Unit 3

1.a.(i) Explain about CORBA and DCOM in detail with

limitations.

COBRA :
● CORBA is a type of middleware that helps different parts of a program communicate in an
organized way.
● It's like a translator that allows objects in a network to talk to each other, even if they're
written in different programming languages like Java, C++, or Python, and are on different
machines.
● CORBA sets standards for how these objects interact, using a language called Interface
Definition Language (IDL) to describe their structure and communication methods.
● This makes it easier for objects from different systems to work together without worrying
about compatibility issues.

Limitations :
1. Deploying Objects is Complex: CORBA doesn't have a simple way to install and activate
objects, so developers need to come up with their own methods for distributing and setting
them up.
2. Limited Server Features: Although CORBA offers many server features, understanding
and using them efficiently can be challenging.
3. Not Flexible in Extending Object Features: Adding new features to objects in CORBA is
limited and can be difficult to manage, especially with multiple inheritance.
4. Undefined Runtime Services: Some services needed for running CORBA systems aren't
predefined, so developers must create their own solutions for these.
5. No Standard Object Control: There's no built-in way to manage how objects are created
and managed, requiring developers to create custom solutions for these tasks.
DCOM :
● DCOM stands for Distributed Component Object Model, a Microsoft technology that
expands on COM (Component Object Model) to let software components talk across network
boundaries in distributed computing setups.

● With DCOM, you can build applications where components on different computers
communicate seamlessly. Each component is like an object, and DCOM makes it easy to
access and use these objects as if they were local, even if they're on different machines.

● Every DCOM component gets a unique ID (GUID) for network identification. DCOM also
includes features for object activation, managing lifetimes, ensuring security, and supporting
transactions, all to make distributed communication reliable and secure.

Limitations :
1. DCOM works best with Windows but struggles on other platforms.
2. Setting up DCOM can be hard, especially with security and networks.
3. Firewalls can be tricky with DCOM because of how it uses ports.
4. DCOM isn't great for the internet or modern web apps.
5. Newer tech like .NET and Web Services is better than DCOM for many reasons.

1.a.(ii) Short notes on Web services Security measures?

Web services are communication tools between applications, functioning independently of
hardware, software, and programming languages.
Due to their handling of sensitive data accessible online, implementing strong authentication
practices is vital to ensure only authorized users access specific data at appropriate times.
In implementing security best practices for web services, there are generally four main
objectives:
● Data Integrity & Authentication: Use XML signatures to ensure data hasn't been tampered
with during transmission and that it reaches the intended recipient for authentication.
● Data Confidentiality: Encrypt data using XML encryption to ensure it's only readable by the
intended recipient, protecting it from unauthorized access.
 ● Freshness: Utilize nonces and timestamps to validate the freshness of transmitted messages,
ensuring they're only valid for a limited period.
● Availability: Implement measures to prevent Denial of Service (DoS) attacks, ensuring the
web service remains available and responsive to client requests.

1.b.(i) Describe and design of SOA.

A Service-Oriented Architecture or SOA is a design pattern which is designed to build
distributed systems that deliver services to other applications through the protocol. It is only a
concept and not limited to any programming language or platform.

The service consumer sends a service request to the service provider, and the service
provider sends the service response to the service consumer. The service connection is
understandable to both the service consumer and service provider.

Service-Oriented Terminologies ;

Let's see some important service-oriented terminologies:

 ○ Services - The services are the logical entities defined by one or more published
interfaces.

○ Service provider - It is a software entity that implements a service specification.

○ Service consumer - It can be called as a requestor or client that calls a service

provider. A service consumer can be another service or an end-user application.

○ Service locator - It is a service provider that acts as a registry. It is responsible for

examining service provider interfaces and service locations.

○ Service broker - It is a service provider that pass service requests to one or more
additional service providers.

Characteristics of SOA:

The services have the following characteristics:

○ They are loosely coupled.

○ They support interoperability.

○ They are location-transparent

○ They are self-contained.

1.b.(ii) Short notes on Web services technology STACK?

The web services technology stack includes XML and SOAP for data exchange and
messaging rules, WSDL for service description and discovery, and UDDI for directory services.
REST emphasizes stateless communication and JSON for lightweight data interchange, with HTTP
handling requests. Tools like Swagger/OpenAPI aid in API design, while OAuth ensures secure
authorization. The microservices architecture enhances scalability and agility.

Key Points:
● XML and SOAP are fundamental for data exchange and message protocols in web services.
● WSDL describes service interfaces and aids in service discovery and interoperability.
● UDDI serves as a directory service for publishing and discovering web services.
● REST emphasizes stateless communication, resource-oriented design, and JSON data
interchange.
● HTTP handles requests and responses efficiently in RESTful services.
● Tools like Swagger/OpenAPI enhance API design, documentation, and testing.
● OAuth provides secure API authorization mechanisms.
● Microservices architecture enhances scalability, agility, and continuous delivery in web
service development.