As the cloud buzz is getting louder with every passing day you are tempted to take the big leap into the cloud but may have restrained yourself paranoid by ad infinitum cloud security discussions floating on the web. No one can deny the fact that your data is the lifeblood your business. So, undoubtedly its security is of paramount importance for survival of your business.  As cloud computing is a paradigm shift from the traditional ways of using computing resources, you must understand its practical security aspects.

Is Cloud Computing Safe?

There can’t be a binary answer (Yes or No) to this question. But with my experience and as an authority on the subject I can tell you that technologies enabling Cloud services are not in any way less secure than the traditional or on-premise hosting model.  Also, with the evolution of technology, the cloud providers are getting matured and almost all the providers are offering built-in security, privacy, data backups and risk management as a part of their core service.If you are not a big IT company then you must ask yourself:

·         Can an on-premise solution or a traditional hosting provider match the same level of standard security and privacy requirement as provided by the specialist cloud provider whose core competency lies in providing state of the art security and privacy?

As someone who works in many facets of the music industry, I used to seethe with a mixture of anger and jealousy when I would hear people in more “traditional” goods-based industries argue in favor of music content-based piracy. They made all the classic talking points, like “I wouldn’t spend money on this artist normally, and maybe if I like it I’ll spend money on them when they come to town” (which never happened), or “artists are rich and I’m poor, they don’t need my money” (rarely the case), or the worst, “if it were fairly priced and worth paying for, I’d buy it” (not true).  I always wondered if they’d have the same attitude if 63% of the things acquired by customers in their industries weren’t actually paid for, as was conservatively estimated as the case for the music industry in 2009 (other estimations put the figure of pirated music at 95%). Well, we may soon see the answer to curiosities like that. Though one can say with tentative confidence that music piracy is on the decline thanks to services like Spotify and Rdio, it could be looming on the horizon for the entire global, physical supply chain. Yes, I’m talking about 3d printers.

Before I get into the heart of this article, let me take a moment to make one thing clear: I think these machines are incredible. It’s damn near inspiring to think of even a few of their potentially world-changing applications: affordable, perfectly fit prosthetic limbs for wounded servicemen and women; the ability to create a piece of machinery on the spot instead of having to wait for a spare to arrive in the mail, or en route if your car or ship breaks down in a far away place; a company based out of Austin, TX even made a fully functioning firearm from a 3d printer a few months ago.

If these machines become as consumer-friendly and idiot-proof as possible (like computers), it’s possible that in a matter of decades (maybe less), a majority of U.S. households will have their own 3d printer. There’s also the possibility they could take the tech-hobbyist path, one that is much less appealing to the masses. Dale Dougherty of Makezine.com estimates there are currently around 100,000 “personal” 3d printers, or those not owned for business or educational purposes. I don’t think they’ll ever be as ubiquitous as computers, but there are plenty of mechanically inclined, crafty hobbyists out there who would love to play around with a 3d printer if it was affordable enough.

That being said, is there reason to worry about the economic implications of consumers making what they want, essentially for free, instead of paying someone else to produce it? Or will the printers instead be used for unique items more so than replicating and ripping off other companies’ merchandise in mass amounts? The number of people working in industries that would be affected by a development like this is far greater than the number of people who work in content-based industries, so any downturn would probably have a much larger economic implications. Certainly, those times are a ways off, but a little foresightedness never hurt anyone!

I will begin our blog on Java Tutorial with an incredibly important aspect of java development:  memory management.  The importance of this topic should not be minimized as an application's performance and footprint size are at stake.

From the outset, the Java Virtual Machine (JVM) manages memory via a mechanism known as Garbage Collection (GC).  The Garbage collector

• Manages the heap memory.   All obects are stored on the heap; therefore, all objects are managed.  The keyword, new, allocates the requisite memory to instantiate an object and places the newly allocated memory on the heap.  This object is marked as live until it is no longer being reference.
• Deallocates or reclaims those objects that are no longer being referened. 
• Traditionally, employs a Mark and Sweep algorithm.  In the mark phase, the collector identifies which objects are still alive.  The sweep phase identifies objects that are no longer alive.
• Deallocates the memory of objects that are not marked as live.
• Is automatically run by the JVM and not explicitely called by the Java developer.  Unlike languages such as C++, the Java developer has no explict control over memory management.
• Does not manage the stack.  Local primitive types and local object references are not managed by the GC.

So if the Java developer has no control over memory management, why even worry about the GC?  It turns out that memory management is an integral part of an application's performance, all things being equal.  The more memory that is required for the application to run, the greater the likelihood that computational efficiency suffers. To that end, the developer has to take into account the amount of memory being allocated when writing code.  This translates into the amount of heap memory being consumed.

Memory is split into two types:  stack and heap.  Stack memory is memory set aside for a thread of execution e.g. a function.  When a function is called, a block of memory is reserved for those variables local to the function, provided that they are either a type of Java primitive or an object reference.  Upon runtime completion of the function call, the reserved memory block is now available for the next thread of execution.  Heap memory, on the otherhand, is dynamically allocated.  That is, there is no set pattern for allocating or deallocating this memory.  Therefore, keeping track or managing this type of memory is a complicated process. In Java, such memory is allocated when instantiating an object:

String s = new String();  // new operator being employed
String m = "A String";    /* object instantiated by the JVM and then being set to a value.  The JVM
calls the new operator */

Millions of people experienced the frustration and failures of the Obamacare website when it first launched. Because the code for the back end is not open source, the exact technicalities of the initial failings are tricky to determine. Many curious programmers and web designers have had time to examine the open source coding on the front end, however, leading to reasonable conclusions about the nature of the overall difficulties.

Lack of End to End Collaboration
The website was developed with multiple contractors for the front-end and back-end functions. The site also needed to be integrated with insurance companies, IRS servers, Homeland Security servers, and the Department of Veterans Affairs, all of whom had their own legacy systems. The large number of parties involved and the complex nature of the various components naturally complicated the testing and integration of each portion of the project.

The errors displayed, and occasionally the lack thereof, indicated an absence of coordination between the parties developing the separate components. A failed sign up attempt, for instance, often resulted in a page that displayed the header but had no content or failure message. A look at end user requests revealed that the database was unavailable. Clearly, the coding for the front end did not include errors for failures on the back end.

Bloat and the Abundance of Minor Issues
Obviously, numerous bugs were also an issue. The system required users to create passwords that included numbers, for example, but failed to disclose that on the form and in subsequent failure messages, leaving users baffled. In another issue, one of the pages intended to ask users to please wait or call instead, but the message and the phone information were accidentally commented out in the code.

While the front-end design has been cleared of blame for the most serious failures, bloat in the code did contribute to the early difficulties users experienced. The site design was heavy with Javascript and CSS files, and it was peppered with small coding errors that became particularly troublesome when users faced bottlenecks in traffic. Frequent typos throughout the code proved to be an additional embarrassment and were another indication of a troubled development process.

NoSQL Database
The NoSQL database is intended to allow for scalability and flexibility in the architecture of projects that will use it. This made NoSQL a logical choice for the health insurance exchange website. The newness of the technology, however, means personnel with expertise can be elusive. Database-related missteps were more likely the result of a lack of experienced administrators than with the technology itself. The choice of the NoSQL database was thus another complication in the development, but did not itself cause the failures.

Another factor of consequence is that the website was built with both agile and waterfall methodology elements. With agile methods for the front end and the waterfall methodology for the back end, streamlining was naturally going to suffer further difficulties. The disparate contractors, varied methods of software development, and an unrealistically short project time line all contributed to the coding failures of the website.