2. The client tier shows clients in front of and behind a firewall. What are the
implications of this in practice and under what circumstances might each approach be
appropriate? (5 minutes discussion)
Firewall is a software or hardware device which is used to control inbound and outbound access
to and from a network.
- Package from certain apps can be taken as always safe
- Connection to/from certain IP/port can be taken as always safe
- Only package matching certain security rules (only SMPT mail gets to SMPT port, not of
a known virus, not of a known phishing site etc.) will be allowed to pass by.
Client in front of firewall (no firewall): freely connect to Servlet/EJB but vulnerable to attacks
like phishing (thinking you’re shopping at Amazon but instead of a fake provider) or even fake
EJBs
Client behind firewall: must be configured to work across a bunch of port to work with EJB, or
- Use servlet (deployed after host’s firewall) as proxy
- Use RMI-HTTP tunneling
- Use web services
3. The two core components of the middle tier are the Web Container and EJB
container. What are the benefits of separating these concerns and how does this differ
from something like ASP or PhP? (5 minutes discussion)
An old question of benefit of 3-tier instead of client-server. By introducing an application server
component:
- Isolation of security (firewalled independently)
- Reusability of code of business tier
- Maintainability & deployability by specialization of roles
- More WODA (separate products for web & EJB)
4. Discuss the other aspects of the middle tier that were not addressed in the previous
question.
You don’t need the web container to access to the EJB container
5. Many ‘EIS’ systems are relational databases but this is not always the case. Describe
some different types of EIS systems, or if you are not familiar with any try to guess
what sort of systems (other than relational databases) could have been used in the past
or might be used in the future. (1 minute discussion)
An Enterprise Information System is generally any kind of computing system that is of "enterprise
class". This means typically offering high quality of service, dealing with large volumes of data and
capable of supporting some large organization ("an enterprise").
Examples: ERP (SAP, Oracle), CRM (MS Dynamics), document management (Documentum, SharePoint,
Alfresco), accounting (quickbook), database
Find and bookmark in appropriate subfolders (so that you can demonstrate them later) 2 sites
each for ANY SIX of the business models discussed in lecture one. Note that you should
choose models other than the portal model (since you will need Google etc. to find the sites)
and should try to find links that are not listed in the notes.
Once you have found the sites, evaluate each of them and compare each PAIR in terms of:
• How effective they were in terms of user experience?
• How good is their potential ability to generate revenue?\
Twitter: companies pay to be a twitter, targeting advertising with Google Adsense, personal info
(hobbies, connections, activities, personal info) to companies