Feeds

Day of REST approaches for the cloud

It's a style thing

3 Big data security analytics techniques

Comment The term REST keeps on popping up when vendors and analysts talk about cloud storage. We're told that RESTful interfaces are more advanced than traditional filer interfaces such as NFS or CIFS. What is REST all about? Let's take a fairly simplistic look at REST, cast an eye in the direction of its advantages over the traditional NAS protocols, and try an overview comparison with Microsoft's SOAP protocol.

REST stands for REpresentational State Transfer and the term was introduced in a University of California at Irvine doctoral thesis by computer scientist Roy Fielding in 2000. The document's abstract states: "REST emphasizes scalability of component interactions, generality of interfaces, independent deployment of components, and intermediary components to reduce interaction latency, enforce security, and encapsulate legacy systems."

Fielding has been involved with authoring Internet standards for HTTP and URIs (Uniform resource Indicators) and his work has received a lot of attention.

His paper charts the development of the REST idea from an initial client-server architecture which decouples client systems from servers and enables clients to talk to different servers and evolve separately from them. This interface became stateless in the sense that servers received requests and had no need to be aware of the situation or state behind the request. They just blindly serve it, with no stored context, and leave the responsibility for maintaining state with the client. Servers don't have to store state between requests and can be more efficient with their resources.

Fielding then says we add a visible cache constraint, with data coming from servers being labelled as cacheable or non-cacheable. Cacheable data can be re-used by client systems for subsequent requests by their users or applications, thus avoiding server access latency. Fielding says that this client-cache-stateless-server architecture was that used by the early world-wide web.

He adds a constraint that there must be a uniform interface between components and this becomes a central feature of REST. He states: "Implementations are decoupled from the services they provide, which encourages independent evolvability." This degrades efficiency as information is transferred in a standard form and not in forms suited to individual applications. REST is designed: "to be efficient for large-grain hypermedia data transfer, optimizing for the common case of the Web, but resulting in an interface that is not optimal for other forms of architectural interaction."

He goes on to define REST by four interface constraints: "identification of resources; manipulation of resources through representations; self-descriptive messages; and, hypermedia as the engine of application state." He then adds: "layered system constraints... the layered system style allows an architecture to be composed of hierarchical layers by constraining component behavior such that each component cannot "see" beyond the immediate layer with which they are interacting."

The benefit of this is that: "Within REST, intermediary components can actively transform the content of messages because the messages are self-descriptive and their semantics are visible to intermediaries."

Finally: "REST allows client functionality to be extended by downloading and executing code in the form of applets or scripts." In summary he says: "REST... gains the separation of concerns of the client-server style without the server scalability problem, allows information hiding through a generic interface to enable encapsulation and evolution of services, and provides for a diverse set of functionality through downloadable feature-engines."

SANS - Survey on application security programs

Next page: SOAP and REST

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.