure. Enable back-ups (e.g., via advanced connectors). Support system health monitoring (e.g., perf. analysis). Support dynamic adaptation (e.g., dynamic discovery).

NFP: Security Security: The protection afforded a system to preserve its integrity, availability, and confidentiality if its resources. Confidentiality Preserving the confidentiality of information means preventing unauthorized parties from accessing the information or perhaps even being aware of the existence of the information. I.e., secrecy. Integrity Maintaining the integrity of information means that only authorized parties can manipulate the information and do so only in authorized ways. Availability Resources are available if they are accessible by authorized parties on all appropriate occasions.

Security arch. principles Least privilege: Give each component only the privileges it requires. Fail-safe defaults Deny access if explicit permission is absent. Economy of mechanism Adopt simple security mechanisms. Open design Secrecy!= security.

Security arch. principles Separation of privilege Introduce multiple parties to avoid exploitation of privileges. Least common mechanism Limit critical resource sharing to only a few mechanisms. Psychological acceptability Make security mechanisms usable. Defence in depth Have multiple layers of countermeasures.

IIS Example

Access control Decide whether access should be granted. Discretionary: Based on the accessor s identity, the resources, and whether the accessor has permissions. Mandatory: Policy based. (e.g., dominating labels) Cross-cutting concern that should be investigated at an architectural level.

Discretionary access control DB Component Interface Alice Read-write; always Bend Y Bob Read-write; Between 9-5 Fold N Charles No access Spindle N Dave No access Mutilate Y Eve Read-only; Always Non N

Mandatory access control REID HOLMES - SE2: SOFTWARE DESIGN & ARCHITECTURE

Trust management Trust is a subjective probability with which one agent assesses another agents will perform some specific action within a specific context. Reputation is the expectation of an agent s behaviour based on their past behaviours. Trust cannot be isolated to individual components. Dominant concern in decentralized applications. Architecture provides a foundation for reasoning about trust-related issues.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information