The Community for Technology Leaders
Green Image
Issue No. 01 - January/February (2006 vol. 10)
ISSN: 1089-7801
pp: 11-13

Programming and Development
IT Architect
November 2005
"AJAX Bubbles, Can it Shine?" by Andy Dornan
Dozens of start-ups are poised to launch a new wave of Web-based applications in 2006 that are eerily reminiscent of failed attempts in the mid-1990s to, for example, replace operating systems with browsers for desktop applications or deliver software as services. However, unlike earlier proposals that used "bloated Java applets or slow server-side scripts," these applications will use Asynchronous JavaScript and XML (AJAX). The start-ups claim the applications load the same way as any Web page in any standards-compliant browser without the need for plug-ins; AJAX allows the client and service to communicate via short messages, eliminating the need to reload the entire page each time a request is sent to the server.
In an effort to reassure critics, some start-ups have posted early versions of their products for testing. Applications include, for viewing and editing .doc files;, for a Web-based spreadsheet;, for a calendar and contact database;, an interface to all four major instant messaging networks;, groupware that behaves like Outlook; and, which gives users an office suite compatible with Microsoft.
PC Magazine
8 Nov.2005
"New Tactic for Fighting Malware," by Sebastian Rupley
Most businesses shield PCs from malware by installing software patches and rebooting. However, that can mean costly downtime for businesses with numerous PCs to patch. Determina, a security software firm, recently announced LiveShield, technology designed to eliminate the need to reboot after applying software patches. Instead of patching programs on disks, LiveShield inserts replacement code for programs running in memory. Consequently, the application holds down the "digital fort until a convenient patch time arises" and rebooting is more convenient.
IT Architect
October 2005
"How Bad Is Intrusion Detection?" by Gary McGraw
McGraw asserts that neither of the current network-based approaches used in intrusion-detection systems works very well. The more common approach uses signatures of known attacks to root out new ones. As a result, McGraw says, the newest attacks easily avoid them. The much-rarer anomaly-based approach learns what "normal" system behavior is, and then finds anything on the network that doesn't fit the norm. The anomaly-based approach is seldom used because there usually aren't "normal" system users, so such a system often mistakenly targets and inconveniences legitimate users as a result. McGraw suggests that the answer lies in shifting attention from data packets to "worrying more about the behavior of the applications that eat the data." He claims that using intrusion-detection technology to monitor what's happening inside an application itself provides a more useful paradigm. However, the primary drawback to that strategy is that it can't be applied to off-the-shelf applications, so its use is limited to customized applications.
Web Services
IT Architect
November 2005
"Which Web Services Protocol?" by Eric A. Hall and Peter Saint-Andre
Today, most Web services are designed with some kind of XML over HTTP. The most common alternative to HTTP is the Extensible Messaging and Presence Protocol (XMPP), also known as Jabber. Given that Web services are becoming more ubiquitous in enterprise applications and that HTTP might not be the right choice for every job, the magazine asked Hall and Saint-Andre to debate the relative merits of using HTTP and XMPP.
Hall, president of the Network Technology Research Group, went to bat for HTTP. He says it's "lightweight, fast, efficient, and has a whole universe of infrastructural support behind it." HTTP is especially useful for Web services that need to support large numbers of lookups over public networks, he says, but it also meets the needs of most public services.
Saint-Andre, executive director of the Jabber Software Foundation, suggests that XMPP is the better choice. Although he acknowledges that XMPP won't replace HTTP anytime soon in most service-oriented architectures, he argues that it would work better for next-generation Web service applications because of its unique set of abilities — strong client and server authentication, built-in compression, and fast message exchange over long sessions.
Dr.Dobb's Journal
December 2005
"Amazon Web Services,"by Ashish Muni and Justin Hansen
ScanZoom, an application from the firm Scanbuy, lets camera phone users launch on-the-spot price comparisons and product reviews by simply taking a photo of a barcode.
Muni and Hansen, the application's developers, explain how Amazon's freely available Web services API helped make ScanZoom a reality. They used Amazon's E-commerce Service (ECS), which provides access to all its product pages as XML. They found ECS simple to integrate into their system because Amazon provides a Web Services Description Language (WDSL) that they connected to their C#.NET development environment. Muni and Hansen also explain that for consistency across different applications, they opted to use SOAP rather than Representational State Transfer (REST) — the architectural style used on the World Wide Web and various other distributed hypermedia systems.
Dr. Dobb's Journal
December 2005
"XML-Binary Optimized Packaging," by Andrey Butov
Although XML is undoubtedly a success as a metalanguage, the difficulty of encoding XML documents with binary data remains a significant challenge because not all data domains are suitable for XML's text-based requirements.
Several approaches exist for addressing the problem of including binary data in XML documents. Butov claims that one of the most interesting is "XML-binary Optimized Packaging" (XOP), which the W3c published as a recommendation in January 2005. He describes the method, which involves placing an XML document inside an XOP package, as well as explains some common arguments against it, including that it optimizes only Base64-encoded data. He ultimately concludes that XOP is a worthwhile approach, in part because it puts the burden of dealing with binary data inclusion into the XOP specification rather than keeping it at the application level.
Alison Skratt is a freelance writer based in Oakville, Conn.
101 ms
(Ver 3.3 (11022016))