Customer Relationship Management (CRM)
Data Farm Inc.

The Technical "Know-How"
Home Executive Summary Investors Trade Secret Compression Encryption Data Streaming Business Intelligence
Security and Communication Tiers - KISS "Keep it simple, stupid"
This page covers two main sections:

       Basic concepts of Tiers, Inter-process communication (IPC) and communication channels
       Our DAO Security Model - KISS

Thinking in Term of Folders:
In any operating systems, a folder is a named collection of related files that can be retrieved, moved and manipulated as one entity. We need to view tiers or servers (software and hardware) as folders. In other words, tiers or servers are independent entities which are self contained and they are also part of the whole system.
Browsers and/or cloud services would be outsiders folders. Web services and Legacy system could also be considered folders.

Each folder has private, protected and public data they need to work with. Each needs services or data from others. These folders can be on one server or on a number of servers and possibly remotes or outside servers. The same thing can be applied to tiers, servers or virtual servers. They can located on several servers or all on the same server.

Inter-Process Communication (IPC):
Inter-process communication (IPC) is how processes or programs share data using communication protocols. IPC are categorized as clients and servers, where the client requests data and the server responds to client requests. Each process or a program can act as both a client and a server.

Shared Data and DAO:
The core of any system is how to use data. Our view of data or Data Access Object (DAO) is that of human cardiovascular system, where the blood circulate and transport nutrients, oxygen to nourish the body. There are different types of blood cells. Red blood cells which deliver oxygen (O2). White blood cells which are essential for good health and protection against illness and disease. Therefore, data is the blood of any system which is used to supply the system with the data needed to run and as well has the security information to protect the system.

Communication Channels:
How these tiers or servers exchange data and in what format is very critical to system performance and security. The following are some of communication channels:

File:
A computer file is a resource for storing information, and it can be accessed by multiple processes. The drawback of using files is the fact it is I/O process which is slow.

Signal:
In electronics, a signal is an electric current or electromagnetic field used to convey data from one place to another.

Socket:
A socket is one endpoint of a two-way communication link between two programs running on the network. Sockets can be considered an open buffer for dumping and reading data. A socket is bound to a port number which is its address to communicate with.

Message queue:
Message queues provide an asynchronous communications protocol, meaning that the sender and receiver of the message do not need to interact with the message queue at the same time. A message queue allows multiple processes to read and write to the message queue without being directly connected to each other. Messages placed onto the queue are stored until the recipient retrieves them. Message queues have implicit or explicit limits on the size of data that may be transmitted in a single message and the number of messages that may remain outstanding on the queue.

Pipe:
In computer programming, especially in UNIX operating systems, a pipe is a technique for passing information from one program process to another. Unlike other forms of inter process communication (IPC), a pipe is one-way communication only. Basically, a pipe passes a parameter such as the output of one process to another process which accepts it as input. The system temporarily holds the piped information until it is read by the receiving process.

Named Pipe:
Named pipes provide inter-process communication between a pipe server and one or more pipe clients. They offer more functionality than anonymous pipes, which provide inter-process communication on a local computer. Named pipes support full duplex communication over a network and multiple server instances, message-based communication, and client impersonation, which enables connecting processes to use their own set of permissions on remote servers.

Semaphore:
A simple structure that synchronizes multiple processes acting on shared resources. Semaphores are one of the techniques for inter-process communication (IPC). Semaphores are commonly use for two purposes: to share a common memory space and to share access to files.

Shared Memory:
Shared memory is memory that is accessible to a number of processes. It is the quickest way of sharing information among a set of processes. Shared memory is available on all operating systems.

Message Passing:
Message passing refers to a means of communication between different threads within a process, different processes running on the same node, or different processes running on different nodes.

Memory-Mapped File:
A file mapped to RAM and can be modified by changing memory values directly instead of outputting to a stream. Memory mapped files can be considered an array of characters located at a specific address in memory.

Java Objects, Methods, Buffered Queues and DAO:
Java API and libraries and open source give development the needed tools to make calls to remote objects, methods plus the ability to pass Java objects to these calls. For example, one Java object can do the buffering for other programs by create a Queue of DAO which would persist in memory and work a buffer. Java Class java.nio.MappedByteBuffer is another example of buffering data.

Web Services:
In a nutshell, web server is nothing more than communicating using XML. XML is also nothing but structured text files which we have tools that build them and other that read/parse them. XML primitive data types are not too far from Java data types. Java Reflection can be used to retrieve values stored DAO fields and converted them to XML tags using DOM. The reverse from XML tags to DOA fields can also be done using JAXP or JAXB and Java Reflection.

Our XML Key Ingredient:
We believe in KISS "Keep it simple, stupid". When it comes to web services, there is a barrage of confusing tools and schemas and not to mention that companies had been building their own private-tasks-specific web services. Our key ingredient is simplicity and no nested nor complex schemes that are hard to understand, modify, revise or even follow. KISS = "DAO to XML tags and XML tags to DAO."

The Existing Communication Standards:

       HTTP - Servlets, REST,
       XML Web Services (SOAP, ...)
       RMI
       Our - XML-DAO (XML - using Java Reflection).


Our DAO Security Model - KISS:
Back to DAO:
As we mentioned earlier, Data Access Object (DAO) is that of human cardiovascular system, where DAO objects are the blood cells of the system. Different types of blood cells have different functionality. System tiers, servers, methods, and java object calling or any communication must be restricted to only pass DAO or arrays of DAO. DAO or arrays of DAO will be the only objects moving from one tier to another or one object or method to another. We are proposing the following DAO types:

       Personal
       Business
       Transactional
       Misc

Each categories may have subcategories based on the business processes. Transactional can be subcategorized into Security Information DAO.

Learning for Cloneable interface {}:
A class implements the Cloneable interface to indicate to the Object.clone() method that it is legal for that method to make a field-for-field copy of instances of that class. Invoking Object's clone method on an instance that does not implement the Cloneable interface results in the exception CloneNotSupportedException being thrown.

SecurityDAO Interface {}:
Our Intelligent DAO can be architected-designed to add another security functions or methods by implementing SecurityDAO Interface. The method(s) used will have the dynamic security code for the system security checkpoints to authenticate the security of the passing DAO. This would help secure communication among all the tiers. Tiers checkpoints will be looking for the DAO dynamic security code returned. The security code is the returned value from the call the SecurityDAO Interface methods, otherwise it will throw a security exception. Such a code is the ID to identify the tier, the callers and receivers of the DAO.

In our View our Security Model can be easily implemented and dynamic changed with time stamps which add an addition security layer with minimum coding done to our Intelligent DAO.

       Facebook Facebook Facebook Facebook Facebook
Thinking in
Tiers
Data Access
Object
Interactive
Front
Zeros & Ones
Plus Math
Data and
Databases
Check List Issues
Mobile-Browsers Standardization Templates Conversion Index Performance FAQ
Cloud Intelligent JSP Template Indexing DAO-XML Security Clients
Server Personal Multiple
Languages
Encryption Tracing & Transformation Errors & Logging Future
Security &
Communication
Business Intelligent
Shopping Cart
Compression Data Structures Scalability
(Expandability)
Big Data
Business Transaction Ready to Use
DAO
  Internal &
External
Flexibility CRM
Data Refactoring Server Traffic   CLOB & BLOB Transparency End-to-End
Mapping & Farming       Encryption Availability Intelligence
Web Services       Compression Latency Marketing
New Technologies       Security Brainstorm (Team) Sales

About us Contact Site Map Support Privacy Terms All rights reserved