CSCI 578 Software ArchitecturesMaterials you are responsible forExamMaterial ReviewSlide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Decentralized AuctioningImpersonationFraudulent ActionsMisrepresentationCollusionAddition of UnknownsSlide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31CSCI 578Software ArchitecturesExam #2 ReviewMaterials you are responsible for•Chapters 9-17 in the text book–Also Chapter 8 on Architectural Analysis since we didn’t cover this in the first exam•All lecture material from Implementation Architectures through People, Roles and Teams (Week 15)•Homework #3 and Course Project•Dan Crichton’s lectureExam•Closed book, closed note•Format–Write in answers–No multiple choiceMaterial Review•Implementing Architectures–Mapping problem of design decisions to implementation artifacts (code, executables, etc.)–Common Element Mapping•Understand how components, connectors, interfaces, configurations are reified in the actual system implementation–One way versus Round-trip Mapping–Architectural Implementation Frameworks•a piece of software that acts as a bridge between a particular architectural style and a set of implementation technologiesMaterial Review•Architectural implementation framework examples–stdio, java.io, iostream => pipe and filter•Evaluating architectural implementation frameworks–Platform support, fidelity, matching assumptions, efficiency, size, cost, ease of use, reliability, robustness, availability of source code, portability, long-term maintainability and support•Middleware–Represents the implementation-level reification of software connectors•New Frameworks–Avoid constructing these unless you have to!Material Review•Implementation Techniques–Detailed description of pipe and filter Lunar LanderMaterial Review•Applied Architectures–8 limitations (“fallacies”) of distributed computing (Deutsch & Gosling)•The network is reliable•Latency is zero•Bandwidth is infinite•The network is secure•Topology doesn’t change•There is one administrator•Transport cost is zero•The network is homogeneousMaterial Review•Applied Architectures–REST/WWW•Architectural principles–Resources, resources include metadata + bits, context free communication (stateless), small set of well defined methods, representation metadata for caching, presence of intermediaries to distributed computation/workload–Akami•Caching of content and localized delivery architecture–Google MapReduce/GFS•Distribution of computation/parallelization and data over a commodity cluster of machinesMaterial Review•Applied Architectures–Grid Protocol Architecture (Globus)–P2P Architectures•Napster, Gnutella•Skype•Bittorrent•Overall takeaways–A great architecture is the ticket to runaway success–A great architecture reflects deep understanding of the problem domain–A great architecture probably combines aspects of several simpler architectures–Develop a new architectural style with great care and caution. Most likely you don’t need a new style.Material Review•Designing for Non-Functional Properties (NFPs)–A software system’s non-functional property (NFP) is a constraint on the manner in which the system implements and delivers its functionality •Example NFPs–Efficiency–Complexity–Scalability–Heterogeneity–Adaptability–DependabilityMaterial Review•Ascertain the role of software architecture in ensuring various NFPs–At the level of major architectural building blocks•Components•Connectors•Configurations–As embodied in architectural style-level design guidelines•Efficiency, Complexity, Scalability, Heterogeneity, Adaptability, DependabilityMaterial Review•Security and Trust–“The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).” •National Institute of Standards and Technology•Design Principles–Least Privilege: give each component only the privileges it requires–Fail-safe Defaults: deny access if explicit permission is absent–Economy of Mechanism: adopt simple security mechanisms–Complete Mediation: ensure every access is permitted–Design: do not rely on secrecy for securityMaterial Review•Security and Trust•Design Principles–Separation of Privilege: introduce multiple parties to avoid exploitation of privileges–Least Common Mechanism: limit critical resource sharing to only a few mechanisms–Psychological Acceptability: make security mechanisms usable–Defense in Depth: have multiple layers of countermeasuresMaterial Review•Decentralized–No centralized authority to coordinate and control entities–Independent peers, with possibly conflicting goals, interact with each other and make local autonomous decisions–Presence of malicious peers in open decentralized applications–Need for measures to protect peers against malicious attacksMaterial Review•Some Threats of Decentralization–Impersonation: Mallory says she is Bob to Alice–Fraudulent Actions: Mallory doesn’t complete transactions–Misrepresenting Trust: Mallory tells everyone Bob is evil–Collusion: Mallory and Eve tell everyone Bob is evil–Addition of Unknowns: Alice has never met BobMarvin(malicious)CarolBobAliceMallory(malicious)DecentralizedAuctioningDecentralized Auctioning•Open decentralized application•Independent buyers/sellers•Potentially malicious participants•Need to counter threatsBobAliceMallory(malicious)“I am Bob”Bob is reliable and everyonehas a good opinion about Bob ImpersonationAlice “buyer”Alice paysfor the itemsMarvin “seller”(malicious)Marvin doesnot ship the itemsFraudulent ActionsBobAliceMallory(malicious)“Bob is unreliable”Bob is reliable and everyonehas a good opinion about Bob MisrepresentationBobAliceMallory(malicious)“Bob is unreliable”Bob is reliable and everyonehas a good opinion about Bob Marvin(malicious)CollusionCarol(new entrant in the system)BobAliceBob has no informationabout Carol; he is not surewhether to interact with CarolCarol is new and does notknow Alice; she is not surewhether to interact with AliceAddition of UnknownsMaterial Review•PACE