In the enterprise, creating application services introduces many decisions to be made around security. Deploying those services to the cloud brings about another level of implications, especially if a company is looking at public or hybrid cloud solutions for hosting those services. HP offers a cloud security service to assist clients with these decisions as part of the HP Cloud Consulting Services offering. However, Amazon's consumer space seems to be at the complete opposite end of the spectrum.
If you haven’t heard, Amazon has introduced a new specialized tablet today called the Amazon Kindle Fire. It is meant to deliver services like those offered through the classic Kindle, as well as services like movies, apps and games from Amazon. Towards the bottom of the product page you will find an overview of the product’s new browser, Amazon Silk.
The Silk browser is based on WebKit, but takes an interesting approach to other browsers in the way that it connects to the Internet. Amazon has a video explaining their "Cloud-accelerated browser". It partially relies on Amazon Web Services to enable “Split-Browser” technology. This essentially allows the AWS to act as a cloud-based proxy server. Given this I started wondering about privacy, and as I looked at the Frequently Asked Questions I found this:
Amazon Silk optimizes and accelerates the delivery of web content by using Amazon’s cloud computing services. To do this, the content of web pages you visit using Amazon Silk may be cached to improve performance and certain web address information will be collected to help troubleshoot and diagnose Amazon Silk technical issues.
To learn more about what information we may collect, how long that information may be stored and how we might use that information, please see the Amazon Silk Terms and Conditions.
I then moved to the T’s and C’s page and found this additional information:
Amazon Silk also temporarily logs web addresses known as uniform resource locators (“URLs”) for the web pages it serves and certain identifiers, such as IP or MAC addresses, to troubleshoot and diagnose Amazon Silk technical issues. We generally do not keep this information for longer than 30 days.
You can also choose to operate Amazon Silk in basic or “off-cloud” mode. Off-cloud mode allows web pages generally to go directly to your computer rather than pass through our servers. As such, it does not take advantage of Amazon’s cloud computing services to speed-up web content delivery.
Amazon still promises to "negotiate a direct connection" if you are using a secure transport like SSL, but it seems they will still be collecting data about the use of the site. Google tried using similar technology running on the client, called Google Web Accelerator, but eventually discontinued the product.
I find it interesting that Amazon is choosing lack of privacy as the default option. Although it seems in the consumer space the recent trend is to cut privacy (see recent changes in Facebook or Google+) to keep services cheaper. At HP we continue to consider your enterprise's privacy and security a top priority.
Another Microsoft .Net code example has been taking some criticism as of late. I read some blog posts and the cooresponding comments from a couple of well known and respected developers, Ayende and Rob, and I think they are being a bit harsh on the example set. To be fair, many of their points would actually be valid if they were looking at an enterprise application. However, in this case I feel they are taking this code out of its context.
The requirements for this solution are to show architectures and patterns. I feel the solution does that when you review it within the context of the book, N Layered Domain Oriented Architecture Guide with .Net 4.0, which both bloggers did not originally reference in their posts (possibly because they were unaware of it).
The intentions of the book and the code samples are to provide guidance and some examples around how patterns "can" be implemented. It is not the intention to show how to properly do DDD or to document how a bank runs it business. There are plenty of books out there that can do those things. I don't think the authors are expecting anyone to open up the project and refactor it into their own application (although I am sure there will be some that try).
It takes a good bit of experience and knowledge to know when you might need a pattern. I really appreciate the work these guys have done in trying to provide some guidance around the complex enterprise patterns that are being pushed out of many blogs.