Feeds

Day of REST approaches for the cloud

It's a style thing

3 Big data security analytics techniques

Comment The term REST keeps on popping up when vendors and analysts talk about cloud storage. We're told that RESTful interfaces are more advanced than traditional filer interfaces such as NFS or CIFS. What is REST all about? Let's take a fairly simplistic look at REST, cast an eye in the direction of its advantages over the traditional NAS protocols, and try an overview comparison with Microsoft's SOAP protocol.

REST stands for REpresentational State Transfer and the term was introduced in a University of California at Irvine doctoral thesis by computer scientist Roy Fielding in 2000. The document's abstract states: "REST emphasizes scalability of component interactions, generality of interfaces, independent deployment of components, and intermediary components to reduce interaction latency, enforce security, and encapsulate legacy systems."

Fielding has been involved with authoring Internet standards for HTTP and URIs (Uniform resource Indicators) and his work has received a lot of attention.

His paper charts the development of the REST idea from an initial client-server architecture which decouples client systems from servers and enables clients to talk to different servers and evolve separately from them. This interface became stateless in the sense that servers received requests and had no need to be aware of the situation or state behind the request. They just blindly serve it, with no stored context, and leave the responsibility for maintaining state with the client. Servers don't have to store state between requests and can be more efficient with their resources.

Fielding then says we add a visible cache constraint, with data coming from servers being labelled as cacheable or non-cacheable. Cacheable data can be re-used by client systems for subsequent requests by their users or applications, thus avoiding server access latency. Fielding says that this client-cache-stateless-server architecture was that used by the early world-wide web.

He adds a constraint that there must be a uniform interface between components and this becomes a central feature of REST. He states: "Implementations are decoupled from the services they provide, which encourages independent evolvability." This degrades efficiency as information is transferred in a standard form and not in forms suited to individual applications. REST is designed: "to be efficient for large-grain hypermedia data transfer, optimizing for the common case of the Web, but resulting in an interface that is not optimal for other forms of architectural interaction."

He goes on to define REST by four interface constraints: "identification of resources; manipulation of resources through representations; self-descriptive messages; and, hypermedia as the engine of application state." He then adds: "layered system constraints... the layered system style allows an architecture to be composed of hierarchical layers by constraining component behavior such that each component cannot "see" beyond the immediate layer with which they are interacting."

The benefit of this is that: "Within REST, intermediary components can actively transform the content of messages because the messages are self-descriptive and their semantics are visible to intermediaries."

Finally: "REST allows client functionality to be extended by downloading and executing code in the form of applets or scripts." In summary he says: "REST... gains the separation of concerns of the client-server style without the server scalability problem, allows information hiding through a generic interface to enable encapsulation and evolution of services, and provides for a diverse set of functionality through downloadable feature-engines."

SANS - Survey on application security programs

Next page: SOAP and REST

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Brit boffins use TARDIS to re-route data flows through time and space
'Traffic Assignment and Retiming Dynamics with Inherent Stability' algo can save ISPs big bucks
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.