Last night I had the privilege to listen to Dr. John Preskill in Beckman Auditorium here at Caltech with fellow Quantum aficianado David Lazar. John Preskill is the Richard P. Feynman Professor of Theoretical Physics at Caltech. This was definitely one of the most accessible lecture on this topic of general audience which was very well received. Dr. Preskill is definitely a teacher and a communicator; as Feynman chair, he effectively summarized 50+ years of Quantum research and development into a one hour lecture. Quantum frontiers has some of the recorded lectures which readers may find interesting.
Dr. Preskill is also involved with IQIM, Institute for Quantum Information and Matter, at Caltech. Here is an IQIM Promotional video which was shown towards the end of the session.
The lecture addressed the opportunities and challenges in quantum computing, entanglements, speculation about future trends, quantum error correction and quantum information science.
Couple of his detailed lectures can be seen below.
Last night's LA Machine Learning event on Mining Time Series Data w/ Sylvia Halasz of YP at OpenX Pasadena was quite interesting and well attended. Dr. Halasz spoke about Adaptive Ensemble Kalman Filter and her work on building n-gram correlation with the flu outbreaks. Some of the associated papers follow.
- The ngram chief complaint classifier: A novel method of automatically creating chief complaint classifiers based on international classification of diseases groupings
- Detecting the start of the flu season
- Syndrome Surveillance - CDC
Recently attended Big Data Event @ Caltech. The topic was Big Data, Big Opportunities: Predicting the Future One Byte at a Time and the panel and speakers didn't disappoint. Following is the slidedeck and pictures from the event.
It’s raining data. Actually, it’s more like a hurricane.
Every website, email, SMS text, mouse click, download and online purchase generates data, a lot of data.
This data is being assembled into massive data sets and used by scientists, researchers, companies and the government to develop new products, predict epidemics, understand consumer behavior and formulate public policies.
Entrepreneurs are pursuing these “Big Data” opportunities in what is becoming the 21st century equivalent of the gold rush.
Our speakers will share their views on the opportunities and challenges entrepreneurs face in building a Big Data venture.
Saturday, November 17, 2012
California Institute of Technology
Program: 9:00 a.m. to 11:15 a.m. Baxter Lecture Hall
Networking: 11:15 a.m. to 12:00 p.m. Baxter Lecture Hall
Last week I spoke to Southern California .NET Architecture Group regarding implementation of Service Oriented Design Patterns with Windows Communication Foundation. The talk was an architectural overview of so called SOA tenants and how to implement these best practices using WCF. Being technologists, we tend to focus more on underlying technologies and have tendency to avoid topics like BPM, enterprise decision management, business rules engine, ESB, event stream processing, registry and discovery, component and composites, orchestration and mediation to name a few. Trying to avoid abstractions and TLA's (three letter acronyms), the focus of the talk was towards explaining the key-components of a generic, platform agnostic service oriented architecture and how WCF fulfills one part of this larger puzzle. In real-world SOA implementations, aside from usual Service ABC's (Address, Binding, Contracts) which are essential parts of service components and composites, there is lot of attention paid to tracking and monitoring the artifacts in a SOA, enforcing and ensuring compliance with the policies associated with the artifacts and measuring the outcomes related to their use. Following are some of the salient features of a comprehensive service oriented design.
- BPM - Business process management solution
- EDM - Enterprise decision management
- ESB - Enterprise Service Bus
- ESP - Event Stream Processing
- Service Orchestration
- Service components and composites
- web service mediation (Protocol mediation, Traffic management,Version rationalization, Runtime governance)
After introducing these fundamental entities as part of a comprehensive SOA platform, I spoke further about how component oriented architecture has evolved into SOA, the definition and importance of boundaries (machine, network, datacenter) and the connection between SOA and cloud. While answering a question about why WCF != SOA, I found the following geek & poke comic very useful.
As handbook of cloud computing notes,
Web Services and Service Oriented Architecture (SOA) are not new concepts; however they represent the base technologies for cloud computing. Cloud services are typically designed as Web services, which follow industry standards including WSDL, SOAP, and UDDI. A Service Oriented Architecture organizes and manages Web services inside clouds (Vouk, 2008). A SOA also includes a set of cloud services, which are available on various distributed platforms.
Therefore, it is fair to describe an SOA environment as enabler for cloud computing. This lead us to the SOA concepts and how it maps to WCF.
- SOA Entity corresponds to WCF DataContract
- SOA Message corresponds to WCF MessageContract
- SOA Interface corresponds to WCF ServiceContract
- SOA Transport corresponds to WCF Binding
- SOA Endpoint corresponds to WCF deployment model (service endpoint)
Next logical step was premier to a simple WCF service, wcf service library, client utility, metadata endpoint and what's new in WCF 4 to help leverage service oriented architecture. Don Box's infamous (and controversial) SOA tenants were discussed in context with the service oriented design.
- Boundaries are Explicit
- Services are Autonomous
- Services share schema and contract, not class
- Service compatibility is based upon policy
At this point, attendees were introduced to WCF 4 hands-on-lab and it's individual exercises on Simplified Configuration, Service Behavior, Protocol Mapping, Service Discovery, Metadata Extensions, Discovery Announcements, Discovery Proxy, Routing/Service Routing and Content Based Routing.
There’s a lot more to discuss including design of contracts, versioning, governance, Forward and backward compatibility, trade-offs associated with various deployment options, Integration and regression testing, Security (authentication, authorization, privacy), Reuse, High Availability, anti-Patterns, AppFabric's role in monitoring, caching and hosting etc but we had to conclude the talk in the interest of time.
Thank you Mike Vincent and David Wells for the invite.
References & Download Links:
and a Future title really looking forward to
Cloud camp LA happened couple of weeks ago at the coresite campus in downtown LA. The highlights of the evening were Dave Nielsen's intro, Lynn Langit's NOSQL session, Bret Statham's CQRS (Command Query Responsibility Segregation) talk and coresite's datacenter tour.
I have attended cloudcamps organized by Dave Nielsen in the past but this particular event wasn't as organized as the one at Microsoft campus couple of years ago (and through no fault of his own). Dave is a Co-Founder of CloudCamp and author of the book PayPal Hacks. The event started late and hence the unconference style sessions and panels were cut short and disrupted. Lots of echo so it was hard to hear and topics which came out of un-conference discussion weren't quite diverse and well organized even for an unconference. However, the data center tour was fun!
and a much nicer write-up by morphlaps on CloudCamp LA – Why Open Source (and OpenStack) Matters To the Enterprise
This Wednesday April 25th, I will be part of a panel at the OWASP LA Security Summit where Jerry Hoff VP, Static Code Analysis Division at WhiteHat Security, will be speaking about Webgoat. Shakeel Tufail, Federal Practice Director for HP Enterprise Security Solutions, will be speaking on "Software (In)Security - Challenges to securing software". Noa Bar Yosef, Senior Security Strategist at Imperva, will be speaking on "De-Anonymizing Anonymous". A concluding panel, moderated by Richard Greenberg, Information Security Officer for LA County Public Health, will have the speakers and myself discussing different aspects of De-Anonymizing Anonymous.
The focus of the panel is upon Recruitment and communication i.e. how Anonymous leverages social networks to recruit its members and pick a target, application attack i.e sequence the steps Anonymous hackers deploy to take data and bring down websites, DDoS i.e. the DDoS techniques deployed to take down websites and finally the key mitigation steps that organizations need to take if they ever become a target.
Four Points by Sheraton Los Angeles
5990 Green Valley Cir
Culver City, CA 90230
RSVP at http://www.meetup.com/OWASP-Los-Angeles/
CloudCamp is an unconference where early adopters of Cloud Computing technologies exchange ideas. With the rapid change occurring in the industry, we need a place we can meet to share our experiences, challenges and solutions. At CloudCamp, you are encouraged you to share your thoughts in several open discussions, as we strive for the advancement of Cloud Computing. End users, IT professionals and vendors are all encouraged to participate.
Location: CoreSite Data Center 900 North Alameda Street ** Free parking for participants in CoreSite's lot accessible from Bauchet Street. Suite 200, Los Angeles, CA 90012
Note: CoreSite has offered to provide tours of the data center to interested attendees at 7:30pm and 8:15pm
6:00 pm Food, Drinks & Data Center Tours
6:30 pm Kick-off
6:45 pm Lightning Talks
- "The Economically Unstoppable Cloud" - Dave Nielsen of CloudCamp
- "Cloud Computing Risk Mitigation via Contract Negotiation & Vendor Management" by Thomas Trappler, Director of Software Licensing, UCLA
- "Why the Enterprise should care about Open Source in cloud" by Winston Damarillo, CEO, Morphlabs
- "Why Data Center Matters when Deploying Your Own Cloud" by Regis Malloy, VP Strategic Alliance, CoreSite
7:15 pm Organize Breakout Sessions
- "SQL & BigData" by Lynn Langitt
- "Cloud Security Alliance" by Jason Woloz
- "Intro to Cloud for non-techies" by Dave Nielsen
- "The future of Cloud Computing" by Dave Nielsen
7:30 pm Breakout Sessions Round 1
Unconference Session Topics TBD
Data Center Tour (round 1)
8:15 pm Breakout Sessions Round 2
Unconference Session Topics TBD
Data Center Tour (round 2)
9:00 pm Wrap-up
Speaking @ 10th Annual SecureIT conference- “Practical Web Application Security and OWASP Top 10 implementation on Microsoft Platform”
On March 18th, I will be speaking at the 10th Annual SecureIT conference in a workshop titled “Practical Web Application Security and OWASP Top 10 implementation on Microsoft Platform”. This is a joint session with Tin Zaw, chapter leader and president of OWASP LA.
Here is the abstract.
Presenters: Adnan Masood, Tin Zaw
This session is a hands-on introduction to the web application security threats using the OWASP top 10 list of potential security flaws. The OWASP Top Ten provides a powerful awareness list for web application security and represents a broad consensus about what the most critical web application security flaws are.
Focusing on Microsoft platform with examples in ASP.NETand ASP.NETMVC, we will go over some of the common exploits and techniques for writing secure code in the light of OWASP top 10. In this code centric talk, we will discuss built in security features ofASP.NET and MVC such as cross site request forgery token and secure cookies and how to leverage them to write secure code. The OWASP Top 10 Web Application Security Risks for 2010 which will be covered in this presentation include Injection flaws, Cross-Site Scripting (XSS), Broken Authentication and Session Management, Insecure Direct Object References, Cross-Site Request Forgery (CSRF),Security Misconfiguration, Insecure Cryptographic Storage, Failure to Restrict URL Access, Insufficient Transport Layer Protection and Unvalidated Redirects and Forwards.
San Gabriel Valley .NET Developers group's next meeting is Wed Feb 15th. Please swing by to learn more about Command Query Responsibility Segregation and Mercurial source control usage in a team environment. See details below or on the sgv.net user group website
Abstract: Command Query Responsibility Segregation (CQRS) is an approach, a mindset to reduce complexities in application development. In its essence, CQRS is the creation of two objects where there was previously only one. CQRS is a very simple pattern that enables opportunities for architecture that may otherwise not exists. I will discuss what CQRS is in its simplest form and how it can be used to; capture business intent, data warehousing, event sourcing, and help reduce application complexity. After giving a brief overview of CQRS, I walk through developing a simple application using DDD and CQRS.
Abstract: Working with Mercurial in a team
Mercurial is a cross-platform, distributed revision control tool for software developers. Mercurial’s major design goals include high performance and scalability, decentralized, fully distributed collaborative development, robust handling of both plain text and binary files, and advanced branching and merging capabilities, while remaining conceptually simple. This discussion will give an introduction to Mercurial, as well as the client tools fully integrated in Visual Studio, and various work flows that can be used with Mercurial in your team.