Tag Archives: cloud

Maximizing the value of cloud-based development and testing environment

Historically, development and testing environments have been built and managed at the project level, and often remain underfunded, under-resourced and underutilized for significant periods of time. The development and testing demand and the IT infrastructure management processes differ in their DNA. Development and testing is unpredictable and has variable demand cycles while the IT managers look at smoother predictable operations, gradual capacity building and higher utilization. Despite being a crucial IT function, the inability to quickly provide the capacity needed by development and testing teams delays the application development life cycle and hampers the delivery of an application quickly and efficiently.

As the pace of change and the level of competition is growing, businesses today need agile IT environment to match the highly dynamic and resource intensive needs of the application development and testing – a business critical function.

According to Gartner, cloud and mobility will drive the worldwide application development market to exceed USD 10 billion in 2013. By leveraging cloud, developers, test engineers, and QA teams can develop and perform extensive scenario testing in shorter cycles. Here’s how:

Cloud provides developers and test engineers with a self-service model for requesting and almost instantly receiving resources from within a pool of secured, shared and scalable infrastructure resources. This capability can shave days or even weeks off of application development project times, speeding time to market. Cloud also enables these teams to build configuration templates and machine snapshots in seconds, run them in parallel, and customize them to meet the needs.

Test engineers can quickly deploy configurations and scale performance on-demand heavy load testing, saving time and operational costs over traditional on-premise development and testing environments.

Benefits of moving development and testing to the cloud include:

• Achieve faster time-to-market and greater flexibility for new products and services.
• Automate approval workflows and reduce the cost of IT infrastructure management.
• Enhance ID & Access control and safeguard data with a private or a hybrid solution.
• Utilize infrastructure capacity efficiently with granular monitoring and management of infrastructure resources.

Considerations for cloud-based development and testing

While development and testing in a cloud-based model addresses the traditional roadblocks of cost, scalability, and lack of process and methodology, it has its own challenges:

Security & Control – Businesses may have applications that need to comply with regulatory and corporate restrictions around security and data privacy for e.g. access control for offshore and sub-contractors or an applicable local law that mandates compliance to data residency and hence restricts usage of a public cloud for data/devices. These may not even move to an off-premise cloud instance for development and testing because of proprietary/legacy systems, as well as intellectual property security considerations. In addition, control & governance mechanism needs to be set for integrating workflows, identity management, usage metering, chargeback, etc. to ensure efficiency and quality.

Interoperability – Businesses may be confronted with issues surrounding legacy systems development & testing on the cloud as connecting to legacy systems from the external cloud may pose interoperability issues. The ability to integrate with existing systems and share data between different platforms may need multi-tier technology architecture.

Performance – As development and testing environment on cloud maybe shared by numerous users, there may be cases where businesses may have to wait for the required bandwidth. Uptime is an important consideration when developing and testing on the cloud to assess the performance characteristics of an application. The IT admins have to ensure that underlying hardware provides adequate performance levels across storage, network and compute in a private cloud, while such tweaking may not be available in a public cloud.

Monitoring – Monitoring of application, which is in a distributed format, one spanning multiple servers, on multi-cloud environment or accessing multiple applications through web services, becomes difficult from a performance, security and availability perspective. A full-featured logging and tracing mechanism for troubleshooting becomes imperative. Measuring the cloud utilization by various teams and business units enables better capacity planning for future.

Management – Servicing and managing development and testing environment has been challenging because of the bursty workloads and the dynamic service requests. The current processes are designed around current IT service delivery models. The processes such as provisioning, procurement, configuration and de-provisioning of the resources are manpower intensive at the transactional levels and automation is limited by the technology. While cloud provides a wide variety of build/integration systems, test harnesses, and development and testing tools, there is still a need to bring all of this together in a turnkey and managed model to reduce the burden of managing development and testing infrastructure on cloud.

Developing for the cloud

– Developing applications to run on cloud is different from developing applications for a traditional or virtualized IT environment. Developers must build applications that consider resource unavailability and is able to recover from such incidences. For e.g. a multi-tier application should be loosely coupled and ready for any other tier failure. The application should be built in a way that allows multiple instances of a component to run concurrently so that in case an instance fails, the components could easily switch to another instance.

Critical Success Factors

A thorough planning and selecting the right technology and cloud service provider must be done in order to maximize the value of the cloud-based development and testing environment.

To understand cloud-ready environments, some key architectural requirements of a cloud-based development and testing environment must be known:

+ What hardware/compute resources will be used and will it be capable of achieving development and testing objective?
+ What resources (wiring and cabling, SAN and storage, rack space etc.) will be needed before any servers or workloads are installed?
+ What networking and data storage capabilities in terms of capacity will be required?
+ What workloads/applications will be placed in the cloud?

Businesses must make sure that the cloud-based development and testing environment is aptly architected for hybrid environment and does not lead to application performance degradation.

Once the development and testing environment in the cloud is established, businesses must take into consideration the following to ensure an agile development and testing life cycle:

+ Template library of ready-to-use VMs, defining server, capacity & storage requirements along with application components, must be created. Such templates allow team members to quickly duplicate environments and streamline provisioning.

+ Services in the cloud should be integrated with the right chargeback/metering processes and tools. This will enable enterprises with the financial thresholds and control of costs in the development and testing cloud.

A comprehensive cloud solution for development and testing provides increased control over projects, speed of deployment, ease of collaboration, and the ability to access environments on demand, enabling efficient and quality application development and testing.

Source: http://www.informationweek.in/cloud_computing/13-02-08/maximizing_the_value_of_cloud-based_development_and_testing_environment.aspx

Did you like this? Share it:

Cloud Testing: Issues and Challenges

Bangalore: Over the past few years, Cloud has evolved as a buzz word in most of the IT industries. Testing in the cloud has greatly reduced the cost involved especially for mobile applications. Cloud manifests itself in three forms viz. Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS). However, Software-as-a-Service and Infrastructure-as-a-Service has recently emerged as the most important software testing services.

Jerry Gao, Xiaoying Bai and Wei- Tek Tsai in a white paper titled “Cloud Testing – Issues, Challenges, Needs and Practice” published in Software Engineering: An International Journal highlights the major issues and challenges in cloud testing.

1. On – Demand Test Environment Construction
The question that often arises is how to build a testing environment for on- demand cloud testing services which is either systematic or automatic. According to Gao et al, the current cloud technology does not have any supporting solutions that will help cloud engineers build a cost effective cloud test environment.

2. Scalability and Performance Testing
A survey by Gao and others found that many of the published papers have discussed about performance testing and solutions; however, they only “focus on scalability evaluation metrics and frameworks for parallel and distributed systems.” The current metrics, frameworks and solutions, does not support the features such as dynamic scalability, cost – models and others.

3. On – demand Testing Issues and Challenges
Software testing services in TaaS should be controlled and managed by keeping in mind the on demand testing requests and this raises many issues and challenges such as identifying the test process for TaaS which will support on-demand automated testing, or to identify the various approaches to help engineers cope with the breakdown of test cases or test scripts.

4. Regresson Testing Issues and Challenges
Software challenges and bug fixing brings in regression testing issues and challenges. The on – demand cloud testing services should address the various issues and challenges.

Source: http://qa.siliconindia.com/news/Cloud-Testing-Issues-and-Challenges-nid-137698.html

Did you like this? Share it:

Performance testing in the cloud

As cloud computing continues to mature, one is hard pressed to identify a class of enterprise software that is not delivered and consumed as a service. Performance and load-based application testing, important parts of ALM, can be counted among these cloud offerings. Moving these functions to the cloud offers typical cloud benefits, most notably lowered capital and operational costs, and support for distributed development teams. But cloud-based testing also changes the way the tests themselves are performed. These changes come at a time when more and more organizations are looking at software as their competitive differentiator.

“Every enterprise is a software company, regardless of what they’re vertical is. Many of them are building more lines of code than major software companies per year. Software is the competitive difference in what everyone is doing now,” says Theresa Lanowitz, founder and analyst, voke.

One of the biggest challenges in application lifecycle management (ALM), according to Lanowitz, is performance. “Performance will make or break whether or not someone is going to use your app. If you think about the type of apps you use – enterprise or personal apps – performance is the determining factor, so make sure that performance is there and that you’re able to test appropriately for performance.”

This is especially true of Web and mobile applications. Fortunately, cloud-based performance and load testing tools make it easier than ever before to ensure that internal enterprise apps as well as external customer-facing applications can handle user demand. There are three characteristics of cloud-based testing services that change the way http and https applications are tested:

Testing at scale

Cloud-based testing providers offer a cost-effective means of testing applications at scale – as opposed to a lab environment that simulates a small subset of the production environment. This means that instead of testing an application against a portion of users and extrapolating that data to scale with a production environment, the cloud-testing provider can test your application against the actual number of expected users. SOASTA, for example, offers CloudTest, a functional and performance testing service for Web and mobile applications. In the case of performance testing, SOASTA uses cloud servers to simulate traffic that would come from users visiting a website.

Testing globally

Similarly, cloud-based testing tools enable testing on a global scale, thereby reflecting the regions from which users are accessing the application. This is often done through partnerships with other cloud providers, such as Amazon and Rackspace. For example, Blitz by Mu Dynamics allows customers to run load tests constituting millions of concurrent users coming from multiple continents.

Testing production apps

In addition to testing test and stage applications, cloud-based testing tools can be used to test production applications. This is, according to Sven Hammar, founder and CEO of Apica, “where you have all the complexity, all the right servers, the right number of users, and you get more feedback on the problem.” When testing in production, you’re testing at maximum capacity, and different problems arise than those that are encountered at medium capacity. As a result, you get a more realistic picture of what can go wrong and the ability to make adjustments before problems occur with users.

Advice for using Software Testing as a Service

When it comes to using tools like SOASTA, Blitz and Apica, Lanowitz offers several recommendations. First off, she says, “When using a test tool in the cloud, make sure you understand how licensing is working. How are you going to pay that vendor for using that tool in the cloud? Understand what you’re paying that tool vendor for and how your costs are going to be affected as you attempt to test for more users. Be aware of the hidden costs and be able to identify what your total cost is going to be.”

Secondly, Lanowitz advises organizations to understand the software vendor’s roadmap, including how they plan to put out different communications for the development lifecycle and how tests are reported. “Understand how to interpret, read and act on the advice from the tool,” she says.

Finally, “Do a proof of concept when adopting a new tool,” says Lanowitz. Determine the two or three tools that you think you might want to adopt and do a proof of concept on each one, looking at integration with other tools in use, how the tool works with your different platforms and, again, understanding the costs and how you’ll be paying for them, she says.

Source:http://searchsoftwarequality.techtarget.com/feature/Performance-testing-in-the-cloud

Did you like this? Share it:

IT security problems shift to the cloud

The internet "cloud" has created a new range of security issues, experts say.

The internet "cloud" is the hottest topic in computing but the trend has created a new range of security issues.

The cloud is associated with things like personal emails and music which can be accessed on computers and a range of mobile devices.

But US military and government agencies from the CIA to the Federal Aviation Administration also use cloud systems to allow data to be accessed anywhere in the world and save money – and, ostensibly, to enhance security.

Microsoft, Google, Amazon and others are major players in the cloud, which seeks to transfer some of the data storage issues to more sophisticated data centres.

Firms like Oracle, SAP and Salesforce.com offer cloud services for business.

Strategy Analytics forecasts US spending on cloud services to grow from $US31 billion in 2011 to $US82 billion by 2016.

But some experts say the security implications of the cloud have not been fully analysed and the cloud may open new vulnerabilities and problems.

"I don’t think any system is absolutely secure," said Stelios Sidiroglou-Douskos, a research scientist at the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Laboratory.

"The analogy most people give is having a lock on your door.

"It’s not a guarantee no one will break in but it’s a question of how much time it will take, and if your lock is better than your neighbour’s."

In a cloud environment, "this makes the job of the attacker so much harder, which means the amateur hacker might be obsolete," said the scientist, who is working on a US government-funded research project to develop "self-healing" clouds.

But if a system is breached, analysts say, the amount of information lost could be far greater than what is in a single computer or cluster.

"You can have better defences" in the cloud, "but if an attack happens, it’s highly amplified," says Sidiroglou-Douskos.

The four-year MIT project funded by the US Defense Advanced Research Projects Agency seeks to develop systems that automatically fix data breaches in a manner similar to "human immunology," says the researcher.

A number of cloud security breaches have raised concerns, including attacks on the Sony PlayStation Network, LinkedIn and Google’s Gmail service.

One hacker recently claimed to have stolen credit card numbers from 79 major banks.

"Crimes target sources of value. Large company networks offer more targets to hackers," says Nir Kshetri, a professor of economics who studies cybercrime at the University of North Carolina at Greensboro.

"Information stored in clouds is a potential gold mine for cybercriminals."

Kshetri said in a paper submitted to the journal Telecommunications Policy that when questions come up, "the cloud industry’s response has been: Clouds are more secure than whatever you’re using now. But many users do not agree."

Marcus Sachs, former director of the Sans Technology Institute’s Internet Storm Center, said the cloud may be more secure but it also creates new questions.

"In the cloud, you don’t necessarily know where your data sits," Sachs told AFP.

"That doesn’t make it less vulnerable to attack, but there are questions when it comes to (an) audit, or if you want to take the data back or destroy it, how do you know you’ve erased it?"

Sachs said that analysts have also discovered "fake clouds" which are offered as low-cost alternatives but are in fact operated by "criminal groups which monitor and steal the data."

"We have seen instances of this not in the US, but in the former Soviet Union and in China," he said.

Still, the cloud market is growing rapidly, with companies and government agencies moving to either "public" clouds that are easily accessed or so-called "private clouds" that are segregated from the internet.

Some analysts say other issues need to be resolved about cloud computing, such as who is liable if data is lost, and how data can be accessed for government investigations.

Outages have recently affected Apple’s and Amazon’s cloud services, causing some websites to be affected.

"Privacy, security and ownership issues in the cloud fall into legally grey areas," Kshetri says.

Sidiroglou-Douskos says there is no single answer for people or companies choosing between cloud systems and holding the data themselves.

"If you are trying to protect yourself from the government, then having it in the public cloud makes it easier for them to get it," he said.

"If your main worry is a hacker in Russia, maybe (cloud) infrastructure is better for your own security."

Source:

http://www.sbs.com.au/news/article/1662840/IT-security-problems-shift-to-the-cloud

Did you like this? Share it:

HP brings performance testing to the cloud

With more applications being built for the Web, performance testing is critical to determining the proper approach to scaling both applications and infrastructure. But for many years performance testing was largely a rich-man’s game, primarily because of the expense of setting and maintaining a large server infrastructure that can simulate real-world traffic.

Hosted testing solutions make a lot of sense from both the user and provider perspective. Considering the vast computing power available at your fingertips there are few reasons why you would want to own the infrastructure, or not take advantage of the latest offerings from providers both large and small.

To that end, Hewlett-Packard is slated on Wednesday to announce LoadRunner in the Cloud, a new application performance testing suite running on Amazon Elastic Compute Cloud (EC2).

Ironically, HP is extremely late to the game despite having long held the lead in performance testing via its acquisition of Mercury Interactive in November 2006.

A number of companies, including Sauce Labs and BrowserMob have seen a great deal of success with their cloud-based offerings. And each player brings a unique angle to the offerings. Sauce Labs is based on the open-source Selenium project and gives users the option to run the code themselves or consume it as a service, whereas BrowserMob has expanded into offering monitoring in addition to testing.

Overall, performance and other testing via cloud-based services remains one of the more logical, accessible use cases to prove out the cloud as a necessary part of one’s infrastructure.

To it’s credit, HP has been making some moves into the cloud ecosystem, but there is still a long way to go for any tech vendor trying to usurp Amazon’s domination as a provider of cloud infrastructure services.

Source:http://news.cnet.com/8301-13846_3-20005276-62.html

Did you like this? Share it:

Cloud security testing strategies

Many companies are hesitant to move applications to the public cloud or use Software as a Service (SaaS) cloud applications, for fear of not being able to implement or test appropriately.

While much of that fear is based on the unknown, there are strategy changes companies should take to ensure their cloud application is properly security tested. In this expert response I will outline a few of those cloud security testing strategy changes.

Before you do anything, review the contract signed with your hosting company. Many hosting contracts require notification prior to security testing. Be clear with your company and your hosting company prior to performing any testing – outline the scope, tools involved, anticipated network load (if any), types of attacks you expect to perform, etc. If your company, or the hosting provider, has IDS or IPS technologies in place, you will need to agree on a window during which those tools will need different monitoring thresholds. Err on the side of over-communicating to avoid the element of surprise.

Remember: you don’t own the infrastructure. Your cloud solution, whether hosted at your company or at a cloud provider, will be hosted in an environment you may not be familiar with. As such, keep in mind that your testing coverage will change. Whereas internal application security testing often stopped at the application boundaries, your cloud application testing will need to probe around the edges of those boundaries. Testing for network, logical and even architectural security risks will be a very important strategy. In a way, it is a benefit to you that you can’t depend on the same networking infrastructure as your intranet. This forces you to think outside the box and test more thoroughly.

Another consideration is the need to decide between whitebox or blackbox testing. In blackbox testing, the penetration tester knows as little about the system as a real-world hacker would know. This is advantageous because, as you discover and exploit vulnerabilities, no one can challenge your report by claiming “an attacker wouldn’t know to do that.” On the other hand, whitebox testing is advantageous in that it is much faster. Not only is reconnaissance and server discovery accelerated, it’s easier to prioritize test efforts.

A big challenge to cloud security testing can be the lack of application logging to aid in focusing and enhancing your test efforts. Performing security testing in an isolated development environment means you will be able to tail logs and see evidence of your attacks’ outcomes. In a cloud environment, you will rarely be grated this level of access. Therefore, you will only be able to gauge attack success by the application’s behavior. Some tests are such that providing input into control A on screen Z will result in invalid data on page P. Be familiar with the data flow within your app and expect to have to poke all around the app to complete your testing.

In conclusion, security testing in the cloud does change things, but it’s not impossible. It’s important to plan ahead, to communicate the changes in your test strategy, and to set appropriate expectations with your management. Above all, it is critical to communicate before and during your testing—primarily with your cloud provider, but also with your IT and security organizations.

Source:

http://searchcloudapplications.techtarget.com/answer/Cloud-security-testing-strategies

Did you like this? Share it:

Top 7 dilemmas facing today’s developers

Your boss wants it yesterday, but it better be good when judged by the standards of tomorrow. Your customers want every feature they can imagine, but don’t you dare confuse them by giving them all the buttons they want. Your fellow programmers want your code documented, but they just respond "tl;dr" to anything you write.

As technology evolves, so too do the dilemmas developers confront. Every choice, from platform to data store to how much control to give your users, is fraught with questions. And thanks to the cloud, the rise of mobile tech, and the hastening cutting edge, it seems as if the programming world faces a new choice — and dilemma — at an increasing pace.

Packaging your problems and giving them a name can help you manage them and maybe even find solutions, or so they say. Toward that end, here is a list of the most significant dilemmas facing programmers today. It is by no means complete — then again, what project related to application development ever is?

Got another dilemma? Add it to the comments.

Developer dilemma No. 1: When to say when on feature requests
If we had a dollar for every feature our customers wanted, we’d still be broke because that would require building an accounting system that matched each dollar with each feature. These would then need to be cross-linked and prioritized because our customers would also demand a sophisticated bug/feature management system for their dollar. Then the database of wanted features would need to be backed up to some cloud and translated into every language.

This is the dilemma: Everyone wants feature-rich code, but no one wants to pay the cost of managing all of it. Anyone who’s tried to build something as simple as a four-button remote control app knows how many zillions of designer years it takes to create something that simple. Making something elegant requires sweat that soaks through everything.

Consumers, the marketing department, sales reps in the field — it doesn’t matter who makes the request. Giving them the button they want may actually be the worst thing you can do for them. Suddenly there might be too many buttons and too much confusion about what each button does. The ideal is to make something easy enough to understand intuitively, but alas, creating something intuitive for those who are prone to ask too much of their software is all but impossible.

You’ve tried quoting the old "rule of 10,000" to your boss. This states that anything worth doing requires at least 10,000 hours of work to become competent. That just brought a laugh because that app store customer or coworker in accounting is going to spend more time drafting a nasty review or email than trying to understand the features you’ve collected in your app, even if they’re features the users said they want.

Sadly, the ideal can often be to convince your customer they don’t actually want the feature they’ve requested. After all, Twitter continues to offer a feature-poor system that imposes a 140-character limit, laughable in the era of terabyte disk drives. Yet it sails on, serene in the knowledge that all those attempts at providing new features are examples of trying too hard.

If only this solution to the dilemma of unending feature requests was available to us all.

Developer dilemma No. 2: How much documentation is enough?
I was sitting in a meeting with an aggressive project manager who really wanted to stick it to a competing project manager. This manager promised that the code coming out of his team would have "documentation," he said, before pausing like James Bond introducing himself and saying, "Extensive documentation."

The only thing worse than no documentation is a bookshelf filled with binders stuffed with extensive documentation. Some project managers love to measure their progress by the pound, and they see more words as better words. Anyone who’s slogged through "Moby Dick" in high school English knows the feeling.

We want to know information about the code, but no one has an acronym for Too Little Information. Everyone on Facebook knows the initials TMI.

There is no easy answer for the programmer. Ideally, the code is clean enough and self-documenting enough to avoid the need for long paragraphs explaining just what the code is doing. Code-based documentation doesn’t get left behind like text documentation when someone rewrites the code but doesn’t get around to the text.

There is hope that an even smarter collection of debuggers and code-analyzing compilers will be able to do a better job understanding our code. The latest versions of the virtual machines keep copious records of which routines are executed. While most of the emphasis is on performance, this kind of meta data can be more useful than real documentation by identifying when data is changed.

But it will be years before we can drink the Kool-Aid and dream about artificial intelligence understanding our code. For now, we’re stuck with the problem of how to create just enough documentation to keep everyone happy without shortchanging the feature set.

Developer dilemma No. 3: To the cloud, or not to the cloud?
It’s so much easier to call up a new server from the cloud than to fill out a requisition form and ask the server maintenance folks to buy a new one. You push a button and you have your own server.

Alas, this approach can be costly. The servers may be only a few pennies for an hour, but they add up when everyone wants their own cluster for each project. The next thing you know, there are hundreds of servers in the cloud, most of them created by people who left for other jobs several years ago. It’s cheaper to keep paying the bills than to figure out what they do.

To make matters worse, the servers aren’t your own. Some companies are famous for writing terms of service that are very one-sided, claiming, for instance, the ability to shut down your machines for "no reason." That seems to be changing as cloud vendors recognize that such overreaching drives away the customers with the most money. But no one knows what happens if you encounter problems in the cloud. Sometimes it helps to control the paycheck and retirement funds of the person responsible for the server staying up.

The more you outsource, the more you lose control and spin your wheels trying to recapture it. The less you outsource to the cloud, the more you spin your wheels keeping everything running.

You’re damned if you do, damned if you don’t.

Developer dilemma No. 4: Maintain old code, or bring in the new?
One of the deepest challenges in running an enterprise stack of software is deciding when to stick with the old and when to switch to the new. Every line of code in the stack is getting older by the minute, and while you might not think so, the reality is that software manages to find a way to go bad, little by little.

The old code really does stop working. Partners start offering slightly different services and sometimes stop supporting features altogether. Twitter, for instance, locked out people who used its old API when the company started insisting on using the OAuth API. These stories are repeated again and again.

The trouble is that replacing the old with the new can be expensive. Programmers of the new are usually forced to maintain compatibility with old code, a challenge that often requires writing two programs: one filled with the old bugs and one filled with new ones that haven’t been discovered yet.

To make matters worse, the new code is often held to higher standards. I’ve seen new fancy AJAX masterpieces that run much slower than old green-screen mainframe code all because they have fancy buttons and tons of images that push the video card. The look is slicker, but the feel is slower.

There is no easy answer to this dilemma. The old code still works. We like it. It’s just that it’s not compatible with the new version of the operating system or a new multicore chip. The new code costs money. We can usually fix a number of glaring problems with the old code, but who knows what new problems might appear?

Developer dilemma No. 5: SQL vs. NoSQL
There is one big challenge for the database administrators of the world: stick with tried-and-true SQL or switch to trendy NoSQL where everything is bigger and ready for endless streams of data.

The new NoSQL databases sound attractive. They can be much faster than older databases, and they often force users to avoid many of the problems that caused so much trouble in the first place. JOINs, for instance, can slow down a database if the schema gets too complicated. NoSQL tosses them out the window along with many parts of the schema. You can store any key-value pair you like, and the NoSQL database will come up with the answer.

But if you look closely, the NoSQL databases aren’t always so wonderful. First, they often don’t offer guarantees that the data will be recorded. It probably will be OK, but not if something happens to a hard drive or a computer in the cluster. Some of the newer NoSQL options from companies like Oracle allow you to ask for a transaction confirmation, but your code will need to twiddle its thumbs and wait just like the code that uses a SQL database.

There are deeper issues. Many of the speed problems came about because programmers didn’t think about the subtle effects of SQL. The way you structure your tables and queries can make a big difference in performance. Linking together multiple tables and forcing the database to JOIN the information slows things down.

But if you try to accomplish the same thing with a NoSQL database, you’ll often be writing data in and out of multiple places and hoping it will all stay consistent. You get to do all of the work of JOINing disparate sections of the database, and that probably means you’ll pay the cost in speed. If you are aware of this and are able to think through the trade-offs when designing code, you’ll be OK. But if you’re not, you may find that your code is even slower and buggier. The database won’t enforce the transactions, and you’ll need to do it yourself.

This dilemma has a simple answer: Applications that need better consistency should rely upon the transaction guarantees of older SQL machinery. Applications that need speed and can handle a few scrambled records can choose the newer NoSQL datastores. But if you need speed and consistency, you might as well start pulling out your hair.

Developer dilemma No. 6: Go native, or target the mobile Web?
In the beginning, Apple wasn’t going to let anyone develop apps for the iPhone. If you wanted to target the iPhone, you needed to write HTML5 for Safari. It was an elegant answer with a well-understood sandbox for developers to use.

Alas, no one was happy with the locked-down platform. People wanted to write native code, a pathway certainly essential for fast games and useful for slower applications that let you browse information. Apple relented, and now we have the App Store.

The trouble is that the code for the iPhone won’t work on other smartphones and vice versa. Any company that wants to target multiple manufacturers must rewrite their application — a long, slow process prone to incompatibilities. Plus, it’s double or triple the work.

HTML5 is a nice option. If you can write your application as a Web page, there’s a good chance your users can pop them open in the smartphone’s browser. There are already a number of great frameworks that make this a bit smoother.

The trouble is that it’s not necessarily in the interests of the smartphone manufacturers to embrace this interoperability. If the phones are going to stand out, they’ll need to offer something special, and that usually means something different. That won’t happen if everyone runs the same HTML5 apps.

There are plenty of rumors that the performance of HTML5 on the smartphones is not as good as it could be. Some suggest that the HTML5 engines are a bit slower. There is no easy way to test this or even understand the motivation behind any sloggy code. In many cases, the HTML5 is slower because it’s interpreted instead of compiled directly for the hardware.

The answer to this dilemma is guessing how important performance will be to your mobile app. If it’s essential, then custom-compiled native code is the answer. If it isn’t, you have some leeway to explore HTML5.

Developer dilemma No. 7: How much control should users really get?
Software users are like teenagers, it’s said: They want all of the freedom they can get, but they expect you, the good parent, to rescue them from harm. They want all of the advantages of the walled garden, but insist on being able to slip through some backdoor whenever it suits their fancy.

The issue of control is a difficult one for programmers. The ethos of open source permeates the culture, with its insistence that everyone should be able to recompile the stack and tweak anything to fit. Alas, the average user can’t make use of this power no matter how much they want it. Even most programmers have to spend hours finding the right versions of the libraries and the latest edition of the compiler. Control means nothing if you don’t have the time to use it.

Some companies are pushing the ideal of open databases. We’re all supposed to be able to download the information about us. Alas, most of us can’t do anything with the information, and the only ones with the time and energy to use these open doors are other companies.

There is no answer to this dilemma. If you give your users control, they’ll complain about the UI and the features they didn’t get. If you don’t, they keep nagging you for it.

Source:

http://www.javaworld.com/javaworld/jw-05-2012/120521-top-dilemmas-for-developers.html?page=1

Did you like this? Share it:

Google Drive: Hybrid of Cloud Storage and Cloud Computing

Google last week announced its long-awaited Google Drive, which lets you store files on it servers, sync them to other PCs or Macs, and open them on Android devices and — soon — on iPhones and iPads.

It’s similar to services such as Dropbox, SugarSync and Trend Micro’s SafeSync, but it’s also integrated into what used to be called Google Docs, which makes Google Drive a hybrid between a cloud storage service and a cloud computing platform.

While other services mostly store your files, Google Drive — with some file types — also allows you to view and edit them because of the Google Docs integration. Google Docs was Google’s Web-based computing platform for creating, editing, storing and sharing documents, spreadsheets, presentations, drawings and forms.

This integration can lead to a bit of confusion. To the extent that Google provides cloud-based software for such tasks as word processing and spreadsheets, it’s actually functioning as a remote computer. But when it’s just storing files you create on your PC, it’s acting as a network storage device.

Just as with Dropbox and most competing products, Google Drive’s installation software creates a folder on your machine’s hard drive called Google Drive, and any files that you store in that folder are synced to Google’s servers. If you have Google Drive on more than one computer, the files are synced to that machine too.

To test it out, I started writing today’s column using Microsoft Word on my Mac. I saved the Word file to Google Drive and then walked over to my Windows PC where the file was already waiting for me in that machine’s Google Drive folder.

I then walked over to my wife’s PC, which doesn’t have Google Drive software installed, and accessed the file by logging into the Google Drive website. I was immediately able to read the file. But to make changes, I needed to either export it into a Google document or download it to her PC to open with Microsoft Word. Either way, I had immediate access to the file, but the process was far from seamless because now I had two files — the original Word file and the Google document that I had just edited.

http://www.huffingtonpost.com/larry-magid/google-drive-review_b_1471827.html

Did you like this? Share it:

McDonald’s to test cloud-based NFC payments in Austria

A Paybox NFC terminal

Austrian mobile network operatorA1, a subsidiary of Telekom Austria Group, has announced that fast food giant McDonald’s and supermarket chain Merkur have signed up to take part in the pilot testing of a new mobile payments service calledPaybox NFC.

Like many NFC payments services being rolled out in Europe, the new service enables payments of up to €25 to be made without the need to enter a PIN. Unlike most others, however, the service is not based on EMV ‘chip and pin’ technology and doesn’t use either Visa’s PayWave or MasterCard’s PayPass solutions.

Instead, Paybox NFC processes payments ‘in the cloud’ and merchants use a small Paybox NFC unit to handle mobile payments, rather than a contactless EMV point-of-sale terminal.

The service is offered by A1 in conjunction with Paybox Bank, a wholly owned subsidiary of Telekom Austria which holds a full Austrian banking license and already offers a range of non-NFC mobile payments services. The service works with both NFC phones and contactless stickers — A1 currently offers five models of NFC phone: the HTC One X, Sony Xperia S, BlackBerry Curve 9360, BlackBerry Curve 9380 and the BlackBerry Bold 9900.

To use the service, consumers will need an account with Paybox and to designate a bank account from which payments will be deducted. The customer’s Paybox account number and their mobile phone number are then coupled together in the back office and the consumer downloads the Paybox app to their mobile phone — no other identifying data, such as their bank account or mobile phone number, is stored in either the contactless sticker or the secure element on their NFC phone.

Payments made with Paybox NFC are deducted a "few days later" directly from the bank account designated by the consumer when they opened their Paybox account. All data transmitted is encrypted, purchases are limited to an overall daily total of €50 and small purchases can be ‘rolled up’ so that one debit from their bank account is made for multiple transactions. Each payment take just half a second to process and customers receive a text message after each purchase, to confirm the amount charged.

http://www.nfcworld.com/2012/04/24/315260/mcdonalds-to-test-cloud-based-nfc-payments-in-austria/

Did you like this? Share it:

May 2013
M	T	W	T	F	S	S
« Apr
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31