Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
What should be the characteristics/features of M2M protocols (MQTT/OPC UA/XMPP) for which the protocols can be compared? I would like to write an article about these protocols and would like to compare them on the basis of these characteristics. You can suggest some characteristics for M2M protocols comparison. such as: Security, Data bandwidth,scalability, over-head in data packets etc. Thanks
A comparison of the M2M protocols based on characteristics, like any other comparisons, should be made in a certain context. In this case, the context refers to the domain or the application domain you are using for building the comparison.
An application for a certain domain usually has a set of requirements that need to be met. Building a list of common requirements is a sensible thing to do. Not only it will improve the structure of the article, but it will also offer the possibility to expand/improve the article as new requirements are being discovered. By analysing these requirements you can find some fine-grained criteria that you can choose to discuss.
Functional requirements
Interoperability
Interface for:
device - gateway,
device - network application server,
device - device
Protocol load: information volume, connectionless/connection- oriented
Routing capability
IP based/non IP based
Communication patterns
Resource discovery
Resource management
Stateful/Stateless
Non-functional requirements
Scalability
Security
Privacy
Lightweight
Real-time
Expandability
Usability
Openness
Reliability
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
In the Micro service architecture , I was reading the concepts the orchestration and choreography. Is any guidelines/suggestions for choosing the Choreography and Orchestration?
Orchestration can be linked with how Orchestra performs i.e when you have control over all the actors in a process - when they're all in one domain of control and you can control the flow of activities. This is ofcourse most often when you're specifying a business process that will be enacted inside one organisation that you have control over.
Choreography is a way of specifying how two or more parties - none of which has any control over the other parties' processes, or perhaps any visibility of those processes - can coordinate their activities and processes to share information and value. Use choreography when coordination across domains of control/visibility is required. You can think of choreography, in a simple scenario, as like a network protocol. It dictates acceptable patterns of requests and responses between parties.
You can choose between Orchestration and Choreography in your Microservices based on what fits best for your use case based something similar lines of above mentioned explanation.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 10 months ago.
Improve this question
When it comes to these principles like architecture and Infrastructure how would you describe them? The actual meaning and in development where its used. So for example is it like infrastructure is the actual website and architecture is the plans or so called blue prints (UML) in the background?
Infrastructure is a word used for the underlying components that support the operation of something. In your example, you said a "web site" - so things like load balancers, web servers, database servers, and the operating systems that run those servers would be included in the infrastructure. This can go more granular, to include the details of the data centers that the servers operate in. [power generators, cooling, etc.]
You are correct in that architecture is use to speak of the "blue prints", or the design of something. UML, which you mentioned, is one way to express and visualize a design. It tries to answer questions like: What are the components? What are the relationships between the components? What do they do, and not do?
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
i'm about to start a project for sharing files, announcements, and other stuff between branches of a company, it must be a web based system, with all the layers as profile management, employee communication, etc... What i don't know is what's the name of this kind of systems? It's a web based system wich will only allow access to the company's personnel(still don't know how to do that - help please), and must connect the different branches.
I think you're making an Intranet Software or kind of that.
Look here:
http://en.wikipedia.org/wiki/Enterprise_social_software
Software examples
Specific social software tools which programmers have adapted for enterprise use include:
wikis
social bookmarking
social search
Web Content Management System
instant messaging
file sharing
So, you are doing a profile management, file sharing...it looks like an intranet.
Example of intranet: http://www.intranetdashboard.com/
A textbook name I've met for these type of systems is "Knowledge Management Information Systems".
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I'm building a solution based on Domain Driven Design, I'm trying to implement the security system (autentication, authorization, roles, system configuration, connection strings, etc..) in a trasversal layer.
The tiers of my application are two projects (ContractsTransversal and Transversal), where the ContractsTransversal project only exposes the services of transversal layer using interfaces (ICaching, ILogging, ISecurity,etc..) but the implementation of those interfaces are in the Transversal project.
The design is based on the book "Guia de arquitectura de Ncapas orienta al dominio" by microsoft, that suggests the implementation of transversal layer across IoC (Dependency Injection) and its relation with all parts of the system are decoupled. I'm doing this, I created my container to implement IoC. I have other projects which have only my business entities like UsersEntity, ProductEntity, etc..
My question is: "Is it correct to have a references of my business entities project to my Transaversal and ContractsTransversal project?"
because in security project I need to know information about the user, roles, permissions, etc..
or what's the best practice to implement security in a domain driven design model?
thanks in advance!
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
Recently, my brother suggested me to use mod_security. I did a research what it truly is and what it does, but I feel very uneasy to decide whether should I use it or not. Here is what in my mind that keep me from not using it.
Slightly affect my website performance. The more rules, the slower it will get.
It does not completely filter all the attacks (it is understandable, because it is not possible for any software to truly protect everything).
Sometimes, it can block innocent users.
Add another software means add another responsibility to maintain it.
Now the real question is:
If mod_security cannot filter everything, and you still need to make
sure your web application is secure, why not properly write a
secure web application without running any Web Application
Firewall?
Since it is our web application, we know better than any 3rd-party software what expected input from users. Having 3rd-party software to detect the attack and then write a input validation in our web application is like a double-check (while it is good, but the performance cost would be double as well).
In the scenario you describe, where you have a custom application written by developers who care about security, I agree that WAFs offer nugatory value as an intrusion prevention system.
The idea that WAFs are effective in automatically providing unknown web apps is industry marketing spin of the worst kind. They provide exceedingly poor performance(*) if not painstakingly configured to fit the application; unless you have a separate security team that has the resources to do that, it is typically indeed better to spend the resources on secure development.
(*: as in protection afforded vs time and custom lost due to false positives; mod_security's core rules are IMO particularly troublesome.)
WAFs are, on the other hand, useful:
as temporary workarounds to allow you to protect legacy and third-party applications with specific known vulnerabilities until such time as they can can be fixed or replaced;
configured as intrusion detection systems, raising alerts rather than blocking, where you have operational resources to follow up and potentially block attack sources.