Bpositive: 2012

Friday, December 14, 2012

One of my best courses @USC Geospatial Information Management

Last Spring when I took the CSCI 402 class I thought this would be the best class that I would have come to experience during my M.S. CS course at University of Southern California (USC). Come to Fall 2012 and I guess I was proved wrong. Not to undermine the CSCI 402 class under Prof. Crowley. He is a legend and his class was an epitome among all the classes I had taken so far at USC. It taught me teamwork, core programming skills and I guess one more big thing that is estimation. An estimation of how much time I would take in building some projects. I guess it is very important for a software developer to know that.

But Fall 2012 brought an another course CSCI 587, Geospatial Information Management. This course would be by far one of the best courses I took at USC. The course is taught by Prof. Cyrus Shahabi who is a veteran in the Geospatial domain and it is completely reflected in his selection of research papers, his chronological order of reviewing and teaching them to the students. The coursework for this course is by far the best ones that I have seen so far in terms of design. It is not surprising that this is one of the few courses in the US which is taught via the Distance Education Network to two schools in Vietnam. The professor teaches the course with ease and his humour is always present even while reviewing the most difficult research papers ever. That is one of the reason that he manages to deliver with such ease. With a lot of papers he gives such great research insights and technical challenges that helps you understand the world of research and academia. The professor also gave a few entrepreneurial lessons in one of his classes. For someone who is a start-up enthusiast like me those lessons were really cool.

Personally, I can now wrap my head around everything that may be non-technical with research.
The crux of the course is Geo-spatial data storage and management. Everyone today in the start-up industry says that an app in today’s world cannot be successful if it lacks one of these three things, Social, Mobile and Geo-location. I learned the Geo-location techniques and all the research behind it in this course. Looking at the evolution of research in this area also teaches you a lot of things. The professor also highlights those areas throughout the course.

Apart from this the course taught me the importance of design. Project design, brainstorm meetings, UI/UX design for my project all got me into the real development scenario at a Start-up. I learned scheduling with team members, handling deadlines and iterative development. There is so much iterative development that I did with this project that now it seemed like that is the only software development model that existed.The project in this course taught me teamwork again, but at a whole new level. Our three people team was actually time a product team where each one was responsible for one aspect of the project.

At the end of the course when my team presented our project the professor even suggested us to apply at some incubators in LA with this idea. I am going to do that soon. Well, and not to forget that we owe our TA a 5% if this takes off. It is pretty clear that going forward I am going to miss this course but I will never forget all the lessons it taught me.

P.S I was the one to donate the maximum chocolates in the class on the day of Halloween.

Friday, November 2, 2012

Updates in Java7 (Dolphin)

Java7 update came out on July 28, 2011 but still a lot of programmers do not want to shift from the Java6 to the Java7 version. Well, extensively using Java from the last couple of months, I decided to write about the update.

Java7 also named Dolphin, is the outcome of the OpenJDK 7 project. Java7 has many new feature improvements. Many of its milestones and builds have different names like Project Coin.

Feature updates:

1. Virtual Machine: Da Vinci Machine Project

Multiple Language support: The JVM will now have architectural support for languages other than Java. This move is done to extend the JVM and portability to different languages. This is definitely a move to expand the future JAVA ecosystem.

Strict Class file Checking: This was introduced in SE6. There are major improvements in this version like type checking verifier. Also, improvements in backward compatibility with old inferencing verifier.

2. Lang: Project coin

Lang is one of the most extensively used Java libraries. There are a couple of small language enhancements which are significant for programmers.

- Strings in Switch statement

- Automatic Resource management in try statement

- Type Interface Improvements for generic interface creation (diamond)

- Binary integral literals and underscores in numeric literals

- Simplified varargs method invocation

- Precise Exception throwing for multi-catch

3. Core:

API modifications to class loader for Deadlock fix: Custom class loaders that do not adhere to a acyclic class loader delegation model can be deadlocked by this modification.

Method to close URLClassLoader: A new method to close the files which are kept open by the URLClassLoader.

Concurrency and collection framework: A improved framework lightweight fork/join framework, flexible and reusable synchronization barriers, transfer queues, concurrent linked double-ended queues, and thread-local pseudo-random number generators. These include changes in the java.util.concurrent package with classes like ForkJoinPool, Phaser, TransferQueue, ConcurrentLinkedDeque, ThreadLocalRandom.

4. Internationalization:

Unicode 6.0: This is upgraded support for Unicode character set to 6.0

Locale Enhancements: Locale enhancements for Chinese, Hebrew, Uzbek and Latin characters.

5. I/O and networking

New I/O APIs: New I/O APIs for filesystem access, socket binding, configurations and multicast datagrams for NIO.2

NIO.2 filesystem provider for jar and zip extensions.

Upgrade to the networking configurations using the Windows Vista IPv6 stack.

Support for transport layer security version 1,2

6. Security and Cryptography:

Elliptic curve cryptography: A portable Elliptic curve Cryptographic implementation for all java applications to use them directly.

7. Database Connectivity:

One of the most important use cases of Java that is DB connectivity gets a JDBC 4.1 upgrade.

8. Client

XRender pipeline for Java 2D: 2D graphics made easy with a new Java2D graphics pipeline based on X11 XRender extension which harnesses the power of modern GPUs

New Graphic platform APIs: New features for platform include translucent and shaped windows and heavyweight/lightweight component mixing.

New Look and feel for Swing: Nimbus like new look and fell for the Swing package.

Swing JLayer component: Addition of new SwingLabs JXLayer to decorator platform.

Grevill sound synthesizer: New and improved sound synthesizer created as a proposal for the Audio Synthesis Engine Project.

9. Web

Crucial Update XML stack: The extensively used XML stack for the web framework gets an update here to the most stable version.

10. Management

Enhanced MBeans; Handle your CPU loads and notifications better by enhanced MBeans. MBeans report recent CPU load of the whole system, the CPU load of the JVM process, and to send JMX notifications when GC events occur.

Apart from these there is something that you can expect from JDK8 like more enhancements to JVM for modular programming, Annotations, Language support, project Lambda, Modularization which focusses on JDK, Swing application framework and JDatePicker components.

Detailed description on : http://openjdk.java.net/projects/jdk7/features/#fa535991

Saturday, September 22, 2012

My Dream of Dreamforce

“Make no little plans, they have no magic to stir a man’s blood”.

When a few decades ago Google CEO Eric Schmidt and Salesforce CEO Mark Benioff talked

about the networked supercomputer the world was on the brink of the next transformation

in technology. Today that is known as cloud.

As Enterprises and businesses expand, technology infrastructure needs to change which

leads to a lot of upgrades and extensions to current technology, more workforce

requirements, scalability issues and consistency problems. The solution to all this in today’s

scenario is called cloud. Cloud also enables small enterprises to think big as cloud leverages

the required technology infrastructure in a hassle free manner.

Cloud has already transformed my career. I consider myself to be one of the fortunate

people to start my career using cloud technology via Salesforce, Force.com PaaS API. My

application will soon go for production for the largest medical device giant in the world

Medtronic, Inc. as my intern project for summer for the diabetes division. I may be one of

the youngest in the Salesforce ecosystem here at Medtronic, Inc. developing on the

Force.com platform. The application enables more than 100% ROI. It is simply productivity

as a service. I am obliged to work on such a technology which makes me work out of the box

and deliver the best for my team. Please visit my blog blogger.com/vimarshk for more on

the internship journey and flavors.me/vimarshk for my online profile to know more.

Dreamforce showcases the best in cloud today. I am currently working on integrations of

other platforms with Salesforce. I have a lot of other ideas that the platform can enable for

enterprises. If I get a chance to attend Dreamforce I can deliver all this with the latest

Salesforce technology more efficiently. I wish to be one of the best developers on the

Force.com platform and Dreamforce may be my first step towards that. It would be an honor for me if I get a chance to attend Dreamforce this year.

Monday, August 6, 2012

International Business Culture

Today the world is a small place due to advanced technology and social media. As the world progresses in its time we see the birth of more and more multinational businesses. Being a global person is becoming increasingly more important because now not only clients and customers but even teams are located remotely. In such scenarios international business culture is as important as international business acumen.

I have been fortunate that I have had people of geographic diversity around me giving me an insight into different business cultures around the world. My dad has been to different countries of Europe, I am currently studying here in the US in one of the most diverse cultured Universities, University of Southern California; I have friends located in the UK and Canada too.

It is very interesting to know about the different business cultures. I will be talking about the countries one by one. I have not posted anything lately because compiling this one was taxing enough! I hope it is good enough. I will be adding further to this post though.

Australia

Australia is an island and kind off quite different in terms of business habits since it is an isolated island.

1. Australians are simple and updated businessmen. They prefer business oriented presentations with tangible facts and diagrams. During meetings they prefer eye contact.

2. They are punctual. It is important to be on time.

3. They are formal and straight in their business deals. Hence, they do not like hype and partaking. It is not very common to handshake before/after a meeting. Women may greet with a kiss on the cheek.

4. Emails usually have first names and they are direct and to the point. Their formal communication also reflects the same thing.

5. Home visits are common in business. Gifts too are a part of their business culture. Australians value nature.

Austria

Austria is small but one of the financially powerful countries in the world today. It’s neat and clean customs are also reflected in their business culture.

1. Austrians hate gaudy people. They like apt business attire which is not too flashy.

2. Like Australians they too are formal businessmen. They are direct and to the point in their business deals. Humor is not encouraged in business meetings. Respect is mutual. Email communication is direct too.

3. They concentrate on long term relationships rather than short deals. So, it is very important not to make haste during deals.

4. They are punctual too. Long delay or last minute cancellation my harm business relations.

5. They like attention to detail. University degrees, time you have been in business are important. Translating your business card on one side into German would be appreciated.

6. Home visits may happen. It is good to have a handshake with everyone present including the kids. Gifts can include chocolates or flowers odd in number. Lilies, red carnations, chrysanthemums should be avoided since they are funeral flowers.

Belgium

Belgium is a European country which has three major speaking languages, Dutch, French and German. Belgian businessmen are polite, subtle and well mannered.

1. Hence, direct and confrontational approach is insolent for them.

2. Handshake is a common gesture before/after meetings.

3. Belgians are attached to festivals. Hence, meetings and deals should be avoided during festivals. July and August, week before Easter and between Christmas and New Year, meetings should be avoided.

4. Presentations should be logical and reasonable as opposed to just direct up to the point.

5. Since we have Dutch and French as the two main languages, it would be great if the business card could be translated to either one of them and handed to them with that language side up.1. Home visits may happen in Belgium. It is customary to have a gift in the form of flowers or chocolates. Avoid Chrysanthemum as they signify death. Give odd number of flowers except 13.

Canada

Canada is a country located north of the United States of America with a pretty cold weather. Canada has many French residents and hence, French is used in certain parts of Canada.

1. Canadians are more reserved and calm in nature. It is important to keep your body language minimum.

2. They expect firm handshakes and eye contact.

3. They like to address people formally. Hence, talk with the title like Mr., Mrs. Miss until they call you by your first name.

4. Words are important during conversations so be careful of what to say. Hence, verbal communication is very important.

5. There is no business discussion during meals.

6. Home visits are not often. If they do happen, due to cold weather, wine or liquor could be an apt gift.

China

China is a super power of Asia. Manufacturing business is huge in China and is a business hub growing very rapidly in the world.

1. Chinese culture is very rooted and is strictly followed by most of the people.

2. Chinese businessmen find gestures distracting. Pointing a finger is rude. Personal contact too is considered inappropriate.

3. They are formal in their deals. They like if meetings are scheduled 2-3 months in advance and in writing. They prefer face to face meetings.

4. They believe in knowing more about the company. Hence, it is great if you can send them company details before the meeting.

5. Gift is a sensitive issue. Pens are considered to be good gifts. Clocks, flowers and handkerchiefs are associated with funerals. Sharp objects should be avoided as they signify you wish to severe the relationships.

6. They believe in luck. Four is unlucky and eight is the luckiest.

7. Seating during meals is a big deal. Reserved siting is planned for the guest of honor or seniority level. Chopsticks positioned in a bowl signify death. Dropping them is bad luck. Rubbing them indicate poor construction or quality. If you finish all your food it means you are still hungry. Drinking is not allowed during meals.

Denmark

Denmark is one of the most beautiful countries in the European Union.

1. Danish people are direct and courteous. They expect firm handshakes and direct eye contact. If there is a woman then shake hands of the woman first as a sign of courtesy.

2. They are punctual and up to date. Hence, prior appointments and punctuality are important. In case if you get later than a few minutes into the meeting it is important to telephone and let them know immediately.

3. Danish people do not work in summer from June to August due to Danes vacation.

4. They address by professional titles. You can use Herr (Mister), Fru (Misses) or Froken (Miss).

5. Send an agenda before the meeting and do not deviate from it. Be factual and organized and use charts and diagrams.

6. Be accommodating and consult everyone before you pass a decision.

France

France is one of the super powers of the European Union. It is known for its art and architecture

all over the world.

1. French people are all lovers of art and architecture. They love French cuisine too. Your participation would be important in case of a conversation.

2. They have a casual culture. They have lighter and briefer handshakes than in other cultures along with brief eye contact.

3. Coming up unannounced or uninvited is not a good thing as they value their personal space and privacy.

4. The French are open in their business. The same trust and openness is expected from you too. This should reflect in your actions, gestures and words. Courtesy and respect is shown by eye contact. An attempt to speak French even if you do not know it is considered as a sign of respect.

5. French conversations are animated and heated.

6. For business cards convert your card into French and give it with the French side up.

Germany

Germany is the most powerful economic super power of Europe. Its economy is the largest in

the EU.

1. Germans are conservative in business. They usually take a long time in deciding the project aspects and are detailed about work. Hence, project may take longer than expected.

2. Germans are very punctual. Never be late. Being late is considered offensive and insulting. Also, humor is not encouraged during business. They are serious in business.

3. Sudden changes to plans are unwelcomed. Even if sudden plan change results in profits, they do not like them.

4. Germans have a different way of greeting. Shaking hands before and after the meeting is mandatory. It is accompanied by a bow or a slight nod. Failure to do so may send wrong signals. Have good eye contact when you do that. Shake hands with woman if they extend their hand. They greet others with “Herr” before the title as a mark of respect. Title is very important for the Germans. Make sure that you address them by their title.

5. They do not believe in admiration, compliments etc. Everything is considered normal and smooth unless otherwise reported.

6. Germans drink a lot. But in a business setting drinking conservatively is suggested. You are expected to be fast and eat plenty of food.

7. Germans are very private about their personal life. An unexpected phone call may be really a bad option.

8. For a visiting card have one side translated in German and give it to the German counterpart with German side up.

More coming up!

Monday, July 2, 2012

Single Sign On (SSO) with SAML

The pace at which our number of usernames and passwords increase every year is enormous. With each new account we have a new dimension of security associated with it. On the organizations perspective, multiple accounts cause security problems and huge storage and management issues too. With cloud infrastructures increasingly becoming popular, these problems are escalated. Single Sign on (SSO) is therefore a popular infrastructure for organizations today. If you see Google, with one login, you can access Gmail, Google Drive, Youtube, Google Calendar, Blogger and other services that it offers. The latest one is the browser Google Chrome’s cool support which enables you to sync your bookmarks, extensions and even live pages all using just the same account.

Benefits of using SSO:
1. SSO reduces password fatigue which is caused due to entering different username and password combinations.
2.It provides a centralized infrastructure for managing and storing of account details. This in turn reduces IT related costs.
3.It also reduces the cost for setting up IT help desks for password losses. It provides easier access to resources.
4.It makes security management much easier by having a single layer of security which is more generalized for each service or application.
5.Tracking users and tracking their access to resources becomes easier.

There are different single sign on configurations that exists.

- One time Password (OTP): OTP is one of the most secure ways to do a Single Sign On. There is a two factor authentication using special OTP tokens which is one of the best practices in the industry today.

- Kerberos based SSO: Kerberos has ticket granting servers. The initial sign on grants you access to the Kerberos system. Other different services are all accessed by requesting for tickets for that particular service.

- Security Assertion Markup Language (SAML): SAML is a XML-based solution for exchanging user security information between your organization and a service provider. It supports W3C XML encryption and service provider initiated web single sign-on exchanges. The user is called the subject in the SAML based Single Sign On. The identity provider is the one which provides the user credentials. The service provider trusts the identity provider on the user information to provide access to its services or resources.

OAuth - Best Security and Best Privacy

Security is one of the key concerns in the online world today. The tech world knows about the recent compromise of security where various LinkedIn passwords were hacked. Usually a large website like google.com or Salesforce.com has various other websites linked to them which belong to the same or different organization like gmail.com, blogger.com or Force.com, radian6.com. To login, we enter our credentials into the main website and then, we are redirected to the respective websites that we want to go to. In today’s world this is enabled by security tokens which are shared between websites.

The above scenario is made possible using an open protocol called OAuth. OAuth allows a website to access another website without exposing a user's credentials. OAuth allows users to give out tokens for other websites to access limited resources for a limited time. This is done using tokens and consumer secret keys which are exchanged between the websites and users. This is useful because even if a website security is compromised it gets only the tokens and consumer keys which could be revoked. So the credentials are safe.

OAuth has two types of tokens, request token and access token. We have a user and an application or a service (consumer) which wants limited access from a website where the user has his login credentials. The service will first ask for a request token from the website (say Salesforce). This token has a consumer key and a consumer secret key. The request token redirects the user to the website, where he enters his credentials. The user logs in and the consumer now gets access to the website without the user having to provide his credentials to the consumer. Consumer gets access after the user formally approves giving access to the consumer. After the user approves the request, the website marks the request token as approved by the user. The authorized request token is then exchanged by the consumer for an access token. There may be multiple requests using the access token, to finally get what the consumer wants. This continuous exchange of tokens is sometimes termed as OAuth dance. All the tokens are time stamped and hence, the consumer gets limited access. Also, the consumer never gets the actual user credentials. This improves privacy as well as security.

To learn more about OAuth:

http://hueniverse.com/2007/10/beginners-guide-to-oauth-part-ii-protocol-workflow/

http://oauth.net/

http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com

Friday, June 22, 2012

The power of Force.com

When we see the cloud scene today, we have big companies like EMC, Joyent, Saavis, Verizon/Terremark, Microsoft, Salesforce, VMWare, BlueLock, Citrix, IBM, Amazon and now Oracle too. Many of these are enterprise cloud providers and Software as a service (SaaS) providers. Each of them has a unique domain of specialized services that they offer. But I think bringing the cloud right in the hands of each developer is the best done by Salesforce. Force.com’s unique Platform as a Service (PaaS) model is one of a kind and gives the power to the developer to bring ideas into reality very quickly.

It is unique in a way also that it has integrations with different technologies too. Salesforce can be integrated with SAP via IBM castIron. It supports Heroku which can be configured with Amazon cloud. It just means that Salesforce cloud is flexible. Salesforce is also a pioneer putting the entire CRM on the cloud. Mobile and social are one of the most important parts of any enterprise today. Force.com supports both mobile and Social. It can have your applications ported to handheld devices very easily. It enables Social via Chatter.

In terms of languages too, it is very flexible. Just a few days ago I saw how Salesforce uses Hadoop Webinar. They used a combination of Hadoop with Java mapReduce, Pig, Force.com and machine learning algorithms to measure product metrics and community based recommendations in chatter. It merges with Heroku which is their own cloud based polyglot platform which supports another set of different languages that I mentioned in my earlier blog. Force.com discussion boards have special sections for Perl, PHP, Python and Ruby Development.

All this means one thing; there are no limits to what you can do with Force.com.

Wednesday, June 20, 2012

Fail first, fail fast

Whenever you develop it is very important to fail first and fail fast. Fail first gives you and ability to learn more about what your project and risks involved. Fail fast ensures that you have ample of time in developing the application via other alternatives.

I started with an e-book on force.com fundamentals. I thought that the book will give me an insight on how to use the Platform for development. I was surprised that it taught me how to use the platform along with developing my first app on the cloud. It was amazing.

After all the things that Force.com provides, the best part about it is drastically reduces the development time of your applications. Time is the most important factor for business today. There are so many ideas that never really see the light of the day because of development time. Imagine that you have the power to implement your ideas real time! I can see that for many applications which have critical time frames for market release for the ones which depend on the current market scenarios, Force.com can be a boon.

Force.com has defined every object and connections between objects in a very modular way which can fit any business need. Different relationships between objects can be designed if you have the right knowledge about your application architecture. There are various workflow and approval options that can be used to design a custom workflow for your application. Data security settings are amazing. Access rights and specifications have the granularity till the field or record level. This enables modular privacy settings for any hierarchy of users. Adding users and roles is also very simple. Creation and generation of reports are very simple and easy to configure. User Interface provided by default is very simple to use. However, you can add custom user interfaces via Visual Force. To sum it all up, it is as modular as possible accommodating anything you can think of.

In addition to all this, Force.com development adheres to FDA CFR 11 compliance. This compliance includes secure SSL encryption, daily backups, audit trails just to name a few. This makes Force.com the best and most secure in the business of cloud computing.

I guess Force.com can do anything. So, I my fail first, fail fast strategy enabled me to make my first application on the cloud, a sample recruiting application for the HR team of any organization.

Step one - Understand the technology

Force.com has multitenant architecture. The old architectures would be allocation of a set of resources for each tenant/organization. Here, they just have one huge set of resources which are used by all the organizations who subscribe that service. These resources can be maintained by set of experienced people; hence, you do not have to worry about the maintenance at all. This significantly reduces the cost for each organization too. Secondly, service improvements can enhance all the users at the same time.

Multitenancy provides like a base architecture for all applications. Since each organization has a different customized use of the architecture, Force.com uses metadata driven architecture to allow separation between them. Meta data driven approach allows event driven custom object generation customizing the space for each organization.

Apart from these, there is redundancy introduced at each level of the database back-end which enables faster query response. There is a separate table for mapping a set of the primary key values too, which can be used for faster query processing if the original mechanism fails.For more go to multitenant architecture.

Platform as a service has enormous advantages to the developer. It abstracts the concept of the server and it enables you to work without limits. Developer need not worry about scalability, system backups, operating system, patches and security, high availability and load balancing.

Before we work on any technology, a little background work is never harmful. It helps you to think more of like the system in the backend and how it functions to enable your application. These insights prove helpful to us when we create our own application.

I developed a sample recruiting application which can be used by the HR department of any firm for recruiting purposes. This application was going to decide whether I will be able to use this technology for my application.