Microsoft Health Vault Overiview

This is a youtube video for Microsoft Health Vault overview

Google Health Overview

This is a youtube video for Google Health overview

Merry Christmas with John Lehnon

RESTful Webservices with Java

If you want to start using restful web services in java you can start by following the tutorial at

http://www.vogella.de/articles/REST/article.html#installation_eclipse

A very useful tutorial for creating a simple Hello Jersey rest web service, using jersey jar files, eclipse and apache installed on eclipse.

REST vs SOAP Web Services

I am seeing a lot of new web services are implemented using a REST style architecture these days rather than a SOAP one. Lets step back a second and explain what REST is.

What is a REST Web Service

The acronym REST stands for Representational State Transfer, this basically means that each unique URL is a representation of some object. You can get the contents of that object using an HTTP GET, to delete it, you then might use a POST, PUT, or DELETE to modify the object (in practice most of the services use a POST for this).

Who's using REST?

All of Yahoo's web services use REST, including Flickr, del.icio.us API uses it, pubsub, bloglines, technorati, and both eBay, and Amazon have web services for both REST and SOAP.

Who's using SOAP?

Google seams to be consistent in implementing their web services to use SOAP, with the exception of Blogger, which uses XML-RPC. You will find SOAP web services in lots of enterprise software as well.

REST vs SOAP

As you may have noticed the companies I mentioned that are using REST api's haven't been around for very long, and their apis came out this year mostly. So REST is definitely the trendy way to create a web service, if creating web services could ever be trendy (lets face it you use soap to wash, and you rest when your tired). The main advantages of REST web services are:

• Lightweight - not a lot of extra xml markup
• Human Readable Results
• Easy to build - no toolkits required

SOAP also has some advantages:

• Easy to consume - sometimes
• Rigid - type checking, adheres to a contract
• Development tools

For consuming web services, its sometimes a toss up between which is easier. For instance Google's AdWords web service is really hard to consume (in CF anyways), it uses SOAP headers, and a number of other things that make it kind of difficult. On the converse, Amazon's REST web service can sometimes be tricky to parse because it can be highly nested, and the result schema can vary quite a bit based on what you search for.

Which ever architecture you choose make sure its easy for developers to access it, and well documented.

From http://www.petefreitag.com/

MIE 2011

The Medical Informatics Conference 2011 theme is User centred networked health care and will take place in Oslo August 28-31 2011. The submission deadline for full scientific papers is January 30  2011.

For more information of MIE 2011 visit the site

http://www.mie2011.org/index.htm

SOAPUI for testing Amazon S3

SOAPUI is a graphical tool which can be used to test web services. With SOAPUI you can import a wsdl file of a web service. Then, the tool provides a sample soap request for each operation included in the wsdl file. After inserting values to the request parameters of the SOAP request message, this message is sent to the server and a SOAP response is returned and presented. 

SOAPUI was used to test Amazon S3 service and worked perfect. For the creation of the  signature value  requested by the Amazon S3 operations I used the openSSL.openSSL can be downloaded from here


 http://gnuwin32.sourceforge.net/packages/openssl.htm

For creating the signature with openSSL you should run in command line after moving to the path openSSL install directory and bin the following command

openssl dgst -sha256 -hmac SECRET KEY -binary aaa.txt | openssl enc -base64

where you should put your Amazon secret key instead of SECRET KEY and in the txt file aaa.txt, the string that should be used for the signature. For example, in case the ListAllMyBuckets operation ishould be executed, the string is AmazonS3ListAllMyBuckets2010-12-22T22:22:43.000Z where 2010-12-22T22:22:43.000Z is the timestamp of the request.

In case, there is an error in signature the SOAP response message returns a Hex Encoded String. This string with the amazon secret key can be used to verify and create the right signature. This can be achieved by using Amazon S3 Signature Tester that can be downloaded from here

http://awsmedia.s3.amazonaws.com/catalog/attachments/s3-sigtester.zip

Try it, is good and simple!!!!!


P.S There is also another tool that can be used for testing web services, the SOAPSonar. This tool is provided on a personal and an enterprise edition. Unfortunately, only the personal edition can be downloaded for free and this version does not allow to send messages through SSL. Thus, it is impossible to test Amazon S3 web service.


M.P.

Eclipse IDE and SOA

The Eclipse IDE is an open source development platform comprised of extensible frameworks, tools and runtimes for building, deploying and managing software across the lifecycle. There exists a variety of plugins that can be downloaded for free and installed on Eclipse in order to build, manage and deploy a software component. Some example of plugin components for SOA are the BPEL designer and Web Services Tools.
Here is a link with a simple example of a HelloWorld BPEL process created oin Eclipse

http://people.apache.org/~vanto/HelloWorld-BPELDesignerAndODE.pdf

Google Health vs Microsoft Health Vault

During December 2008 and January 2009, the user experience research firm User Centric conducted an independent comparative usability study of two existing online personal health record applications, Google Health and Microsoft HealthVault. (Neither Google nor Microsoft commissioned or participated in this study in any manner.) During this study, 30 participants completed key tasks using each PHR application and provided qualitative feedback, ratings and preference data on five specific dimensions: Overall usability, utility (usefulness of features), security, privacy and trust. Participants performed up to seven tasks on both Google Health and Microsoft HealthVault, which included three tasks that explored each application's unique features. Midway through the study, a third PHR application, MyMedicalRecords.com, was added to gather additional qualitative data.

 

Figure 1: Homepages of Google Health (top) and Microsoft HealthVault (bottom) as they initially appear to users.

The majority of study participants found PHRs to be useful and stated that they had an interest in building their own PHRs after the study. Overall, participants indicated that they found Google Health more usable because navigation and data entry of health information was easier than on the other applications. Participants said that the Google Health application utilized more familiar medical terminology and provided a persistent health information profile summary.

Based on an analysis of the study data, User Centric has identified the following trends:

Usability

Overall, participants liked how the Google Health interface allowed them to quickly enter medical information. The left hand navigation, tabs, and profile summary all contributed to a fairly smooth user experience for data entry, which is a critical PHR task. However, there was still room for improvement. Participants had trouble attaching dates to health information, figuring out where to start, and finding where they could add another family member.

In general, participants had more trouble with the Microsoft HealthVault interface. The most troublesome elements were the confusing navigation, the presentation of all terms in medical jargon, and the inconsistency between different data entry elements. However, reaction to Microsoft HealthVault was not completely negative -- even though they struggled to enter their health information, several participants still reacted favorably to the very high level of detail the system allowed them to enter. In addition, participants liked the ability to add details to an item immediately after adding the item itself. This represented an efficient flow that Google Health did not provide.

Utility

Participants found PHRs to be fairly desirable by the end of the study. The PHRs' baseline functionality was appealing, and both Google Health and Microsoft HealthVault each had a few well-received exclusive features
Google Health's preference on this dimension is likely due to two factors. First, participants sometimes seemed to confuse utility with usability, even though researchers specifically asked about "usefulness of features." This, along with Google Health's better ease of use, would explain a shift in participants' utility preference. Second, Google Health included the highly desirable drug interaction feature, which was ranked most appealing out of all the features in the post-test questionnaire. This was the only outstanding feature among the six PHR-exclusive features, so it may also have boosted the perception of Google Health's utility.

Security, Privacy and Trust

The key contributors to Microsoft HealthVault's more frequent preference on security, privacy and trust were a strong brand image, professional-looking visual design and a higher perceived information content.
However, even though participants more commonly preferred Microsoft HealthVault for these dimensions, when rating the two PHRs they scored Google Health almost equally as highly. Google Health's high rating is likely due to its brand reputation and its up-front presentation of the terms of use and legal agreements. One important negative, though, was Google's strong positioning in the search and e-mail domains; it is likely that this contributed to Microsoft HealthVault's overall preference here.

Overall

User Centric's comparative study found that neither Google Health nor Microsoft HealthVault were perfect applications; each had flaws in the user experience which were seen to reduce participants' willingness to adopt PHR technology. However, participants preferred Google Health over Microsoft HealthVault on the whole, mainly due to Google Health's greater ease of use. Although features, security, privacy and trust certainly did influence participants' overall evaluations, it is critical to note that their major difficulties with both applications - and their strongest criticisms - were related to the user experience. Improvements to the user experience therefore represent the largest opportunity for improving the patient's experience with a PHR.

Based on this usability study, User Centric has identified several best practices to be included in a working model for PHR interfaces that facilitates user adoption.

From http://www.usercentric.com/

Free educational software suite for kids 2 to 10 - GCompris

GCompris is a high quality educational software suite comprising of numerous activities for children aged 2 to 10. Some of the activities are game orientated, but nonetheless still educational. Below you can find a list of categories with some of the activities available in that category.

  computer discovery: keyboard, mouse, different mouse gesture, ...
  algebra: table memory, enumeration, double entry table, mirror image, ...
  science: the canal lock, the water cycle, the submarine, electric simulation ...
  geography: place the country on the map
  games: chess, memory, connect 4, oware, sudoku ...
  reading: reading practice
  other: learn to tell time, puzzle of famous paintings, vector drawing, cartoon making, ...

Currently GCompris offers in excess of 100 activities and more are being developed. GCompris is free software, that means that you can adapt it to your own needs, improve it and, most importantly, share it with children everywhere.

Health Suggestor

If you want to see what medical tests you should take according to your age and sex or for a lovely person, use the following "my healthfinder".

Google earth on Android phones

Google Earth app allows you to explore the entire planet in detail from your Android phone.

You can search by voice for cities, places, and businesses. With this app you are enabled to browse layers including roads, borders, places, photos and more.

Google Earth for Android works best with a WiFi connection, as opposed to a 3G or other data network connection.

Download

Google Earth 1.2 seem to be the latest available version. Below you can find file(s) assigned to this version:

• Google_Earth_1.2.apk (7 MB, ↓ 400)

From http://www.freewarelovers.com/

Free online PC offered by Cloudo

Is this the future? To have a simple pc or a notebook and doing everything you want through your online pc? Cloud computing makes a reality what previous wasn't.

Take a look on free online pc desktop offerred by Cloudo!!!!

Free cloud computing

The new "buzz word" of the internet is "Cloud Computing." It is everywhere! Even the latest version of Ubuntu (Check back here tomorrow) is offering features for cloud computing. You just can't get away from it! So what is cloud computing? Basically, cloud computing is virtual computing services that are hosted on the internet. Cloud computing can range from web site hosting, to hosted Microsoft Exchange services, online backup solutions, to virtual hosted servers just to name a few.

Well tonight I asked myself if there was any place one could get free cloud computing. I know Amazon is offering cloud computing with their EC2 product, but it isn't free. True it isn't terribly expensive either, but it isn't free. Another name in the cloud computer market is GoGrid, but once again it isn't free. Both of those servers let you pay-as-you go and let you create on-the-fly instances of both Windows servers and Linux servers. Like I said before though.... IT ISN'T FREE!

Good news for you though! I have found a free cloud computing service! The service is called iCloud. True, you do get what you pay for. In this case, you don't get "server" services. You can't, for instance, set up an on-the-fly web server or anything like that. Also, you don't get any say in what type of operating system you get. You get the iCloud OS (Based on Linux) and that is it. Also, you don't get the option of installing more applications.




That being said, this service is still pretty cool. You get 3GB of "cloud" storage (There is that buzz word again) for your important documents which you can access anywhere there is an internet connection with a web browser. You also get a full suite of office applications, web browser (Yes, another way around Websense), instant messenger, RSS feed reader, and some other basic computing applications that you might find on a standard desktop.


All of these things can be accessed through your virtual (virtualization is another buzz word) desktop located at http://os.icloud.com. To sign up for the service, just visit iCloud.com and register for your free account and away you go!


From http://www.bauer-power.net

Oracle Pushes Open Office into the Cloud

Without making any fuss, Oracle Wednesday went into the Cloud Office business in competition with Google and Microsoft.

It's targeting desktop, web and mobile devices. The stuff is supposed to work on Windows, Mac, Linux, web browsers and smartphones.

It says Oracle Cloud Office 1.0 enables Web 2.0-style collaboration and mobile document access, compatibility with Microsoft Office and integration with Oracle Open Office.

It's supposed to offer elastic scaling and on-premise, on-demand or SaaS deployment.

Since it's using OpenOffice or, if it likes Open Office, the stuff is based on the Open Document Format (ODF).

It's also got Oracle Open Office 3.3 - remember, now, it's ticked off some of the OpenOffice following so much they've forked the code into LibreOffice and as another probable irritant Open Office 3.3 includes new enterprise connectors to Oracle Business Intelligence, Oracle E-Business Suite, other Oracle Applications and Microsoft SharePoint.

It's supposed to be more stable and compatible with licenses that are up to five times cheaper than Microsoft.

What's really amusing is Oracle promising freedom from vendor lock-in.

Cloud Office Professional Edition and Open Office Enterprise Edition run about $90 a user, with volume discounts available and limited support, Cloud Office Standard Edition and Open Office Standard Edition cost about $50 a user with no support.

From Cloud Computing Journal

Amazon Down Briefly Sunday in Europe

Amazon's shopping sites in the UK, France, Germany, Spain, Italy and Austrian were unavailable Sunday for more than a half-hour, various press reports say, or until around 2145 GMT.

Less well-publicized was the fact that four of Amazon's cloud services operated out of its data center in Ireland were impacted for two hours including EC2, SimpleDB, Simple Queue Service (SQS) and Simple Notification Service (SNS).

Naturally suspicions immediately turned to WikiLeaks' Anonymous army of marauding defenders who for the last week have been unleashing distributed denial of service (DDOS) attacks on the web sites of any and all institutions that have refused to give aid and comfort to the rogue site. And, of course Amazon kicked WikiLeaks off its cloud.

Amazon, whose infrastructure successfully repelled boarders last week, claims its downtime Sunday was the result of hardware failures.

According to the Amazon Web Services Health Dashboard, two of its network devices went down one after the other.

It says, "Between 12:37 PM and 2:32 PM PST [that would be between 2037 GMT and 2232 GMT] the EC2 APIs in the EU-West region experienced significantly increased error rates rendering the EU APIs unusable for most customers. Running instances were not affected, but EU EC2 users were unable to launch new instances or describe their resources in the EU-West region. These errors were caused by the malfunction of a second network device carrying traffic that had recently been shifted off of another failed network device. The first device was nearly repaired but, unfortunately, was still unusable when the second device independently failed. Because full redundancy had not been restored to this part of our network, this second failure resulted in an interruption of connectivity for the EU EC2 API servers. Our networking team was able to re-route traffic to restore connectivity and, shortly afterward, complete repairs on both network devices involved. Though it's somewhat unusual to have two failures like this in this short a period, we will not accept this as a statistical anomaly. We're going to reassess our strategy for keeping spare devices to have better coverage in situations such as these."

From Cloud Computing Journal  http://cloudcomputing.sys-con.com/

About Google Health

Google Health is an online tool that helps you take control of your health information. It gives you a simple dashboard you can use to track all your health-related information and goals. It also helps you easily organize your medical records and health information so they're available when you need them. Here are some of the things you can do with Google Health:

• Build online health profiles for yourself and those you care for.
• Define and track your progress toward health, wellness, and fitness goals.
• Download medical records from doctors and pharmacies.
• Learn about health issues and find helpful resources.
• Connect to online tools and services.
• Share your health profiles with others such as family and caregivers.
• Organize your medical contacts, including doctors and hospitals.

To get started, just visit the Google Health homepage.

From www.google.com

SOA system on cloud environment

In the last years, the service-oriented architecture (SOA) has emerged as an architectural style allowing to build applications out of reusable components (services). The technology to realize SOA is web services and Business Process Execution Language (BPEL). SOA provides a programming model where new functionality is encapsulated on web services or web services are used as interfaces to existing heterogeneous applications and data sources. BPEL provides a model and a grammar for specifying web services compositions in the form of business processes and for externalizing the functionality of business processes as web services. The call of web services from process “invoke” activities enable to easily change the implementation of a service or replace a service without affecting the business process.

Cloud computing has been referred to as an architecture, a platform, an operating system, and a service, and in some senses, it is all of these. A basic definition of cloud computing is using the Internet to perform tasks on computers. It is an approach to computing in which resources and information are provided through services over the Internet, in which the network of services is collectively known as “the cloud.” The taxonomy of clouds is private, public and hybrid. Private clouds are on-demand infrastructures owned by a single customer, public clouds are run by third parties and hybrid clouds are a combination of public and private clouds. In cloud, there are three delivery models, namely infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS), but there are also other classifications available such as business process as a service (BPaaS).

BPaaS can be realized by composing SOA programming model with cloud computing. SOA enables to overcome technical interoperability and data exchange incompatibility issues and cloud enables to provide essential ubiquitous access to powerful and seamlessly integrated computer based capabilities as services. A BPaaS can be realized by the installation and configuration of a SOA platform on virtual images created by a IaaS (Amazon Elastic Compute Cloud - EC2) and the provision of this platform as a service. BPaaS usually enables business processes execution and monitoring, web services invocation, web services security support etc. With the use of a BPaaS, more machines can be added on demand as the processes gain more transactions. In addition, as cloud services are actually web services can be called from BPEL “invoke” activities as third party partners. Thus, it is possible for example in a BPEL process running on a public or private cloud to call a cloud service from a public cloud like Amazon’s Simple DB or Amazon’s Simple Storage Service (S3) in order to store/retrieve data to/from cloud virtualized servers.

SingularLogic extends its partnership with Microsoft

SingularLogic, the leading software and integrated IT solutions group in Greece, extends its strategic partnership with Microsoft by obtaining the Microsoft Large Account Reseller / Enterprise Software Advisor (LAR/ESA) certification.

This certification covers the administration, management, reselling and offering of consultancy services, requested by large enterprises, institutions and organisations, in contracts concerning buying or leasing software licences and support services for Microsoft platform products, for example contracts like "Enterprise Agreement" (EA) and "Select" which are for enterprises and institutions with more than 250 work stations and support services.  Following the above mentioned certification, the companies of Marfin Investment Group (MIG), signed an enterprise agreement for Microsoft platform products in Greece and abroad.

It is worth mentioning that SingularLogic is already a Microsoft Gold Certified Partner, a certification which confirms the high level training and know-how its' executives have on Microsoft technologies.  Τhe company is also distinguished as a Microsoft Independent Software Vendor (ISV) in the areas of development and distribution of own produced software applications based on Microsoft platforms, as well as having become a Microsoft Dynamics Navision Partner covering the reselling of licences for Microsoft Navision ERP applications and offering installation, parameterization and maintenance services for these applications.

Mr. John Karakadas, SingularLogic's President and CEO stated: "with the extension of this partnership, our company remains faithful to its vision; to support its customers and help them evolve, offering them the best integrated software solutions and infrastructure possible and utilising best practices always to ensure a seamless operation."

Mr. Sam Zakar, Director of Large Accounts Microsoft Partners for Microsoft Hellas said: "The exceptional partnership between the two companies, resulted in SingularLogic becoming certified as a Large Account Reseller and Enterprise Software Advisor, a certification which Microsoft only offers to a select number of partners and is based on a series of strict and specific quality control criteria, concerning the specialisation of personnel and their services. We are convinced that SingularLogic's experienced executives along with Microsoft's support will create the opportunity to further promote integrated solutions and high value added services to our customers." 

From http://www.singularlogic.eu/

Google Search Algorithm Will Punish Bad Businesses

Google has developed a new algorithm that will (hopefully) not reward businesses with bad customer service, a move made in response to a New York Times story about a business with a troubling advertising plan: negative advertising is just as good as positive advertising, at least when it comes to Google PageRank.

Google's blog post on the subject states that the company was "horrified" to read about a customer's dreadful experience, and that it "immediately convened a team" to look into the issue. In the last few days, Google has developed a new algorithm that detects merchants who provide (in Google's opinion) bad customer service, and penalizes them in Google's PageRank.

"A Bully Finds a Pulpit on the Web" tells the story of Clarabelle Rodriguez, who tried to purchase a pair of Lafont eyeglasses from online glasses retailer DecorMyEyes.com. Rodriguez was then put through consumer hell: the store refused to give her a refund when the glasses she requested were out of stock; when she finally received her glasses, they were counterfeit; the store overcharged her $125, and when she called to complain the store's owner threatened her.

Rodriguez eventually disputed the charge with her credit card company, which said it would look into the matter. The owner of the store -- who went by the name Tony Russo -- then started threatening her. First, he filed a lawsuit in small claims court; when she didn't respond to that, he sent her an e-mail with a picture of her apartment building. Finally, he (or one of his friends) called her credit card company, posing as her, and dropped the dispute.

After a frustrating call with Citi Cards in which Citi refused to reopen the dispute, Rodriguez did the only thing she could do -- she went to the Internet (OK, and the New York Times), and found a consumer advocacy site called GetSatisfaction. Here, she found what she probably should have found when she first started searching for glasses: dozens of similar customer stories about DecorMyEyes -- stalking, e-mails, threats, and creepy phone calls.

The problem was this: these dozens and dozens of bad reviews about DecorMyEyes were actually boosting the company's Google PageRank. Before last weekend, Google PageRank was unable to weigh positive versus negative reviews, and so all of the extra buzz about DecorMyEyes was good -- even if it was bad.

As they say in the celebrity world, any publicity is good publicity, right?

Of course, this wasn't an accident -- DecorMyEyes owner (whose real name is Vitoly Borker) told the Times that the negative publicity was all part of his plan. After discovering that his website popped up higher on Google search when customers threatened to go to consumer advocacy sites, he started milking it for all it was worth. The only thing that keeps him in check is credit card companies -- too many customers disputing charges, and they'll kick him out. Borker says he tracks the numbers carefully and gets friendlier if they're getting too high.

Anyway, Google reports that unsavory hustlers like Borker will hopefully no longer be able to game the system (at least, not in the same way). Google says it can't reveal too much about the algorithm for fear that hustlers will figure out a new loophole, but:

"We can say with reasonable confidence that being bad to customers is bad for business on Google. And we will continue to work hard towards a better search."

Here's the real moral of the story: make sure you check up on online retailers before you drop $400 on a pair of glasses (or anything). Amazon and eBay make this easier by offering seller ratings right on their pages, but there are plenty of other resources out there for consumers. Along with GetSatisfaction, sites such as ResellerRatings, Ripoff Report, The Consumerist, and Yelp are all good places to get real customer reviews.

From http://www.pcworld.com

HelloWorld BPEL Eclipse example

This pdf document explains in detail how you can setup eclipse BPEL designer and Apache ODE environment in order to create a HelloWorld BPEL process and run it either inside eclipse using the web service explorer either on apache ode .

The pdf document can be found at

http://people.apache.org/~vanto/HelloWorld-BPELDesignerAndODE.pdf

What Is Google App Engine?

Google App Engine lets you run your web applications on Google's infrastructure. App Engine applications are easy to build, easy to maintain, and easy to scale as your traffic and data storage needs grow. With App Engine, there are no servers to maintain: You just upload your application, and it's ready to serve your users.
You can serve your app from your own domain name (such as http://www.example.com/) using Google Apps. Or, you can serve your app using a free name on the appspot.com domain. You can share your application with the world, or limit access to members of your organization.
Google App Engine supports apps written in several programming languages. With App Engine's Java runtime environment, you can build your app using standard Java technologies, including the JVM, Java servlets, and the Java programming language—or any other language using a JVM-based interpreter or compiler, such as JavaScript or Ruby. App Engine also features a dedicated Python runtime environment, which includes a fast Python interpreter and the Python standard library. The Java and Python runtime environments are built to ensure that your application runs quickly, securely, and without interference from other apps on the system.
With App Engine, you only pay for what you use. There are no set-up costs and no recurring fees. The resources your application uses, such as storage and bandwidth, are measured by the gigabyte, and billed at competitive rates. You control the maximum amounts of resources your app can consume, so it always stays within your budget.
App Engine costs nothing to get started. All applications can use up to 500 MB of storage and enough CPU and bandwidth to support an efficient app serving around 5 million page views a month, absolutely free. When you enable billing for your application, your free limits are raised, and you only pay for resources you use above the free levels.

The Application Environment

Google App Engine makes it easy to build an application that runs reliably, even under heavy load and with large amounts of data. App Engine includes the following features:

• dynamic web serving, with full support for common web technologies
• persistent storage with queries, sorting and transactions
• automatic scaling and load balancing
• APIs for authenticating users and sending email using Google Accounts
• a fully featured local development environment that simulates Google App Engine on your computer
• task queues for performing work outside of the scope of a web request
• scheduled tasks for triggering events at specified times and regular intervals

Your application can run in one of two runtime environments: the Java environment, and the Python environment. Each environment provides standard protocols and common technologies for web application development.

The Sandbox

Applications run in a secure environment that provides limited access to the underlying operating system. These limitations allow App Engine to distribute web requests for the application across multiple servers, and start and stop servers to meet traffic demands. The sandbox isolates your application in its own secure, reliable environment that is independent of the hardware, operating system and physical location of the web server.
Examples of the limitations of the secure sandbox environment include:

• An application can only access other computers on the Internet through the provided URL fetch and email services. Other computers can only connect to the application by making HTTP (or HTTPS) requests on the standard ports.
• An application cannot write to the file system. An app can read files, but only files uploaded with the application code. The app must use the App Engine datastore, memcache or other services for all data that persists between requests.
• Application code only runs in response to a web request, a queued task, or a scheduled task, and must return response data within 30 seconds in any case. A request handler cannot spawn a sub-process or execute code after the response has been sent.

The Java Runtime Environment

You can develop your application for the Java runtime environment using common Java web development tools and API standards. Your app interacts with the environment using the Java Servlet standard, and can use common web application technologies such as JavaServer Pages (JSPs).
The Java runtime environment uses Java 6. The App Engine Java SDK supports developing apps using either Java 5 or 6.
The environment includes the Java SE Runtime Environment (JRE) 6 platform and libraries. The restrictions of the sandbox environment are implemented in the JVM. An app can use any JVM bytecode or library feature, as long as it does not exceed the sandbox restrictions. For instance, bytecode that attempts to open a socket or write to a file will throw a runtime exception.
Your app accesses most App Engine services using Java standard APIs. For the App Engine datastore, the Java SDK includes implementations of the Java Data Objects (JDO) and Java Persistence API (JPA) interfaces. Your app can use the JavaMail API to send email messages with the App Engine Mail service. The java.net HTTP APIs access the App Engine URL fetch service. App Engine also includes low-level APIs for its services to implement additional adapters, or to use directly from the application. See the documentation for the datastore, memcache, URL fetch, mail, images and Google Accounts APIs.
Typically, Java developers use the Java programming language and APIs to implement web applications for the JVM. With the use of JVM-compatible compilers or interpreters, you can also use other languages to develop web applications, such as JavaScript, Ruby, or Scala.
For more information about the Java runtime environment, see The Java Runtime Environment.

The Python Runtime Environment

With App Engine's Python runtime environment, you can implement your app using the Python programming language, and run it on an optimized Python interpreter. App Engine includes rich APIs and tools for Python web application development, including a feature rich data modeling API, an easy-to-use web application framework, and tools for managing and accessing your app's data. You can also take advantage of a wide variety of mature libraries and frameworks for Python web application development, such as Django.
The Python runtime environment uses Python version 2.5.2. Additional support for Python 3 is being considered for a future release.
The Python environment includes the Python standard library. Of course, not all of the library's features can run in the sandbox environment. For instance, a call to a method that attempts to open a socket or write to a file will raise an exception. For convenience, several modules in the standard library whose core features are not supported by the runtime environment have been disabled, and code that imports them will raise an error.
Application code written for the Python environment must be written exclusively in Python. Extensions written in the C language are not supported.
The Python environment provides rich Python APIs for the datastore, Google Accounts, URL fetch, and email services. App Engine also provides a simple Python web application framework called webapp to make it easy to start building applications.
You can upload other third-party libraries with your application, as long as they are implemented in pure Python and do not require any unsupported standard library modules.
For more information about the Python runtime environment, see The Python Runtime Environment.

The Datastore

App Engine provides a powerful distributed data storage service that features a query engine and transactions. Just as the distributed web server grows with your traffic, the distributed datastore grows with your data.
The App Engine datastore is not like a traditional relational database. Data objects, or "entities," have a kind and a set of properties. Queries can retrieve entities of a given kind filtered and sorted by the values of the properties. Property values can be of any of the supported property value types.
Datastore entities are "schemaless." The structure of data entities is provided by and enforced by your application code. The Java JDO/JPA interfaces and the Python datastore interface include features for applying and enforcing structure within your app. Your app can also access the datastore directly to apply as much or as little structure as it needs.
The datastore is strongly consistent and uses optimistic concurrency control. An update of a entity occurs in a transaction that is retried a fixed number of times if other processes are trying to update the same entity simultaneously. Your application can execute multiple datastore operations in a single transaction which either all succeed or all fail, ensuring the integrity of your data.
The datastore implements transactions across its distributed network using "entity groups." A transaction manipulates entities within a single group. Entities of the same group are stored together for efficient execution of transactions. Your application can assign entities to groups when the entities are created.

Google Accounts

App Engine supports integrating an app with Google Accounts for user authentication. Your application can allow a user to sign in with a Google account, and access the email address and displayable name associated with the account. Using Google Accounts lets the user start using your application faster, because the user may not need to create a new account. It also saves you the effort of implementing a user account system just for your application.
If your application is running under Google Apps, it can use the same features with members of your organization and Google Apps accounts.
The Users API can also tell the application whether the current user is a registered administrator for the application. This makes it easy to implement admin-only areas of your site.
For more information about integrating with Google Accounts, see the Users API reference.

App Engine Services

App Engine provides a variety of services that enable you to perform common operations when managing your application. The following APIs are provided to access these services:

URL Fetch

Applications can access resources on the Internet, such as web services or other data, using App Engine's URL fetch service. The URL fetch service retrieves web resources using the same high-speed Google infrastructure that retrieves web pages for many other Google products.

Mail

Applications can send email messages using App Engine's mail service. The mail service uses Google infrastructure to send email messages.

Memcache

The Memcache service provides your application with a high performance in-memory key-value cache that is accessible by multiple instances of your application. Memcache is useful for data that does not need the persistence and transactional features of the datastore, such as temporary data or data copied from the datastore to the cache for high speed access.

Image Manipulation

The Image service lets your application manipulate images. With this API, you can resize, crop, rotate and flip images in JPEG and PNG formats.

Scheduled Tasks and Task Queues

An application can perform tasks outside of responding to web requests. Your application can perform these tasks on a schedule that you configure, such as on a daily or hourly basis. Or, the application can perform tasks added to a queue by the application itself, such as a background task created while handling a request.
Scheduled tasks are also known as "cron jobs," handled by the Cron service. For more information on using the Cron service, see the Python or Java cron documentation.
Task queues are currently released as an experimental feature. At this time, only the Python runtime environment can use task queues. A task queue interface for Java applications will be released in the near future. For information about the task queue service and the Python API, see the Python documentation.

Development Workflow

The App Engine software development kits (SDKs) for Java and Python each include a web server application that emulates all of the App Engine services on your local computer. Each SDK includes all of the APIs and libraries available on App Engine. The web server also simulates the secure sandbox environment, including checks for attempts to access system resources disallowed in the App Engine runtime environment.
Each SDK also includes a tool to upload your application to App Engine. Once you have created your application's code, static files and configuration files, you run the tool to upload the data. The tool prompts you for your Google account email address and password.
When you build a new major release of an application that is already running on App Engine, you can upload the new release as a new version. The old version will continue to serve users until you switch to the new version. You can test the new version on App Engine while the old version is still running.
The Java SDK runs on any platform with Java 5 or Java 6. The SDK is available as a Zip file. If you use the Eclipse development environment, you can use the Google Plugin for Eclipse to create, test and upload App Engine applications. The SDK also includes command-line tools for running the development server and uploading your app.
The Python SDK is implemented in pure Python, and runs on any platform with Python 2.5, including Windows, Mac OS X and Linux. The SDK is available as a Zip file, and installers are available for Windows and Mac OS X.
The Administration Console is the web-based interface for managing your applications running on App Engine. You can use it to create new applications, configure domain names, change which version of your application is live, examine access and error logs, and browse an application's datastore.

Quotas and Limits

Not only is creating an App Engine application easy, it's free! You can create an account and publish an application that people can use right away at no charge, and with no obligation. An application on a free account can use up to 500MB of storage and up to 5 million page views a month. When you are ready for more, you can enable billing, set a maximum daily budget, and allocate your budget for each resource according to your needs.
You can register up to 10 applications per developer account.
Each app is allocated resources within limits, or "quotas." A quota determines how much of a given resource an app can use during a calendar day. In the near future, you will be able to adjust some of these quotas by purchasing additional resources.
Some features impose limits unrelated to quotas to protect the stability of the system. For example, when an application is called to serve a web request, it must issue a response within 30 seconds. If the application takes too long, the process is terminated and the server returns an error code to the user. The request timeout is dynamic, and may be shortened if a request handler reaches its timeout frequently to conserve resources.
Attempts to subvert or abuse quotas, such as by operating applications on multiple accounts that work in tandem, are a violation of the Terms of Service, and could result in apps being disabled or accounts being closed.
For a list of quotas and an explanation of the quota system, including which quotas can be increased by enabling billing, see Quotas.

From www.google.com

Workflow example in Oracle BPM Studio

This a simple workflow process for seminar management in a university.This process involved two roles : student and secreteriar.

Route 53: Amazon’s New DNS Service Route 53: Amazon’s New DNS Service

Amazon Web Services  today announced the beta release of their new DNS service, Route 53, as a part of their offerings. Unlike many others, Amazon is not resting on their laurels and the large marketshare in the public cloud market. Instead, they are innovating at such a pace that their competitors are finding it hard to keep up. Route 53, their DNS web service, fits very well with their strategy for a public cloud world domination. With just one stroke, Amazon has made life difficult for companies like DNSmadeeasy, Dyndns, Ultradns, etc..

What is Route 53?

Anyone who has set up and maintained a nameserver will know that they use port 53 to service the dns queries. Looks like Amazon chose this name based on this fact and they also have plans to make this service define the final aspect of distributed system naming. According to Werner Vogels of Amazon,

We chose the name “Route 53″ as a play on the fact that DNS servers respond to queries on port 53. But in the future we plan for Route 53 to also give you greater control over the final aspect of distributed system naming, the route your users take to reach an endpoint.

Route 53 is a highly available and scalable DNS service which will let their users have an extremely reliable service at an affordable cost. It gives programmatic access to controlling the service like adding, deleting or modifying DNS records.

Why is this interesting?

Well, DNS services are not something new and we have been using them ever since web became part of our consciousness. From the early days where we managed our own own nameservers using BIND, we, then, started outsourcing the service to third party providers like DNSmadeeasy, Ultradns, etc.. These third party providers took the hassle out of managing and securing the service for us. However, there were some issues with using the third party DNS providers.

• Some of the providers had latency issues that slowed down many websites
• Some of the providers have trouble scaling.
• In some cases, some of these providers had downtime due to various reasons. The lack of high availability of DNS service could end up affecting the bottom line of many business clients. In fact, one of the well known provider in this space, DNS Made Easy, suffered a multi-GB DDOS attack and brought in downtime for some of their customers. In fact, this attack broke the 8 year record they had for 100% uptime.

AWS, with their experience in cloud computing, are well suited to offer a highly scalable and reliable DNS service. By having a global network of DNS servers, they can easily reduce the latency in the queries. DNS queries are automatically routed to the nearest DNS server, and thus answered with the best possible performance.

As Amazon pushes hard into the public cloud space, DNS could turn out to be a pain point. Not only DNS service should be scalable and highly available with low latency, it is also crucial from the security perspective. If Amazon wants to offer a seamless cloud experience, they should control the DNS of their clients. With Route 53, Amazon could offer a tighter integration with AWS services, thereby helping their clients on their DNS needs. Route 53 not just helps offer better performance but can also help handle DNS related attacks.

Highlights of this service

Some of the highlights include:

• High Availability
• Scalable
• Tighter integration with other AWS services. However, it can also be used by those outside of AWS
• Low Latency
• Not just cost effective, it also uses pay as you go model like their other cloud services
• Secure. By integrating the service with AWS Identity and Access Management, enterprises can easily control who has access to the DNS

Conclusion

With this move, Amazon can easily disrupt this market segment. By pricing it at a comparable level to many of the other DNS service providers and by offering a highly scalable and highly available DNS service, Amazon can get rid of some of the players from the market. More than any short term market disruption, I find the long term benefits to Amazon’s public cloud more interesting. What do you think?


From www.cloudave.com

Windows Azure and AWS

The two entities that dominate the enterprise Cloud Computing landscape are undoubtedly Microsoft Windows Azure and Amazon Web Services. Though Google App Engine is maturing rapidly, I am not planning to cover it in this series. I may compare Windows Azure and Google App Engine in a separate article.
With the latest announcements from PDC, Microsoft is inching closer to Amazon Web Services to match the offerings. Windows Azure is also blurring the line between PaaS and IaaS by offering VM Role that enables businesses to bring their legacy applications to the Cloud. Microsoft is leveraging the leadership in the platform and tools by seamlessly integrating the Cloud with .NET and Visual Studio.

Amazon is a very credible player in the Cloud Computing space and enjoys the leadership position in the IaaS offerings. Their fast paced innovations ensure that they have a lead and help them differentiate from the competition. They have a very healthy ecosystem of partners and developers who build rich and complementary tools on AWS.
This series of articles attempts at comparing the Windows Azure Platform and Amazon Web Services. The objectives of this series are the following –

• Provide objective comparison between the two
• Enable enterprises and ISVs to take an informed decision
• Avoid marketing speak and buzz words
• Be neutral and unbiased in the approach

The following table provides a quick comparison of both the platforms.

 Looking at the above, it is evident that these two stacks will go head-on to secure the mind share and market share. While Microsoft is moving some of the middleware components from BizTalk Server to Azure, Amazon is leveraging it’s payment mechanism and components for AWS. Windows Azure will be the most comprehensive PaaS offering once all the above components are delivered.

From http://www.janakiramm.net/

Amazon S3 Security

With any shared storage system, the biggest question is whether unauthorized users can
access information either intentionally or by mistake.  To ensure that customers have the
utmost in flexibility to determine how, when, and to whom they wish to expose the
information they store in AWS, Amazon S3 APIs provide both bucket- and object-level
access controls, with defaults that only permit authenticated access by the bucket and/or
object creator.  Write and Delete permission is controlled by an Access Control List
(ACL) associated with the bucket.  Permission to modify the  bucket  ACLs is itself
controlled by an ACL, and it defaults to creator-only access.  Therefore, the customer
maintains full control over who has access to their data.  Amazon S3 access can be
granted based on AWS Account ID, DevPay Product ID, or open to everyone.

Data Management  

Another potential concern is whether or not data can be intercepted while “in transit”
from one node on the Internet to AWS.  For maximum security, Amazon S3 is accessible
via SSL encrypted endpoints.  The encrypted endpoints are accessible from both the
Internet and from within Amazon EC2, ensuring that data is transferred securely both
within AWS and to and from sources outside of AWS.  

Customers may wish to secure data even when it is being stored within Amazon S3.  Data
stored within Amazon S3 is not encrypted at rest by AWS.  However, users can encrypt
their  data before it is uploaded to Amazon S3 so that the data cannot be accessed or
tampered with by unauthorized parties.

When an object is deleted from Amazon S3, removal of the mapping from the public
name to the object starts immediately, and is generally processed across the distributed
system within several seconds.  Once the mapping is removed, there is no external access
to the deleted object.  That storage area is then made available only for write operations
and the data is overwritten by newly stored data. 


From www.amazon.com

WSO2 Stratos - Free BPaaS on public and/or private cloud

WSO2 Stratos Services is the publicly hosted version of WSO2 Stratos, the cloud version of WSO2’s award-winning WSO2 Carbon platform.

To sign up for a free trial account please visit http://cloud.wso2.com . For full access, domain verification may be required. As a registered user you will have instant access to the following WSO2 middleware applications:

• WSO2 Web Services Application Server
• WSO2 Governance Registry
• WSO2 Gadget Server
• WSO2 Mashup Server
• WSO2 Business Activity Monitor
• WSO2 Identity Server

The remaining WSO2 Carbon-based products and additional cloud-native features will be available soon.

WSO2 Stratos Services is currently offered as a free alpha version. As such we reserve the right to impose reasonable limits on user accounts, and can’t guarantee five-nines uptime nor data preservation. Nor have we established pricing for the final release version. For now we recommend WSO2 Stratos Services to users with the following needs:

• Evaluation of WSO2 Stratos for private cloud deployment.
• Development and testing of WSO2 Carbon applications without the overhead of server acquisition and provisioning.
• Small-scale, non-mission-critical applications, that can easily be migrated to traditional WSO2 Carbon server runtimes.

Existing WSO2 Cloud Services (Governance as a Service and Cloud Identity) remain intact, but we will be working with account users there to migrate their accounts to WSO2 Stratos Services.


From http://wso2.com/cloud/stratos-services/

WikiLeaks and Amazon: A free speech issue?

On Wednesday, WikiLeaks – the organization behind one of the largest diplomatic data dumps in history – was ejected from Amazon cloud-based servers, apparently under pressure from US politicians. According to CNN, Amazon was contacted this week by several US senators, including Joe Lieberman, who urged the company to immediately terminate its relationship with WikiLeaks.

From http://www.csmonitor.com/

Amazon EC2 Tutorial

Deploy a web server on Amazon EC2

http://www.youtube.com/watch?v=bBajLxeKqoY&feature=related

Free usage of Amazon cloud services

To help new AWS customers get started in the cloud, AWS is introducing a new free usage tier. Beginning November 1, new AWS customers will be able to run a free Amazon EC2 Micro Instance for a year, while also leveraging a new free usage tier for Amazon S3, Amazon Elastic Block Store, Amazon Elastic Load Balancing, and AWS data transfer. AWS’s free usage tier can be used for anything you want to run in the cloud: launch new applications, test existing applications in the cloud, or simply gain hands-on experience with AWS.

Below are the highlights of AWS’s new free usage tiers. All are available for one year (except Amazon SimpleDB, SQS, and SNS which are free indefinitely):

AWS Free Usage Tier (Per Month):

• 750 hours of Amazon EC2 Linux Micro Instance usage (613 MB of memory and 32-bit and 64-bit platform support) – enough hours to run continuously each month*
• 750 hours of an Elastic Load Balancer plus 15 GB data processing*
• 10 GB of Amazon Elastic Block Storage, plus 1 million I/Os, 1 GB of snapshot storage, 10,000 snapshot Get Requests and 1,000 snapshot Put Requests*
• 5 GB of Amazon S3 storage, 20,000 Get Requests, and 2,000 Put Requests*
• 30 GB per of internet data transfer (15 GB of data transfer “in” and 15 GB of data transfer “out” across all services except Amazon CloudFront)*
• 25 Amazon SimpleDB Machine Hours and 1 GB of Storage**
• 100,000 Requests of Amazon Simple Queue Service**
• 100,000 Requests, 100,000 HTTP notifications and 1,000 email notifications for Amazon Simple Notification Service**
• 10 Amazon Cloudwatch alarms**

In addition to these services, the AWS Management Console is available at no charge to help you build and manage your application on AWS.

From www.amazon.com

What is the so called Cloud computing?

Cloud computing is a general term for anything that involves delivering hosted services over the Internet. These services are broadly divided into three categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The name cloud computing was inspired by the cloud symbol that's often used to represent the Internet in flowcharts and diagrams. 

A cloud service has three distinct characteristics that differentiate it from traditional hosting. It is sold on demand, typically by the minute or the hour; it is elastic -- a user can have as much or as little of a service as they want at any given time; and the service is fully managed by the provider (the consumer needs nothing but a personal computer and Internet access). Significant innovations in virtualization and distributed computing, as well as improved access to high-speed Internet and a weak economy, have accelerated interest in cloud computing.

A cloud can be private or public. A public cloud sells services to anyone on the Internet. (Currently, Amazon Web Services is the largest public cloud provider.) A private cloud is a proprietary network or a data center that supplies hosted services to a limited number of people. When a service provider uses public cloud resources to create their private cloud, the result is called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy, scalable access to computing resources and IT services.

Infrastructure-as-a-Service like Amazon Web Services provides virtual server instances with unique IP addresses and blocks of storage on demand. Customers use the provider's application program interface (API) to start, stop, access and configure their virtual servers and storage. In the enterprise, cloud computing allows a company to pay for only as much capacity as is needed, and bring more online as soon as required. Because this pay-for-what-you-use model resembles the way electricity, fuel and water are consumed, it's sometimes referred to as utility computing.

Platform-as-a-service in the cloud is defined as a set of software and product development tools hosted on the provider's infrastructure. Developers create applications on the provider's platform over the Internet. PaaS providers may use APIs, website portals or gateway software installed on the customer's computer. Force.com, (an outgrowth of Salesforce.com) and GoogleApps are examples of PaaS. Developers need to know that currently, there are not standards for interoperability or data portability in the cloud. Some providers will not allow software created by their customers to be moved off the provider's platform.

In the software-as-a-service cloud model, the vendor supplies the hardware infrastructure, the software product and interacts with the user through a front-end portal. SaaS is a very broad market. Services can be anything from Web-based email to inventory control and database processing. Because the service provider hosts both the application and the data, the end user is free to use the service from anywhere.