0% found this document useful (0 votes)

109 views

CIT421

Uploaded by

adebayomarvellous47

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

109 views

CIT421

Uploaded by

adebayomarvellous47

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 252

NATIONAL OPEN UNIVERSITY OF NIGERIA

FACULTY OF SCIENCES
DEPARTMENT OF COMPUTER SCIENCE

COURSE CODE: CIT421

COURSE TITLE: Net-Centric Computing

CIT421 COURSE GUIDE

CIT421
NET-CENTRIC COMPUTING

Course Team Oguntunde T (Ph.D) (Developer/Writer) - UI

i
CIT421 COURSE GUIDE

NATIONAL OPEN UNIVERSITY OF NIGERIA

National Open University of Nigeria Headquarters

University Village, Plot 91 Cadastral Zone, Nnnamdi Azikiwe Expressway Jabi, Abuja

LAGOS OFFICE
14/16 Ahmadu Bello Way
Victoria Island , Lagos

e-mail: [email protected]
URL: www.nou.edu.ng

Published By:
National Open University of Nigeria
First Printed 2021

ISBN:

All Rights Reserved

i
CIT421 COURSE GUIDE

Table of Contents
Introduction .................................................................................................................... iii
What You Will Be Learning in this Course ......................................................................... iii
Course Aim ...................................................................................................................... iv
Course Objectives ............................................................................................................ iv
Working through this course ............................................................................................. v
Course Material ............................................................................................................... vi
Study Units ...................................................................................................................... vi
Presentation Schedule ................................................................................................... viii
Assessment ................................................................................................................... viii
Tutor-Marked Assignment (TMAs) ................................................................................. viii
Final Examination and Grading ........................................................................................ ix
Course Marking Scheme .................................................................................................. ix
Facilitators/Tutors and Tutorials ....................................................................................... x
Summary .......................................................................................................................... x

ii
CIT421 COURSE GUIDE

Introduction

What You Will Be Learning in this Course

This course consists of units and a course guide. This course guide tells you briefly what the
course is about, what course material you will be using and how you can work through these
materials. In addition, it advocates some general guidelines for the amount of time you are
likely to spend on each unit of the course in order to complete it successfully.

It gives you guidance in respect of your Tutor-Marked Assignments which will be made
available in the assignment file. There will be regular tutorial classes that are related to the
course. It is advisable for you to attend these tutorial sessions.

This course teaches the technology on which everything in the world, ranging from education,
commerce, communication to even the home, runs which is inter-network.

iii
CIT421 COURSE GUIDE

Course Aim
The aim of the course is to furnish you with full knowledge on inter-networking. It teaches
how systems connect one with the other, communication modes, two or more systems
processing, a single but divided large tasks, together simultaneously, transmission technologies
and much more.

Course Objectives
To achieve the aims set out, the course has a set of objectives. Each unit has specific objectives
which are included at the beginning of the unit.

You may wish to refer to them during your study to check on your progress. You should always
look at the unit objectives after completion of each unit. By doing so, you would know whether
you have followed the instruction in the unit.

Below are the comprehensive objectives of the course as a whole. By meeting these objectives,
you should have achieved the aims of the course as a whole. In addition to the aims earlier
stated, this course sets to achieve some objectives. Thus, after going through the course, you
should be able to:

 Identify the configurations of Distributed systems

 Describe the standards of wireless technology
 Implement security schemes or ciphers on the network
 Explain the categories of networks
 Define the concept of Parallel Systems
 Classify parallel Programming Models
 Describe Message Passing Programming
 Explain the concept of:
o Dependence Analysis
o Open MP Programming
o Evaluation of Programs
o Optimizations for Scalar Architectures and Models for Parallel Computing
 Dependence Analysis, Open MP Programming, Evaluation of Programs, Optimizations
for Scalar Architectures and Models for Parallel Computing.
 Explain the concepts of Distributed systems:
iv
CIT421 COURSE GUIDE
o Characterization of Distributed systems
o system models
o distributed objects and
o remote method invocation
 Implement the concept of Distributed transactions:
o Explain flat & nested distributed transactions and concurrency
 Explain Service-oriented architectures:
o Identify the characteristics of SOAs, Hadoop and Spark
 Define Mobile and wireless computing
o Enumerate the Technologies for Wireless Communication
o Explain wireless cellular systems
o Appreciate wireless network technologies
 Discuss Wireless Application Protocols: Mobile IP, WAP, SMS, Bluetooth
 Implement the Frameworks for mobile application development (e.g Ionic, React
Native, Xamarin, Adobe PhoneGap, J2ME)
 Define Cloud computing:
o Explain the cloud computing technologies, infrastructure, and architecture
 Discuss Cloud computing development models (public, private, community and hybrid
cloud), service models (SaaS, PaaS, IaaS).Improve their data privacy through hardware
protection

Working through this course

To complete this course, you are required to read each study unit, read the textbooks and read
other materials which may be provided by the National Open University of Nigeria.

Each unit contains self-assessment exercises and at certain point in the course you would be
required to submit assignments for assessment purposes. At the end of the course there is a
final examination. The course should take you about a total of 17 weeks to complete. Below
you will find listed all the components of the course, what you have to do and how you should
allocate your time to each unit in order to complete the course on time and successfully.

This course entails that you spend a lot time reading. I would advise that you avail yourself the
opportunity of comparing your knowledge with that of other learners.
v
CIT421 COURSE GUIDE

Course Material
The major components of the course are:
1. Course Guide
2. Study Units
3. Presentation Schedule
4. Tutor-Marked Assignments
5. References/Further Reading

Study Units
The study units in this course are as follows:

Module 1 Net-Centric Computing Fundamentals

Unit 1 Introduction to Distributed Computing
Unit 2 Mobile and Wireless Computing
Unit 3 Network Security
Unit 4 Client/ Server Computing (Using the web)
Unit 5 Building Web Application

Module 2 Parallel Systems

Unit 1 Introduction to Parallel Systems
Unit 2 Parallel Programming Models
Unit 3 Message Passing Programming
Unit 4 Dependence Analysis
Unit 5 Open MP Programming
Unit 6 Evaluation of Programs
Unit 7 Optimization for Scalar Architectures
Unit 8 Modules for Parallel Computing

Module 3 Distributed Systems

Unit 1 Introduction to Distributed Systems
Unit 2 Characterization of Distributed Systems
Unit 3 Systems Models
Unit 4 Distributed Objects
Unit 5 Remote Methods Invocation

vi
CIT421 COURSE GUIDE
Unit 6 Using UML for Component Based Designs

Module 4 Distributed Transactions

Unit 1 Introduction to Distributed Transactions

Unit 2 Flat and Nested Distributed Transactions

Unit 3 Concurrency

Unit 4 Characteristics of Service Oriented Architecture- Hadoop & Spark

Module 5 Mobile & Cloud Computing

Unit 1 Introduction to Mobile and Cloud Computing
Unit 2 Technologies for Wireless Communications
Unit 3 Wireless Cellular Systems
Unit 4 Overview of Wireless LAN, IEEE 802.11, Personal Area Network,
Bluetooth
Unit 5 High Speed Wireless Network: HiperLAN

The first module introduces Distributed Computing, dynamic devices and mode of
transmission, security of connected and communicating systems using ciphers, Client and
Servers communication and building of web applications.

Module Two explains parallel systems and parallel programming models. Other issues treated
are Message passing Programming, Dependence Analysis, Open MP Programming, Program
Evaluation using Algorithms, Optimizations for Scalar Architectures and Models for Parallel
Computing.

In the module Three, we have discussed connected Systems, its models and characteristics,
Distributed Objects, remote method Invocation and using UML for Component Based Design

Module Four treated Transactions on Connected Systems, Flat and Nested Distributed
Transactions, Simultaneity or Concurrency.

vii
CIT421 COURSE GUIDE
Module Five introduces Mobile devices and the Internet, Wireless Communications
Technologies, Wireless Cellular Systems, Wireless Local Area Networks, Personal Area
Networks, IEEE 802.11 and Bluetooth and High-speed Wireless Networks

Each unit consists of one or two weeks’ work and include an introduction, objectives, reading
materials, exercises, conclusion, summary, tutor-marked assignments (TMAs), references and
other resources. The units direct you to work on exercises related to the required reading. In
general, these exercises test you on the materials you have just covered or require you to apply
it in some way and thereby assist you to evaluate your progress and to reinforce your
comprehension of the material. Together with TMAs, these exercises will help you in achieving
the stated learning objectives of the individual units and of the course as a whole.

Presentation Schedule
Your course materials have important dates for the early and timely completion and submission
of your TMAs and attending tutorials. You should remember that you are required to submit
all your assignments by the stipulated time and date. You should guide against falling behind
in your work.

Assessment
There are three aspects to the assessment of the course. First is made up of self-assessment
exercises. Second, consists of the tutor-marked assignments and third is the written
examination/end of course examination.

You are advised to do the exercises. In tackling the assignments, you are expected to apply
information, knowledge and techniques you have gathered during the course. The assignments
must be submitted to your facilitator for formal assessment in accordance with the deadline
stated in the presentation schedule and the assessment file. The work you submit to your tutor
for assessment will count for 30% of your total course mark. At the end of the course, you will
need to sit for a final or end of course examination of about three hours duration. This
examination will count for 70% of your total course mark.

Tutor-Marked Assignment (TMAs)

The TMA is a continuous assessment component of your course. It accounts for 30% of the
total score. You will be given four TMAs to answer. Three of these must be answered before

viii
CIT421 COURSE GUIDE
you are allowed to sit for end of course examination. The TMAs would be given to you by your
facilitator and should be returned after you have done the assignment. Assignment questions
for the units in this course are contained in the assignment file. You will be able to complete
your assignments from the information and material contained in your reading, references and
study units. However, it is desirable in all degree level of education to demonstrate that you
have read and researched more into your references, which will give a wider view point and
may provide you with a deeper understanding of the subject.

Make sure that each assignment reaches your facilitator on or before the deadline given in the
presentation schedule and assignment file. If for any reason you cannot complete your work on
time, contact your facilitator before the assignment is due to discuss the possibility of an
extension. Extension will not be granted after the due date unless in exceptional circumstances.

Final Examination and Grading

The end of course examination for Net-centric Computing (CIT412) will be for three (2) hours
and it has a value of 70% of the total course score. The examination will consist of questions,
which will reflect the type of self-testing, practice exercise and tutor-marked assignment
problems you have previously encountered. All areas of the course will be assessed.

Use the time between finishing the last unit and sitting for the examination to revise the whole
course. You might find it useful to review your self-test, TMAs and comments on them before
the examination. The end of course examination covers information from all parts of the course.

Course Marking Scheme

Assignment Marks
Assignment 1 – 4 For assignment, best three marks of the four counts at
10% each, i.e., 30% of Course Marks.
End of Course Examination 70% 0f the overall Course Marks.
Total 100% of Course Material.

ix
CIT421 COURSE GUIDE

Facilitators/Tutors and Tutorials

There are 16 hours of tutorials provided in support of this course. You will be notified of the
dates, time, and location of these tutorials as well as the name and phone number of your
facilitator, as soon as you are allocated to a tutorial group.

Your facilitator will mark and comment on your assignments, keep a close watch on your
progress and any difficulties you might face and provide assistance to you during the course.
You are expected to mail your Tutor-Marked Assignments to your facilitator before the
schedule date (at least two working days are required). They will be marked by your tutor and
returned to you as soon as possible.

Do not delay to contact your facilitator by telephone or e-mail if you need assistance.

The following might be circumstances in which you would find assistance necessary, hence
you would have to contact your facilitator if:
 You do not understand any part of the study or assigned readings
 You have difficulty with self-tests
 You have question or problem with an assignment or with the grading of an assignment.

You should endeavor to attend the tutorials. This is the only chance to have face to face contact
with your course facilitator and to ask questions which may be answered instantly. You can
raise any problem encountered in the course of your study.

To have more benefits from course tutorials, you are advised to prepare a list of questions
before attending them. You will learn a lot from participating actively in discussions.

Summary
Net-centric Computing is a course that intends to intimate the learner with basic facts on
computer networks, network types and categories, distributed systems. Distributed systems
models, parallel systems, concurrency, wireless networks and standards. cloud computing and
wireless application protocols. Upon completing this course, you would have been equipped
with the knowledge of Net-centric computing fundamentals, what network is all about and
wireless technologies, cloud computing and service models.

x
CIT421 COURSE GUIDE

I wish you success in the course and I hope you find it very interesting.

CONTENTS PAGE

Module 1 Net-Centric Computing Fundamentals……………………………………1

Unit 1 Introduction to Distributed Computing……………………………………… 2
Unit 2 Mobile and Wireless Computing ……………………….…………………... 9
Unit 3 Network Security ….………………………………………………………. 15
Unit 4 Client/ Server Computing (Web Application) ……………………………..
Unit 5 Building Web Application

Module 2 Parallel Systems …………..………………………………………………. 25

Unit 1 Introduction to Parallel Systems ……………………………………………26
Unit 2 Parallel Programming Models ……………………………………………..
Unit 3 Message Passing Programming ……………………………………………. 37
Unit 4 Dependence Analysis ………………………………………………………. 46
Unit 5 Open MP Programming …………..………………………………………… 55
Unit 6 Evaluation of Programs ………………………………………………….
Unit 7 Optimizations for Scalar Architecture ……………………………………
Unit 8 Models for Parallel Computing …………………………………………..

Module 3 Distributed Systems ………………………………………………………. 62

Unit 1 Introduction to Distributed Transactions…………………………………….63
Unit 2 Characterization of Distributed Systems…………..………………………… 72
Unit 3 Systems Models……...………………..……………………………………. 84
Unit 4 Distributed Objects…………………………………………………….…… 94
Unit 5 Remote Method Invocation ………………………………………………….
Unit 6 Using UML for Component Based Design ………………………………….

Module 4 Distributed Transactions …………….……………………………………102

Unit 1 Introduction to Distributed Transactions…………………………………… 103

xi
CIT421 COURSE GUIDE
Unit 2 Flat & Nested Distributed Transactions ……………………………………110

Unit 3 Concurrency………….…………………………………………………….. 121

Unit 4 Characteristics of Service Oriented Architecture (Hadoop & Spark)……… 128

Module 5 Mobile & Cloud Computing ………………………………………………..

Unit 1 Introduction to Mobile & Cloud Computing ……………………………….

Unit 2 Technologies for Wireless Communications ………………………………..

Unit 3 Wireless Cellular Systems ……………………………………………………

Unit 4 Overview of Wireless LAN, IEEE 802.11, Personal Area Network & Bluetooth

Unit 5 High Speed Wireless Networks: HiperLAN

…………………….

xii
CIT421 Net-Centric Computing

Module 1: Net-Centric Computing Fundamentals

Introduction of Module

Net-Centric or network centered computing is an ongoing area in the twenty-first century with

a great interest among software engineers as it is an enabling technology for modern distributed

computing systems and applications. Today, Net-Centric applications have invaded the lives

of people in many ways. Net-Centric Computing (NCC) is a distributed environment where

applications and data are downloaded from servers and exchanged with peers across a network.

Net-centric Computing focuses on large-scale distributed computing systems and applications

that communicate through open, wide-area networks like the Internet. General examples of

large-scale network-centric systems are the World-Wide Web and Computational Grids. For

several years, major changes are being brought to the world by universal networking

capabilities, such as the Internet. Today’s technology solutions represent the convergence of

computing power, networking capability and the information, data or knowledge that forms the

content of these solutions. At the center these solutions net-centric computing lies. Net-centric

computing refers to an emerging technology architecture and an evolutionary stage of

client/server computing. It is a common architecture built on open standards that supports in

different ways for different people to collaborate and to reach different information sources. The

evolutionary nature of net-centric computing links technological capabilities and strategic

opportunities, helping people in facing today’s new problems and providing the flexibility to

meet tomorrow’s challenges.

1
CIT421 Net-Centric Computing

Unit 1: Introduction to Distributed Computing

1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 Distributed Computing
3.2 Web 2.0 Technologies
3.3 Service Orientation
3.4 Virtualization
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

2
CIT421 Net-Centric Computing

1.0 Introduction

A distributed system is a system whose components are located on different networked

computers, which communicate and coordinate their actions by passing messages to one
another from any system in order to appear as a single system to the end-user. The computers
that are in a distributed system can be physically together and connected by a local network, or
they can be geographically distant and connected by a wide area network. A distributed system
can consist of any number of possible components, such as mainframes, personal computers,
workstations, minicomputers, and so on. Common use cases of a distributed systems are
electronic banking systems, massive multiplayer online games, and sensor networks.
1.1 Functionality
There are two general ways that distributed systems function:
a. Each component of the system works to achieve a common goal and the end-
user views results as one combined unit.
b. Each component has its own end-user and the distributed system facilitates
sharing resources or communication services.
1.2 Architectural models
Distributed systems generally consist of four different basic architectural models:
a. Client-server — Clients contact the server for data, then format it and display it
to the end-user.
b. Three-tier — Information about the client is stored in a middle tier rather than
on the client, to simplify application deployment.
c. n-tier — Generally used when the server needs to forward requests to additional
enterprise services on the network.
d. Peer-to-peer — There are no additional nodes used to provide services or
manage resources. Responsibilities are uniformly distributed among
components in the system, known as peers, which can serve as either client or
server.

2.0 Intended Learning Outcomes (ILOs)

By the end of this unit, you will be able to:

3
CIT421 Net-Centric Computing

 Explain the concept of distributed systems

 Describe the Architectural Models of Distributing Computing
 Explain the term Service Orientation
 Describe the concept, Virtualization

3.0 Main Content

3.1 Distributed computing

Distributed Computing is a much broader technology that has been around for more than three
decades now. Distributed computing is computing over distributed autonomous computers that
communicate only over a network. Distributed computing systems are usually treated
differently from parallel computing systems or shared-memory systems, where multiple
computers share a common memory pool that is used for communication between the
processors. Distributed memory systems use multiple computers to solve a common problem,
with computation distributed among the connected computers (nodes) and using message-
passing to communicate between the nodes.
Example of distributed computing is the grid computing where the nodes may belong to
different administrative domains. Another example is the network-based storage
virtualization solution which used distributed computing between data and metadata servers.

Figure 1: Distributed Computing Systems

Distributed computing, however, can include heterogeneous computations where some nodes
may perform a lot more computation, some perform very little computation and a few others
may perform specialized functionality (like processing visual graphics).

4
CIT421 Net-Centric Computing
One of the main advantages of using distributed computing is that efficient scalable programs
can be designed so that independent processes are scheduled on different nodes and they
communicate only occasionally to exchange results – as opposed to working out of a shared
memory with multiple simultaneous accesses to a common memory.
It is obvious that cloud computing is also a specialized form of distributed computing, where
distributed Software as a Service (SaaS) applications utilize thin clients (such as browsers)
which offload computation to cloud-hosted servers (and services).
Distributed computing, virtualization, service orientation, and Web 2.0 form the core
technologies enabling the provisioning of cloud services from anywhere on the globe.
Distributed computing is a foundational model for cloud computing because cloud systems are
distributed systems. Besides administrative tasks mostly connected to the accessibility of
resources in the cloud, the extreme dynamism of cloud systems—where new nodes and
services are provisioned on demand—constitutes the major challenge for engineers and
developers.
3.2 Web 2.0 technologies
Web 2.0 technologies constitute the interface through which cloud computing services are
delivered, managed, and provisioned. Besides the interaction with rich interfaces through the
Web browser, Web services have become the primary access point to cloud computing
systems from a programmatic standpoint.
3.3 Service Orientations
Service orientation is the underlying paradigm that defines the architecture of a cloud
computing system. Cloud computing is often summarized with the acronym XaaS meaning,
Everything-as-a-Service—that clearly underlines the central role of service orientation
Infrastructure-as-a-Service solutions provide the capabilities to add and remove resources, but
it is up to those who deploy systems on this scalable infrastructure to make use of such
opportunities with wisdom and effectiveness.

Platform-as-a-Service solutions embed into their core offering algorithms and rules that control
the provisioning process and the lease of resources. These can be either completely transparent
to developers or subject to fine control. Integration between cloud resources and existing
system deployment is another element of concern.

5
CIT421 Net-Centric Computing
3.4 Virtualization
Virtualization is another element that plays a fundamental role in cloud computing. This
technology is a core feature of the infrastructure used by cloud providers. Virtualization
concept is more than 40 years old, but cloud computing introduces new challenges, especially
in the management of virtual environments, whether they are abstractions of virtual hardware
or a runtime environment

Discussion
Which of the security infrastructure is most critical and why?

4.0 Self-Assessment Exercises

1. Describe two Service Orientations

Answer
Infrastructure-as-a-Service solutions provide the capabilities to add and remove resources, but
it is up to those who deploy systems on this scalable infrastructure to make use of such
opportunities with wisdom and effectiveness.

5.0 Conclusion
Distributed computing is computing over distributed autonomous computers that communicate
only over a network. Distributed computing systems are usually treated differently from
parallel computing systems or shared-memory systems, where multiple computers share a
common memory pool that is used for communication between the processors

6
CIT421 Net-Centric Computing

6.0 Summary
Virtualization is another element that plays a fundamental role in cloud computing. Platform-
as-a-Service solutions embed into their core offering algorithms and rules that control the
provisioning process and the lease of resources. Infrastructure-as-a-Service solutions provide
the capabilities to add and remove resources, but it is up to those who deploy systems on this
scalable infrastructure to make use of such opportunities with wisdom and effectiveness.

7.0 References/Further Reading

Moving To The Cloud | ScienceDirect

7
CIT421 Net-Centric Computing

Unit 2: Mobile & Wireless Computing

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main Content
3.1 Mobile and Wireless Computing
3.1.1 Mobile Computing
3.2 Mobile Communications
3.3 Mobile Hardware
3.4 Mobile Software
3.5 Mobile Classification
3.6 Advantages
3.7 Security Issues
3.8 Current Trends
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

1.0 Introduction

Mobile computing is human–computer interaction by which a computer is expected to be

transported during normal usage. Mobile computing involves mobile communication, mobile
hardware, and mobile software.

2.0 Intended Learning Outcomes (ILOs)

By the end of this unit, you will be able to:

 Define Wireless Communication

 Classify Mobile and Cloud Computing
 Mention 5 mobile hardware
8
CIT421 Net-Centric Computing

3.0 Main Content

3.1 Mobile & Wireless Computing
3.1.1 Mobile Computing
Mobile Computing is a technology that allows transmission of data, voice and video via a
computer or any other wireless enabled device without having to be connected to a fixed
physical link
Mobile computing involves human–computer interaction by which a computer is expected to
be transported during normal usage

Figure 2: Internet with Mobile Devices

3.2 Mobile communication

• The mobile communication refers to the infrastructure put in place to ensure that
seamless and reliable communication goes on
• These would include devices such as protocols, services, bandwidth, and
portals necessary to facilitate and support the stated services
• The data format is also defined at this stage
• This ensures that there is no collision with other existing systems which offer
the same service.

9
CIT421 Net-Centric Computing
• the media is unguided/unbounded, the overlaying infrastructure is basically
radio wave-oriented
That is, the signals are carried over the air to intended devices that are capable of receiving and
sending similar kinds of signals.
3.3 Mobile hardware
• mobile devices or device components that receive or access the service of mobility
• They would range from portable laptops, smartphones, tablet Pc's, Personal Digital
Assistants
•

Figure 3: Mobile Hardware

3.4 Mobile Software

• Mobile software is the actual program that runs on the mobile hardware
• It deals with the characteristics and requirements of mobile applications
• This is the engine of the mobile device
• It is the operating system of the appliance

10
CIT421 Net-Centric Computing
• Its the essential component that operates the mobile device

Figure 4: Mobile Software

• Since portability is the main factor, this type of computing ensures that users
are not tied or pinned to a single physical location, but are able to operate from
anywhere. It incorporates all aspects of wireless communications
3.5 Mobile Classification
• Mobile computing is not only limited to mobile phones, but there are various gadgets
available in the market that are built on a platform to support mobile computing
• They are usually classified in the following categories:
 Personal Digital Assistant (PDA)
• The main purpose of this device is to act as an electronic
organizer or day planner that is portable, easy to use and
capable of sharing information with your computer systems.
• PDA is an extension of the PC, not a replacement
• These systems are capable of sharing information with a
computer system through a process or service known as
synchronization
• Both devices will access each other to check for changes or
updates in the individual devices
• The use of infrared and Bluetooth connections enables these
devices to always be synchronized.
Figure 5: Personal Data Assistant

• With PDA devices, a user can browse the internet, listen to

audio clips, watch video clips, edit and modify office
documents, and many more services
• The device has a stylus and a touch sensitive screen for input
and output purposes
 Smartphones
 It combines the features of a PDA with that of a mobile phone or camera
phone
 It has a superior edge over other kinds of mobile phones.
 Smartphones have the capability to run multiple programs concurrently
11
CIT421 Net-Centric Computing
 These phones include high-resolution touch screens, web browsers that
can:
 access and properly display standard web pages rather than just mobile-
optimized sites
 high-speed data access via Wi-Fi and high speed cellular broadband.
 The most common mobile Operating Systems (OS) used by modern
smartphones include:
a. Google's Android
b. Apple's iOS
c. Nokia's Symbian
d. RIM's BlackBerry OS
e. Samsung's Bada
f. Microsoft's Windows Phone, and embedded Linux distributions such as
Maemo and MeeGo. Such operating systems can be installed on different
phone models, and typically each device can receive multiple OS software
updates over its lifetime.

Figure 6: Smart Phones

 Tablet PC and iPads

• This mobile device is larger than a mobile phone or a PDA and
integrates into a touch screen and is operated using touch sensitive
motions on the screenThey are often controlled by a pen or by the
touch of a finger
• They are usually in slate form and are light in weight. Examples would
include ipads, Galaxy Tabs, Blackberry Playbooks etc.
• They offer the same functionality as portable computers
• They support mobile computing in a far superior way and have
enormous processing horsepower

12
CIT421 Net-Centric Computing
• Users can edit and modify document files, access high speed internet,
stream video and audio data, receive and send e-mails, attend/give
lectures and presentations among its very many other functions
• They have excellent screen resolution and clarity

Figure 7: Ipads & PCs

3.6 Advantages
• Location Flexibility
• This has enabled users to work from anywhere as long as there is a connection
established
• A user can work without being in a fixed position
• Their mobility ensures that they are able to carry out numerous tasks at the
same time and perform their stated jobs.
• Saves Time
• The time consumed or wasted while travelling from different locations or to
the office and back, has been slashed
• One can now access all the important documents and files over a secure
channel or portal and work as if they were on their computer
• It has enhanced telecommuting in many companies
• It has also reduced unnecessary incurred expenses
• Enhanced Productivity
• Users can work efficiently and effectively from whichever location they find
comfortable
• This in turn enhances their productivity level
• Ease of Research
• Research has been made easier, since users earlier were required to go to the
field and search for facts and feed them back into the system
13
CIT421 Net-Centric Computing
• It has also made it easier for field officers and researchers to collect and feed
data from wherever they are without making unnecessary trips to and from the
office to the field
• Entertainment
• Video and audio recordings can now be streamed on-the-go using mobile
computing
• It's easy to access a wide variety of movies, educational and informative
material
• With the improvement and availability of high speed data connections at
considerable cost, one is able to get all the entertainment they want as they
browse the internet for streamed data
• One is able to watch news, movies, and documentaries among other
entertainment offers over the internet
• This was not possible before mobile computing dawned on the computing
world.
• Streamlining of Business Processes
• Business processes are now easily available through secured connections
• Looking into security issues, adequate measures have been put in place to
ensure authentication and authorization of the user accessing the services
• Some business functions can be run over secure links and sharing of
information between business partners can also take place
• Meetings, seminars and other informative services can be conducted using
video and voice conferencing
• Travel time and expenditure is also considerably reduced
3.7 Security Issues
• Mobile computing has its fair share of security concerns as any other technology
• Due to its nomadic nature, it's not easy to monitor the proper usage
• Users might have different intentions on how to utilize this privilege
• Improper and unethical practices such as hacking, industrial espionage, pirating,
online fraud and malicious destruction are some but few of the problems experienced
by mobile computing
• Another big problem plaguing mobile computing is credential verification
• As other users share username and passwords, it poses as a major threat to security
• This being a very sensitive issue, most companies are very reluctant to implement
mobile computing to the dangers of misrepresentation
• The problem of identity theft is very difficult to contain or eradicate

14
CIT421 Net-Centric Computing
• Issues with unauthorized access to data and information by hackers, is also an
enormous problem
• Outsiders gain access to steal vital data from companies, which is a major hindrance
in rolling out mobile computing services.
• No company wants to lay open their secrets to hackers and other intruders, who will
in turn sell the valuable information to their competitors
• It's also important to take the necessary precautions to minimize these threats from
taking place
• Some of those measures include:
• Hiring qualified personnel.
• Installing security hardware and software
• Educating the users on proper mobile computing ethics
• Auditing and developing sound, effective policies to govern mobile computing
• Enforcing proper access rights and permissions
• In the absence of such measures, it's possible for exploits and other unknown threats
to infiltrate and cause irrefutable harm
• These may be in terms of reputation or financial penalties
• In such cases, it's very easy to be misused in different unethical practices.
• If these factors aren’t properly worked on, it might be an avenue for constant threat
• Various threats still exist in implementing this kind of technology
3.8 Current Trends
• These are the list of the current mobile technologies starting from 5G technologies
which is the hottest mobile technology available in the market.
• 5G
• In telecommunications, 5G is the fifth generation technology
standard for broadband cellular networks, which cellular phone
companies began deploying worldwide in 2019, and is the planned successor to
the 4G networks which provide connectivity to most current cellphones. 5G
networks are predicted to have more than 1.7 billion subscribers worldwide by
2025, according to the GSM Association.[1] Like its predecessors, 5G networks
are cellular networks, in which the service area is divided into small
geographical areas called cells. All 5G wireless devices in a cell are connected
to the Internet and telephone network by radio waves through a local antenna in
the cell. The main advantage of the new networks is that they will have
greater bandwidth, giving higher download speeds, eventually up to 10 gigabits
per second (Gbit/s).[2] In addition to 5G being faster than existing networks, 5G
can connect more different devices, and even if people are in crowded areas, the
servers will be more unified, improving the quality of Internet services.[3] Due
15
CIT421 Net-Centric Computing
to the increased bandwidth, it is expected the networks will increasingly be used
as general internet service providers (ISPs) for laptops and desktop computers,
competing with existing ISPs such as cable internet, and also will make possible
new applications in internet-of-things (IoT) and machine-to-machine areas
• 4G
• 4G is the fourth generation of broadband cellular network technology,
succeeding 3G, and preceding 5G. A 4G system must provide capabilities
defined by ITU in IMT Advanced. Potential and current applications include
amended mobile web access, IP telephony, gaming services, high-
definition mobile TV, video conferencing, and 3D television.
• The first-release WIMAX standard was commercially deployed in South Korea
in 2006 and has since been deployed in most parts of the world.
• The first-release Long Term Evolution (LTE) standard was commercially
deployed in Oslo, Norway, and Stockholm, Sweden in 2009, and has since been
deployed throughout most parts of the world. It has, however, been debated
whether first-release versions should be considered 4G LTE. The 4G wireless
cellular standard was defined by the International Telecommunication Union
(ITU) and specifies the key characteristics of the standard, including
transmission technology and data speeds.

• 3G or third generation
• 3G mobile telecommunications is a generation of standards for mobile phones
and mobile telecommunication services fulfilling the International Mobile
Telecommunications-2000 (IMT-2000) specifications by the International
Telecommunication Union. Application services include wide-area wireless
voice telephone, mobile Internet access, video calls and mobile TV, all in a
mobile environment.
• Global Positioning System (GPS)
• The Global Positioning System (GPS) is a space-based satellite navigation
system that provides location and time information in all weather, anywhere
on or near the Earth, where there is an unobstructed line of sight to four or
more GPS satellites
• The GPS program provides critical capabilities to military, civil and
commercial users around the world
• In addition, GPS is the backbone for modernizing the global air traffic system,
weather, and location services.
• Long Term Evolution (LTE)
• LTE is a standard for wireless communication of high-speed data for mobile
phones and data terminals
• It is based on the GSM/EDGE and UMTS/HSPA network technologies,
increasing the capacity and speed using new modulation techniques

16
CIT421 Net-Centric Computing
• It is related with the implementation of fourth Generation (4G) technology
• WiMAX
• WiMAX (Worldwide Interoperability for Microwave Access) is a wireless
communications standard designed to provide 30 to 40 megabit-per-second
data rates, with the latest update providing up to 1 Gbit/s for fixed stations
• It is a part of a fourth generation or 4G wireless-communication technology
• WiMAX far surpasses the 30-metre wireless range of a conventional Wi-Fi
Local Area Network (LAN), offering a metropolitan area network with a
signal radius of about 50 km
• WiMAX offers data transfer rates that can be superior to conventional cable-
modem and DSL connections, however, the bandwidth must be shared among
multiple users and thus yields lower speed in practice
• Near Field Communication
• Near Field Communication (NFC) is a set of standards for smartphones and
similar devices to establish radio communication with each other by touching
them together or bringing them into close proximity, usually no more than a
few centimeters
• Present and anticipated applications include contactless transactions, data
exchange, and simplified setup of more complex communications such as Wi-
Fi. Communication is also possible between an NFC device and an unpowered
NFC chip, called a "tag"
3.9 Conclusion
• Today's computing has rapidly grown from being confined to a single location
• With mobile computing, people can work from the comfort of any location they wish
to as long as the connection and the security concerns are properly factored
• In the same light, the presence of high speed connections has also promoted the use of
mobile computing
• Being an ever growing and emerging technology, mobile computing will continue to
be a core service in computing, and Information and Communications Technology

Discussion

Why is the Mobile Software important in Mobile and Cloud Computing?

17
CIT421 Net-Centric Computing

4.0 Self-Assessment Exercise

1. Define Mobile Computing.

Answer
Mobile computing is human–computer interaction by which a computer is expected to
be transported during normal usage.

2. Explain Near Field Communication as one of the current trends in Mobile Computing

Answer
• Near Field Communication
• Near Field Communication (NFC) is a set of standards for smartphones and
similar devices to establish radio communication with each other by touching
them together or bringing them into close proximity, usually no more than a
few centimeters
• Present and anticipated applications include contactless transactions, data
exchange, and simplified setup of more complex communications such as Wi-
Fi. Communication is also possible between an NFC device and an unpowered
NFC chip, called a "tag"

5.0 Conclusion
Mobile and Wireless Computing has come to stay in every of our life endeavors ranging from
homes, commerce, education as well as finance. I doubt if we can recover from it.

6.0 Summary
Being an ever growing and emerging technology, mobile computing will continue to be a
core service in computing, and Information and Communications Technology

18
CIT421 Net-Centric Computing

7.0 References/Further Reading

file:///C:/Tech-U%20Issues/CSC%20412-%20Netcetric%20Computing/CSC%20412-
Content/MOBILE%20AND%20WIRELESS%20COMPUTING.pdf

19
CIT421 Net-Centric Computing

UNIT 3 Network Security

Contents

1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Fundamentals of Network Security
3.1 Network Security
3.2 Data as the Life-Blood of Business
3.3 Three Keys Focuses of Network Security
3.4 Benefits of Network Security
3.5 Network Security Tools and Techniques
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

1.0 Introduction

The transmission of data from one point, A on the network to the other point, B is a great
concern and therefore, there is the need to deploy measure that can secure the transmission of
data away from unauthorized individuals. Hence, the need for network security.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Explain the concept of network
 Understand the importance of network security
 Identify and explain the network security tools and techniques.

20
CIT421 Net-Centric Computing

3.0 Main Content

3.1 Network Security
Network security is a term that describes the security tools, tactics and security policies designed
to monitor, prevent and respond to unauthorized network intrusion, while also protecting digital
assets, including network traffic. Network security includes hardware and software technologies
(including resources such as savvy security analysts, hunters, and incident responders) and is
designed to respond to the full range of potential threats targeting your network.
Network security is the defense you use to protect yourself against ever-increasing cybercrime.
It is predicted that by 2021, cybercrime damages will amount to an annual total world cost of
$6 trillion, even outpacing the yearly cost of damages attributed to natural disasters. And on an
individual company level these damages can be just as catastrophic; the average cost of
a cyberattack is currently $1.67 million,2 with operational and productivity loss, along with negative
customer experience, being the primary consequences of suffering an attack.

3.2 Data as the Life-Blood of Businesses

Data is the lifeblood of any business. It supports business growth, carries vital resources and helps
the organization stay healthy. And if data is blood, then the network is the beating heart that pumps
it through the business system. But modern cyber threats are like vampires, doing everything
possible to get at the blood that keeps any business going.
In order to defend against these vampiric threats and save your business from potentially millions
of dollars in data loss, you need more than just a stake and some cloves of garlic; you need effective,
robust network security and network visibility.
3.3 The Three Key Focuses of Network Security
There are three key focuses that should serve as a foundation of any network security strategy:
protection, detection and response.
3.3.1 Protection entails any tools or policies designed to prevent network security intrusion.
3.3.2 Detection refers to the resources that allow you to analyze network traffic and quickly
identify problems before they can do harm.
3.3.3 Response is the ability to react to identified network security threats and resolve them as
quickly as possible.

3.4 Benefits of Network Security

21
CIT421 Net-Centric Computing
Network security tools and devices exist to help organizations protect, not only its sensitive
information, but also its overall performance, reputation and even its ability to stay in business.
Continued operational ability and an intact reputation are two key benefits of effective network
security.
Companies that fall prey to cyberattacks often find themselves crippled from the inside out, unable
to deliver services or effectively address customer needs. Similarly, networks play a major role in
internal company processes, and when they come under attack, those processes may grind to a halt,
further hampering an organization’s ability to conduct business or even resume standard operations.
But perhaps even more damaging is the detrimental effect that a network breach can have on your
business’s reputation.
Given the rising tide of identity theft and other dangers related to the theft of personal information,
many customers are already hesitant when it comes to sharing data with businesses. And if a
cyberattack should occur, many of these customers are likely to withdraw in favor of more secure
alternatives. The loss or corruption of valuable data, along with a significant disruption to customer
services and internal process, topped off with reputational injury that may persist long after other
damages have been repaired — it’s not hard to see what’s at stake when it comes to network security.
In fact, it’s been suggested that 66 percent of SMBs would have to shut down (either temporarily or
permanently) after experiencing a data breach. And even larger, more established businesses may
be unable to reclaim their former standing.
On the other hand, reliable tools in network security software and hardware, coupled with the right
policies and strategies, can help ensure that when cyberattacks occur, their impact will be minimal.

3.5 Network Security Tools and Techniques

Enterprises’ network face threats of all shapes and sizes, and thus should be prepared to defend,
identify and respond to a full range of attacks. But the reality is that the biggest danger to most
companies are not fly-by-night threat actors, but rather attackers that are well-funded and are
targeting specific organizations for specific reasons. For that reason, your network security strategy
needs to be able to address the various methods these actors might employ.
Here are 14 different network security tools and techniques designed to help you do just that:
1. Access control
If threat actors cannot access your network, the amount of damage they will be able to do
will be extremely limited. But in addition to preventing unauthorized access, be aware that
even authorized users can also be potential threats. Access control allows you to increase

22
CIT421 Net-Centric Computing
your network security by limiting user access and resources to only the parts of the
network that directly apply to individual users’ responsibilities.
2. Anti-malware software
Malware, in the form of viruses, trojans, worms, keyloggers, spyware, etc. are designed to
spread through computer systems and infect networks. Anti-malware tools are a kind of
network security software designed to identify dangerous programs and prevent them from
spreading. Anti-malware and antivirus software may also be able to help resolve malware
infections, minimizing the damage to the network.
3. Anomaly detection
It can be difficult to identify anomalies in your network without a baseline understanding
of how that network should be operating. Network anomaly detection engines (ADE)
allow you to analyze your network, so that when breaches occur, you’ll be alerted to them
quickly enough to be able to respond.
4. Application security
For many attackers, applications are a defensive vulnerability that can be exploited.
Application security helps establish security parameters for any applications that may be
relevant to your network security.
5. Data loss prevention (DLP)
Often, the weakest link in network security is the human element. DLP technologies and
policies help protect staff and other users from misusing and possibly compromising
sensitive data or allowing said data out of the network.
6. Email security
As with DLP, email security is focused on shoring up human-related security weaknesses.
Via phishing strategies (which are often very complex and convincing), attackers persuade
email recipients to share sensitive information via desktop or mobile device, or
inadvertently download malware into the targeted network. Email security helps identify
dangerous emails and can also be used to block attacks and prevent the sharing of vital
data.
7. Endpoint security
The business world is becoming increasingly bring your own device (BYOD), to the point
where the distinction between personal and business computer devices is almost non-
existent. Unfortunately, sometimes the personal devices become targets when users rely on
them to access business networks. Endpoint security adds a layer of defense between
remote devices and business networks.
23
CIT421 Net-Centric Computing
8. Firewalls
Firewalls function much like gates that can be used to secure the borders between your
network and the internet. Firewalls are used to manage network traffic, allowing authorized
traffic through while blocking access to non-authorized traffic.
9. Intrusion prevention systems
Intrusion prevention systems (also called intrusion detection) constantly scan and analyze
network traffic/packets, so that different types of attacks can be identified and responded to
quickly. These systems often keep a database of known attack methods, so as to be able to
recognize threats immediately.
10. Network segmentation
There are many kinds of network traffic, each associated with different security risks.
Network segmentation allows you to grant the right access to the right traffic, while
restricting traffic from suspicious sources.
11. Security information and event management (SIEM)
Sometimes simply pulling together the right information from so many different tools and
resources can be prohibitively difficult — particularly when time is an issue. SIEM tools
and software give responders the data they need to act quickly.
12. Virtual private network (VPN)
VPN tools are used to authenticate communication between secure networks and an
endpoint device. Remote-access VPNs generally use IPsec or Secure Sockets Layer (SSL)
for authentication, creating an encrypted line to block other parties from eavesdropping.
13. Web security
Including tools, hardware, policies and more, web security is a blanket term to describe the
network security measures businesses take to ensure safe web use when connected to an
internal network. This helps prevent web-based threats from using browsers as access
points to get into the network.
14. Wireless security
Generally speaking, wireless networks are less secure than traditional networks. Thus,
strict wireless security measures are necessary to ensure that threat actors aren’t gaining
access.

24
CIT421 Net-Centric Computing

Discussion
What tools can be used to secure the network? Discuss

4.0 Self-Assessment/Exercise
Identify and explain the benefits of network security?

5.0 Conclusion
Network security tools and devices exist to help your organization protect not only its
sensitive information, but also its overall performance, reputation and even its ability to
stay in business.

6.0 Summary
Protection entails any tools or policies designed to prevent network security intrusion.
Detection refers to the resources that allow you to analyze network traffic and quickly identify
problems before they can do harm.
Response is the ability to react to identified network security threats and resolve them as quickly as
possible.

25
CIT421 Net-Centric Computing

7.0 References/Further Reading

Application Intelligence |Application Visibility | Gigamon

26
CIT421 Net-Centric Computing

UNIT 4 Client-Server Computing

Contents

1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Fundamentals of Client Server Computing
3.1 Client Server Computing
3.2 Characteristics of Client Server Computing
3.3 Difference Between Client Server and Peer-to-Peer Computing
3.4 Advantages of Client Server Computing
3.5 Disadvantages of Client Server Computing
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

1.0 Introduction

There are two configurations of networks: Client-Server and Peer-to-Peer networks. In client
server, the client requests resources while the server serves same. In Peer-to-peer configuration,
each node is free to communicate with others or not. The nodes under this configuration are
not over-seen by any node or the other, they relate in a workgroup

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Explain the concept of Client Server category of networks.
 Describe a client

27
CIT421 Net-Centric Computing

 Identify the differences between the Client-Server and the Peer-to-peer configuration
of networks

3.0 Main Content

3.1 Client Server Computing

In client-server computing, the clients requests a resource and the server provides that resource.
A server may serve multiple clients at the same time while a client is in contact with only one
server. Both the client and server usually communicate via a computer network but sometimes
they may reside in the same system.

Figure 8: Client-Server Computing

3.2 Characteristics of Client Server Computing

The salient points for client server computing are as follows:
 The client server computing works with a system of request and response. The client
sends a request to the server and the server responds with the desired information.
 The client and server should follow a common communication protocol so they can
easily interact with each other. All the communication protocols are available at the
application layer.
 A server can only accommodate a limited number of client requests at a time. So it uses
a system based to priority to respond to the requests.
 Denial of Service (DoS) attacks hindera servers’ ability to respond to authentic client
requests by inundating it with false requests.

28
CIT421 Net-Centric Computing
 An example of a client server computing system is a web server. It returns the web
pages to the clients that requested them.

3.3 Difference between Client Server and Peer to Peer Computing

The major differences between client server computing and peer to peer computing are as
follows:

 In client server computing, a server is a central node that services many client nodes.
On the other hand, in a peer to peer system, the nodes collectively use their resources
and communicate with each other.
 In client server computing the server is the one that communicates with the other nodes.
In peer to peer to computing, all the nodes are equal and share data with each other
directly.
 Client Server computing is believed to be a subcategory of the peer to peer computing.

3.4 Advantages of Client Server Computing

The different advantages of client server computing are −
 All the required data is concentrated in a single place i.e. the server. So it is easy to
protect the data and provide authorisation and authentication.
 The server need not be located physically close to the clients. Yet the data can be
accessed efficiently.
 It is easy to replace, upgrade or relocate the nodes in the client server model because
all the nodes are independent and request data only from the server.
 All the nodes i.e clients and server may not be build on similar platforms yet they can
easily facilitate the transfer of data.
3.5 Disadvantages of Client Server Computing
The different disadvantages of client server computing are −
 If all the clients simultaneously request data from the server, it may get overloaded.
This may lead to congestion in the network.
 If the server fails for any reason, then none of the requests of the clients can be fulfilled.
This leads of failure of the client server network.
 The cost of setting and maintaining a client server model are quite high.

Discussion
What makes the Client Server configuration peculiar from the Peer-to-peer ? Discuss
29
CIT421 Net-Centric Computing

4.0 Self-Assessment/Exercise
1. Discuss the advantages of client Server computing
2. Identify the characteristics of client server computing?

5.0 Conclusion
Client server and peer-to-peer computing are unique one from the other and so, have their
advantages and disadvantages. The choice of either is dependent on the intention of creating
your network.

6.0 Summary
 In client server computing the server is the one that communicates with the other nodes.
In peer to peer to computing, all the nodes are equal and share data with each other
directly. A server can only accommodate a limited number of client requests at a time.
So it uses a system based to priority to respond to the requests.

7.0 References/Further Reading

Andrew S., T., & David J., W. (2011). COMPUTER NETWORKS (M. Horton, H. Michael, D.
Tracy, & H. Melinda (eds.); fifth). Pearson Education.

Pande, J. (2017). Introduction to Cyber Security ( FCS ). http://uou.ac.in

Stewart, J. M., Tittel, E., & Chapple, M. (2011). CISSP: Certified Information Systems Security
Professional Study Guide. Wiley.

30
CIT421 Net-Centric Computing

UNIT 5 Building Web Applications

Contents

1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Fundamentals Building a Web Applications
3.1 Building a Web Application
3.1.1 A Web app
3.2 Prerequisites for Building a Web Application
3.3 Steps to Building a Web Application
3.3.1 Source an Idea
3.3.2. Do Market Research
3.3.3 Define your Web App Functionality
3.3.4 Sketch Your Web Application
3.3.5 Plan Your Web App Workflow
3.3.6 Wire-framing/ Prototyping Your Web Application
3.3.7 Seek Early Validation
3.3.8 Before Starting the Development Stage
3.3.9 Architect and Build Your Database
3.3.9.1 A Database
3.3.9.2 Database Types
3.3.10 Build the Front End
3.3.10.1 A Front End
3.3.11 Build Your Back-End
3.3.12 Host Your Web Application
3.3.13 Deploy Your Web Application
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

31
CIT421 Net-Centric Computing

1.0 Introduction

A Web app
An interactive computer program, built with web technologies (HTML, CSS, JS), which stores
(Database, Files) and manipulates data (CRUD), and is used by a team or single user to perform
tasks over the internet. The HTML and the CSS serves as the front-end to receive data from
the user while the database, programming like Javascript and PHP serves as the back-end.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Explain the concept of an App
 Enumerate the prerequisite for building a web application
 Describe the steps for building a web application

3.0 Main Content

3.1 Building a Web Application (app)
3.1.1 A Web app
An interactive computer program, built with web technologies (HTML, CSS, JS), which stores
(Database, Files) and manipulates data (CRUD), and is used by a team or single user to perform
tasks over the internet.
3.2 Prerequisites for Building a Web Application
To make a data-centric web app from the bottom-up, it is advantageous to understand:
1. Backend language (e.g. Python, Ruby) - control how your web app works
2. Web front end (HTML, CSS, Javascript) - for the look and feel of your web app
3. DevOps (Github, Jenkins) - Deploying / hosting your web app
If you do not have any experience with the points above, you need not worry. You have two
options:
1. Learn the points above - there are lots of resources online to help you. I’d
recommend Codecademy .

32
CIT421 Net-Centric Computing
2. Use a web app builder like Budibase - As a builder, Budibase will remove the need to
learn a backend language. On top of that, Budibase will also take care of a lot of your
DevOps tasks such as hosting.

3.3 Building a Web Application

3.3.1 Step 1 – Source an idea
Before making a web app, you must first understand what you intend on building, and more
importantly, the reason for it.
Your idea should stem from solving someone’s problem. Ideally, your own problem.
It is important that developer choose an idea which interests him /her. Ask yourself:
 How much time do I have to build this app?
 What am I interested in?
 What apps do I enjoy using?
 What do I like about these apps?
 How much time/money will this app save or generate for me (as a user)?
 How much will it improve my life

3.3.2 Step 2 – Market Research

Once you have chosen your idea(s), it is important to research the market to see:
1. If a similar product exists
2. If a market exists
The number 1 reason start-ups fail, is the failure to achieve product-market fit.
“Product/market fit means being in a good market with a product that can satisfy that market.”
To quickly find out if a similar web app exists, use the following tools to search for your idea:
1. Google
2. Patent and trademark search
3. Betalist
4. Product hunt
If a similar product exists, do not worry. This can be a sign a market for your new idea exists.
Your future competitors have laid the groundwork, educated the market. It’s time for you to
swoop in and steal the thunder.
If a similar product does not exist, it is a possibility you have struck lucky. On the other hand,
it is a possibility someone before has ventured down this path and hit a dead-end.

33
CIT421 Net-Centric Computing
Nobody wants to experience that, so it is important to dive deep into the market and source the
wisdom of:
1. Your Web App’s target market - Share your web app idea on forums related to your
target market. If you know anyone who works within your target market, explain your
idea to them. The more you talk and receive validation from your target market, the
better.
2. Google Trends - A quick search of your web app idea will reveal relating trends.
3. SEO tool – I had recommend MOZ/Ahrefs. Google’s keyword planner will suffice.
Write a list of keywords relating to your web app. If it’s an ‘OKR tool’, use the tools to
search ‘OKR tool’, ‘OKR app’, and ‘objectives and key results software’. If the SEO
tool indicates there are lots of people searching for your keyword terms, this is a small
indicator you have a target market.
4. Social Media - Jump over to Twitter/Facebook groups and present your idea to your
target market.
5. Events - If there is a local event in your area attracting people from your target market,
go to it. Share your idea and record the feedback.
After completing the above steps, you should have enough information to understand if there’s
a market for your product. If there is a market for your product, and there’s also established
competition, it’s important to research them.

3.3.3 Step 3 - Define your web apps functionality

You have got your idea, you have validated the market, it is now time to list everything you
want your app to do.
A common mistake here is to get carried away. The more functionality you add, the longer it
will take to build your web app. Quite often, the longer a web app takes to build, the more
frustration you will experience.
Only define functionality which solves your target markets problems. Remember, your web
app is a work in progress and the first goal is version 1. It will still have cool features and
delight your users, but you must keep things simple.
For direction, I have included a list of basic functions required for a simple CRM app.
 Users can create an account
 Users can retrieve lost passwords
 Users can change their passwords
 Users can create new contacts
34
CIT421 Net-Centric Computing
 Users can upload new contacts
 Users can assign a value to contacts
 Users can write notes under contacts
 Users can label a contact as a lead, customer, or associate
 Users can filter contacts by lead, customer, or associate
 Users can view the total value of leads, customers and associates
The above list will help you define your features. Once you’re done, roll up your sleeves.
It’s time to get creative! Moving from the Ideation stage, to design stage.

3.3.4 Step 4 - Sketch your web app

There are multiple stages of designing a web app.
The first stage is sketching using a notebook (with no lines) and pen/pencil
After step 1, 2 and 3, you should have an idea of what your web app is, who your users are,
and the features it will have. Sketch out the wireframe of your web apps UI (User Interface) -
it does not have to be exact - this is just a sketch. When sketching, consider the following:
 Navigation
 Branding
 Forms
 Buttons
 Any other interactive elements
Sketch different versions of your web app. Consider how your web app’s functionality will
affect the overall design. Annotate your sketch and outline how your app should work. Taking
notes will help you clarify and understand why you have designed certain elements at a later
stage. Overcomplicating the design at this stage will only lead to frustration.

3.3.5 Step 5 – Plan your web apps workflow

It is time to put yourself in the shoes of your user. Here, we are going to plan your web apps
workflow.
Now is the time to go back to step 2 and look at your market research. Take your list of
competitors and sign up to their free trials. Have a quick play around with their product.
Write notes on what you thought was good and what you thought was bad. Pay particular
attention to the workflow.
After you have finished analysing your competitor’s web apps, it is time to write down different
workflows for your app. Consider the following points:
35
CIT421 Net-Centric Computing
 How does a user signup
 Do they receive a verification email
 How does a user login
 How does a user change their password
 How does a user navigate through the app
 How does a user change their user settings
 How does a user pay for the app
 How does a user cancel their subscription
All of a sudden our one-page web app turns into a 10-page web app. Write a list of all the
different pages your web application will have. Consider the different states of pages. For
example, the homepage will have two states; logged in and logged out. Logged in users will
see a different page than logged out users.

3.3.6 Step 6 – Wireframing / Prototyping Your Web Application

Ok, it’s time to turn those sketches and that new-found understanding of your web application
into a wireframe/prototype.
What is wireframing / prototyping
Wireframing is the process of designing a blueprint of your web application. Prototyping is
taking wireframing a step further, adding an interactive display.
The decision is to wireframe or prototype is up to you. If you have the time, I would have
recommended prototyping as it will make it easier to communicate your web app when seeking
validation.
You can prototype/wireframe using the following tools:
 Sketch (macOS)
 InVision Studio (macOs)
 Adobe XD (macOS, Windows)
 Figma (Web, macOS, Windows, Linux)
 Balsamiq (macOS, Windows, Web)
I recommend you create a design system / style guide first. You can find inspiration at UXPin.
Design systems improve design consistency. But it’s not required.

3.3.7 Step 7 – Seek early validation

You have now got a beautiful wireframe/prototype which visually describes your web app.

36
CIT421 Net-Centric Computing
It is time to show your beautiful wireframe to the world. At this stage we want constructive
feedback.
Simply asking your friends would they use your new web app is not enough. You should start
with a small number of representative users. Go to your target market’s forums, watering holes,
their places of work and verify the problem with them, and present your solution. Try to build
a rapport with these representatives as they could become your customers.
I like to use this stage to test my sales pitch - the ultimate tokens of validation are pre-launch
sales. Takes notes and document all feedback. The learning from these meetings will help direct
the development of your MEP (Minimal Excellent Product).
Ok, now you have got great feedback and product validation. It is time to start building your
web app.
3.3.8 Before Starting the development stage.
Before we make our web app, I would like to share the following tips:
1. Attempt to get a small section of your app fully working. What we would call a
“Complete Vertical”.
o Building the smallest possible section will allow you to piece all the bits
together, and iron out those creases early.
o You will get great satisfaction early by having something working - great
motivation.
o Create things that you know you will throw away later - if it gets you something
working now.
2. At the start - expect things to change a lot as you learn and discover what you have not
thought about.
o Have faith that your app will stabilise.
o Do not be afraid to make big changes.
3. Spend time learning your tools.
o You may feel like you are wasting your time, reading, or experimenting with
“hello world”. Learning the correct way to do things will have a huge positive,
cumulative effect on your productivity over time.
o Where possible, “Go with the grain” of your tools. Realise that as soon as you
step out of the normal flow / usage of your toolset, you are on your own and
could be in a deep time sink. There are always exceptions to this of course!
4. Do not avoid issues that need to be fixed.
o Face your issues head on - they will never go away and will only grow in stature.
37
CIT421 Net-Centric Computing
o However, If things are still likely to change - its best to spend as little time as
possible on things… It’s a tricky balance!

3.3.10 Step 8 – Architect and build your database

So, we know roughly our web application’s functionality, what it looks like, and the pages
required. Now it is time to determine what information we will store in our database.

3.3.10.1 A Database
A database is simply a collection of data! Data can be stored to disk, or in memory on a server,
or both. You could create a folder on your hard drive, store a few documents, and call it a
database.
A Database Management System (DBMS) is a system that provides you with consistent APIs
to (most commonly):
 Create databases, update and delete databases
 Read and write data to databases
 Secure access to a database by providing levelled access to different areas and functions
What data you need to store and what your users need to do, will determine the type of database
required to run your web app.
3.3.10.2 Database types
There are many types of database for many different purposes. A web app will most commonly
use one of the following:
a. SQL
You should use a SQL database if your data is very relational. Your data is relational if you
have multiple, well defined record types that have relationships between them. For example, a
“Customer” may have many “Invoices” stored against their record. Typically, you would create
a Customer table and an Invoice table - which could be linked together by “Foreign Key”
columns. E.g. Customer.Id = Invoice.CustomerId.
SQL databases have an extremely powerful query language that allows you to present your
data in all sorts of useful ways.
They have been around for decades, are very well understood, and usually a safe choice.
MySQL, Postgresql, Microsoft SQLServer are some of the most common - along with many
more modern offerings.
The downside of SQL databases is that you must declare all your tables and columns up front.
There can be a lot of overhead to manage. If you have never used one before – you are in for a
38
CIT421 Net-Centric Computing
pretty steep learning curve. However, there are plenty of learning resources available, and it is
always a great skill to have.
b. Document Database
You should use a document database if your data is not very relational. Document databases
store “documents”. Each record in your database is simply a big blob of structured data - often
in JSON format.
If you need to store relationships between your records, you will have to write code to manage
this yourself. However, many other aspects of using document databases are much simpler.
Your database can be “schemaless” - meaning that you do not have to declare your records’
definitions up front.
Generally speaking, the bar to entry to a document database is much lower. They also tend to
be much more scalable than SQL databases. They usually offer some querying capabilities,
although sometimes not as powerful as SQL. Examples of document databases are: MongoDb,
CouchDb, Firebase (serverless), Dynamo Db (AWS). Decide how to segregate your data
Each of your clients has their own, private dataset. One of the worst things that can happen to
your app is for one client’s data to be seen by another client.
Even if there is only a small amount of non-sensitive leaked data, and no damage is done, an
event like this will massively erode trust in the security of your app.
You must architect a solid strategy for segregating your clients’ data to make sure that this
never happens.
Broadly speaking, you have two options - Physical Separation and Logical Separation.
Physical separation
Every one of your clients has a separate database (although could share a database server with
others). This makes it much more difficult to make a mistake that leads to data leakage.
Pros:
 Most secure
 More scalable
Cons:
 Managing, maintaining and upgrading is more complex
 Query all your clients’ data together is more difficult
For example, listing all Invoices in a database will only return Invoices for one of your clients.
In order to get another Client’s invoices, you need to connect to another database.

39
CIT421 Net-Centric Computing
Since each of your client’s data is in its own database, you can easily spread them all across
many database servers, without the need for “sharding”. Your app will be much easier to scale
this way.
The code you will need to write:
 When creating a new client, you need to create a new database and populate with any
seed data.
 You need to keep a record somewhere of all your clients, and how to connect to each
client’s database.
 If you need to upgrade your database (e.g. add a new table), you need to code to upgrade
each separately.
 If you need to query all your client’s data into one, you need to pull the data out of each
and aggregate it.
Logical separation
All of your clients are stored in one giant database.
Every time you need to get data for a single client, you must remember to include a filter for
the client. E.g. ‘select’ from customers where customerClientId = 1234”
Pros:
 Easier to get started
 Easier to maintain and upgrade
 Can easily query all your clients’ data with one query
Cons:
 Easy to make a mistake that will result in a data breach
 More difficult to scale
You now only have one database to manage. Setting this up and connecting to your database
is easy. Your speed to market increases.
When you need to upgrade your database, you can do so with a few clicks, or by typing a few
commands. It’s very easy to add new features.
As you gain more users, your database will grow to millions of rows. Put some effort into how
your database handles this extra volume and load. You will have to start tuning your queries.
When you’re under pressure, it is so easy to forget to include that “where clientId = 1234”
filter.
Doing so could result in a business ending data breach.

40
CIT421 Net-Centric Computing
Ensure your database is secured. You should look into best practices for securing your
particular database. Some databases come with a default administrator login, which people
often forget to change. This could leave your data open to the world.
From the start, you should create a login with “Just Enough” access. If your app only reads and
writes data, then it should authenticate to your database using a login with only data reading
and writing access.

3.3.11 Step 9 - Build the frontend

Note: In reality, you will build your backend and frontend at the same time. But for this post,
we’ll keep it simple.
3.3.11.1 A frontend
The Frontend is the visual element of your web application. It defines what you see and interact
with. The frontend is developed with HTML, CSS, and JavaScript.
If using server pages, getting started is super easy. Your backend framework is all set up and
ready to start building. This is where the huge benefit lies with server pages.
With SPA, it’s a little trickier.
First, you need to set up your development environment. The components of this will be:
1. A code editor, such as VS Code, Sublime Text
2. A compilation, and packaging framework:
1. Webpack
2. Gulp
3. Grunt
This is also used for serving and “Hot Loading” your application at development
time, on a nodejs web server, running on localhost.
3. A frontend framework (strictly not necessary, but highly advised unless you are an
experienced frontend developer):
1. React
2. Ember
3. Vue
4. Svelte
The list is endless!
4. Configuring your packaging tool to talk to your backend - which is most likely running
on a different port on localhost. Usually, this is done using Node’s HTTP proxy. Most
packaging solutions have this option built-in, or available as plugins. This point
41
CIT421 Net-Centric Computing
commonly gets people stuck, and may need a diagram. Remember - if you write your
backend API in C Sharp (for example) then at dev time, you will be running it on a
local web server, through your code editor. i.e. your frontend and backend are running
on 2 different web servers, in dev. However, in production, your frontend should
(probably) be running on the SAME web server as your backend - mainly because you
want them to run under the same domain.
This means a few things
1. At dev time, your frontend should make API requests to its own (Nodejs server
- e.g. Webpack dev server). This Nodejs server should then proxy all “/api”
request to your backend server.
2. When building for production, you need to get your compiled frontend files into
your backend server - so they can be served as static files. You can copy and
paste the files in when you deploy, but you will want to set up some sort of
script to do this.
There is always a significant time required to set up your dev environment for a SPA. There
are plenty of boilerplate templates out there for your frameworks of choice. However, I have
never written an app that has not eventually needed some custom code on top of the boilerplate.
Still, I always choose a SPA.
 The end product for a web app is a much more usable application.
 When you are up and running with your dev environment, I find SPAs much more
productive to work with - which is more likely to do with the capabilities of modern
javascript frameworks than anything else.
 Writing a SPA is really the only way to make a Progressive Web Application.
You should now have a better idea of how to setup your frontend and define the look and feel
of your web app. In most cases I build the fontend and backend together.

3.3.12 Step 10 - Build your backend

What do we mean by the backend?
The backend is typically what manages your data. This refers to databases, servers, and
everything the user can’t see within a web application.
Building your backend is one of the toughest parts of web app development. If you feel
overwhelmed, a tool like Budibase can take away many of the complexities - including the
follow tasks.
If you feel confident, continue on.
42
CIT421 Net-Centric Computing
When building your web app, you need to choose between:
1. Server Pages (Multiple Page Application)
2. Single Page Application
“But isn’t this the frontend?” - I hear you say. Yes! But your choice will affect how you develop
your backend.
The primary jobs of the backend will be to:
 Provide HTTP endpoints for your frontend, which allow it to operate on your data. E.g.
Create, Read, Update and Delete (“CRUD”) records.
 Authenticate users (verify they are who they say they are: aka log them in).
 Authorization. When a logged in user makes a request, the backend will determine
whether they are allowed (authorized) to perform the requested action.
 Serve the frontend
If you have chosen Server Pages, your backend will also be generating your frontend and
serving it to your user.
With a single page app, the backend will simply serve your static frontend files (i.e. your
“Single Page” and it’s related assets).
When choosing your backend:
 Go with what’s familiar.
 Try Budibase
 Server Pages / SPA should inform your decision of framework choices within your
chosen language. For example, a SPA will only require an API only framework. Server
pages need their own framework.
o Django
o Express
o Flask
Login/User & Session Management
 How will users authenticate?
o Username and password?
o Open ID (i.e. sign in as Google, FB, etc)
 Be sure to read up on security best practices. I highly recommend: OWASP
 What user levels will you create in the system?
Environments. You will usually need to create multiple environments. For example:
 Testing - for all the latest development features.
 Beta - to give early releases to clients.
43
CIT421 Net-Centric Computing
 Production - Your live system.

3.3.13 Step 11 - Host your web application

What is hosting
Hosting involves running your web app on a particular server.
When using Budibase, this step can be automated with Budibase hosting . With Budibase, you
are still required to buy a domain.
If you are not using Budibase to host your web application, follow these quick steps: \
1. Buy a domain - Namecheap
2. Buy/Setup an SSL certificate - Let’s Encrypt
3. Choose a cloud provider:
1. Amazon
2. MS Azure
3. Google Cloud Platform
4. Lower cost: Digital Ocean / Linode - if you are happy managing your own VMs
5. Zeit Now, Heroku, Firebase are interesting alternatives that aim to be faster and
easier to get things done - you should read about what they offer.
Choosing one of these hosting options will almost certainly provide you with everything you
need. They have ample documentation and community support, and are generally reliable
options.

3.3.14 Step 12 - Deploy your web app

You have sourced your idea, validated it, designed and developed your web app, and chosen
your hosting provider.
You’re now at the last step. Well done!
The deployment step includes is how your web application gets from your source control on
your computer to your cloud hosting from step 11.
How does your application get from Source Control / Your computer to your cloud hosting
provider?
The following development tools provide continuous integration and will help you with
deploying your web app to your cloud hosting:
1. GitLab
2. Bitbucket
3. Jenkins
44
CIT421 Net-Centric Computing
There are many of course.
To start with, you can just deploy directly from your machine of course.
And that’s it. You have made a web application. Well done. You should take some time to
celebrate this achievement. You’re the proud owner of a new web app.

Discussion
How can cybercrime be mitigated? Discuss

4.0 Self-Assessment/Exercise
1. Mention and explain the Database types.

2. What do we mean by the backend? Explain.

5.0 Conclusion
You should look into best practices for securing your particular database. Some databases come
with a default administrator login, which people often forget to change. This could leave your
data open to the world.
From the start, you should create a login with “Just Enough” access. If your app only reads and
writes data, then it should authenticate to your database using a login with only data reading
and writing access.

6.0 Summary
The backend is typically what manages your data. This refers to databases, servers, and
everything the user can’t see within a web application.

45
CIT421 Net-Centric Computing
Building your backend is one of the toughest parts of web app development. If you feel
overwhelmed, a tool like Budibase can take away many of the complexities - including the
follow tasks.

7.0 References/Further Reading

The web framework for perfectionists with deadlines | Django (djangoproject.com)
Studio | InVision (invisionapp.com)

46
CIT421 Net-Centric Computing

Module 2: Parallel Systems

Introduction of Module
In network security, threat prevention refers to policies and tools that protect your corporate
network.
In the past, threat prevention primarily focused on the perimeter. With an increasing array of
threats such as malware and ransomware arriving via email spam and phishing attacks,
advanced threat prevention requires an integrated, multilayered approach to security. This may
include tools for intrusion threat detection and prevention, advanced malware protection, and
additional endpoint security threat prevention.
This module will consist of four units are follows
Unit 1: Firewalls
Unit 2: Virtual Private Networks (VPN)
Unit 3: Security Control Management
Unit 4: Hardware and Software Prevention

47
CIT421 Net-Centric Computing

UNIT 1 – Introduction to Parallel Systems

Contents

1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 What is firewall?
3.1.1 Characteristics of Firewall
3.1.2 Needs for Firewall
3.1.3 Limitation of Firewalls
3.2 Type of Firewalls
3.3 How firewall work
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

48
CIT421 Net-Centric Computing

1.0 Introduction
A firewall forms a barrier through which the traffic going in each direction must pass. A
firewall security policy dictates which traffic is authorized to pass in each direction. Firewall
may be designed to operate as a filter at the level of IP packets, or may operate at a higher
protocol layer.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Demonstrate the concept of firewall
 Explore the importance of firewalls

3.0 Main Content

Discussion
What is the difference of firewalls at Application security and internet security?

4.0 Self-Assessment/Exercises
1. What is Personal Firewall
Answer
A personal firewall controls the traffic between a personal computer or workstation on one side
and the Internet or enterprise network on the other side. Personal firewall functionality can be
used in the home environment and on corporate intranets. Typically, the personal firewall is a
49
CIT421 Net-Centric Computing
software module on the personal computer. In a home environment with multiple computers
connected to the Internet, firewall functionality can also be housed in a router that connects all
of the home computers to a DSL, cable modem, or other Internet interface.

1. What are the benefits of host-based firewall?

Answer

A host-based firewall is a software module used to secure an individual host. Such modules are
available in many operating systems or can be provided as an add-on package. Like
conventional stand-alone firewalls, host-resident firewalls filter and restrict the flow of packets.
A common location for such firewalls is a server.
There are several benefits to the use of a server-based or workstationbased firewall:
• Filtering rules can be tailored to the host environment. Specific corporate security
policies for servers can be implemented, with different filters for servers used for
different application.
• Protection is provided independent of topology. Thus both internal and external
attacks must pass through the firewall.
• Used in conjunction with stand-alone firewalls, the host-based firewall provides an
additional layer of protection.
A new type of server can be added to the network, with its own firewall, without the necessity
of altering the network firewall configuration.

5.0 Conclusion

Internet connectivity is no longer optional for organizations. The information and services
available are essential to the organization. Moreover, individual users within the organization
want and need Internet access, and if this is not provided via their LAN, they will use dial-up
capability from their PC to an Internet service provider (ISP). However, while Internet access
provides benefits to the organization, it enables the outside world to reach and interact with
local network assets. This creates a threat to the organization.

50
CIT421 Net-Centric Computing

6.0 Summary

Firewalls can be an effective means of protecting a local system or network of systems from
network-based security threats while at the same time affording access to the outside world via
wide area networks and the Internet.

51
CIT421 Net-Centric Computing

7.0 References/Further Reading

Andrew S., T., & David J., W. (2011). COMPUTER NETWORKS (M. Horton, H. Michael, D.
Tracy, & H. Melinda (eds.); fifth). Pearson Education.

Pande, J. (2017). Introduction to Cyber Security ( FCS ). http://uou.ac.in

Stewart, J. M., Tittel, E., & Chapple, M. (2011). CISSP: Certified Information Systems Security
Professional Study Guide. Wiley.

52
CIT421 Net-Centric Computing

UNIT 2 Parallel Programming Models

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Parallel Programming Models
3.2 MPI
3.3 OpenMP
3.4 MapReduce
3.5 OpenCL
3.6 CUDA
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

53
CIT421 Net-Centric Computing

1.0 Introduction

A parallel programming model is a set of program abstractions for fitting parallel activities
from the application to the underlying parallel hardware. It spans over different layers:
applications, programming languages, compilers, libraries, network communication, and I/O
systems.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to

 Explain the Parallel programming
 Enumerate and explain 4 of the parallel programming models

3.0 Main Content

3.1 Parallel Programming Models
A parallel programming model is a set of program abstractions for fitting parallel activities
from the application to the underlying parallel hardware. It spans over different layers:
applications, programming languages, compilers, libraries, network communication, and I/O
systems. Two widely known parallel programming models are:
a. shared memory and
b. message passing
but there are also different combinations of both.

Data-parallel programming model is also among the most important ones as it was revived
again with increasing popularity of MapReduce and GPGPU (General-Purpose computing on
Graphics Processing Units).

a. In the shared-memory programming model, tasks share a common address space, which
they read and write in an asynchronous manner. The communication between tasks is
implicit. If more than one task accesses the same variable, the semaphores or locks can

54
CIT421 Net-Centric Computing
be used for synchronization. By keeping data local to the processor and making private
copies, expensive memory accesses are avoided, but some mechanism of coherence
maintenance is needed when multiple processors share the same data with the
possibility of writing.
b. In the message-passing programming model, tasks have private memories, and they
communicate explicitly via message exchange. To exchange a message, each sends
operation needs to have a corresponding receive operation. Tasks are not constrained
to exist on the same physical machine.
A suitable combination of two previous models is sometimes appropriate. Processors can
directly access memory on another processor. This is achieved via message passing, but what
the programmer actually sees is shared-memory model.
Mainstream parallel programming environments are based on augmenting traditional
sequential programming languages with low-level parallel constructs (library function calls
and/or compiler directives).
3.2 MPI
The MPI is a library of routines with the bindings in Fortran, C, and C++ and it is an example
of an explicitly parallel API that implements the message-passing model via library function
calls. The set of processes with separate address spaces coordinate the computation by
explicitly sending and receiving messages. Each process has a separate address space, its own
program counter, and its own call stack.
However, high-level constructs such as synchronization, communication, and mapping data to
processes are left to a programmer to implement. MPI supports point-to-point communication
between any two processes. It also enables the collective communication operations where a
group of processes perform global/collective operations, such as gather, scatter, reduce, and
scan.

In a heterogeneous environment, in order to optimize the performance, an MPI implementation

may map processes to processors in a particular way. Similarly, an MPI implementation may
optimize the way processes communicate during a global operation. For example, in case
of MPI_Reduce, the communicating nodes do not have to form a tree structure, if an alternative
structure brings better performance for the underlying parallel machine.

3.3 OpenMP

55
CIT421 Net-Centric Computing
On the other side, OpenMP is an example of mainly implicit parallel API intended for shared-
memory multiprocessors. It exploits parallelism through compiler directives and the library
function calls. Unlike MPI, where all threads are spawned at the beginning of the execution
and are active until the program terminates, in OpenMP, a single master thread starts execution,
and additional threads are active only during the execution of a parallel region. To reduce the
overheads, these threads are spawned when the program enters a parallel region for the first
time, and they are blocked while the program is executing a nonparallel region.

Sections work-sharing construct breaks work into multiple distinct sections, such that each
section is entirely executed by a single thread. It is an example of task parallelism paradigm.
Its general form is presented in Table 5.4.

The Sections Construct

#pragma omp parallel{

#pragma omp sections{
#pragma omp section
block1
#pragma omp section
block2
}
}

For work-sharing construct splits iterations of a loop among different threads, such that each
iteration is entirely executed by a single thread. It is an example of data-parallelism paradigm.
Its general form is shown in Table 5.5.

The For Construct

#pragma omp parallel for

for(i=0; i<n; i++)
a[i] = b[i] + c[i];

Cilk is a language extension for C programming language with parallel constructs, resembling
to OpenMP. Both OpenMP and Cilk can automatically choose parallelism to achieve good
performance. Cilk++ brings the same for C++ language.

56
CIT421 Net-Centric Computing

Nesting OpenMP is unfortunately not fully composable, which can be a serious limitation when
compared with the other abstract parallel programming models. Nesting of OpenMP can create
explosive numbers of threads in recursive situations, which rapidly exhaust system resources,
especially stack space, and require that the program be shut down. To prevent this, the
maximum number of levels of parallel nesting that will activated when using OpenMP is set to
one by default. While this is somewhat limiting (nested parallelism as supported by TBB and
Cilk Plus is incredibly useful), it avoids a generally intolerable condition. With the continued
popularity of OpenMP being so strong, we can expect additional proposals to refine OpenMP
into a better ability to exploit nested parallelism opportunities when they exist. Without such
solutions, programs are best to avoid relying on nesting of parallelism in order to get
performance if using OpenMP.

3.4 MapReduce
One of the most widely used parallel programming models today is MapReduce. MapReduce
is easy both to learn and use, and is especially useful in analyzing large datasets. While it is not
suitable for several classes of scientific computing operations that are better served
by message-passing interface or OpenMP, such as numerical linear algebra or finite element
and finite difference computations, MapReduce's utility in workflows frequently called “big
data” has made it a mainstay in high performance computing. MapReduce programming model
and the Hadoop open-source framework supports it.

3.5 OpenCL
OpenCL has some advantages over other parallel programming models. First of all, it is the
only one of the “open” standards for which there actually are implementations by all major
vendors—unlike for OpenMP or OpenACC. The level of vendor support, however, is a
different story. OpenCL is a library that can be used with any C/C++ compiler, which makes
it independent of additional tools. The kernels are written separately in a C-like language and
compiled at runtime for the present hardware. The kernel compiler comes with the OpenCL
implementation provided by the hardware vendor. A kernel written in OpenCL will run
everywhere, including conventional CPUs, Intel Xeon Phi coprocessors, GPGPUs, some
FPGAs, and even mobile devices.

57
CIT421 Net-Centric Computing
OpenCL programs are divided into host and kernel code. Only the latter is executed on the
compute device. In the host program, kernels and memory movements are queued into
command queues associated with a device. The kernel language provides features like vector
types and additional memory qualifiers. A computation must be mapped to work-groups of
work-items that can be executed in parallel on the compute units (CUs) and processing
elements (PEs) of a compute device. A work-item is a single instance of a kernel function. For
each kernel-call, an NDRange (n-dimensional range) specifies the dimension, number, and
shape of the work-groups. Global synchronization during the execution of a kernel is
unavailable. Work-items inside a work-group can be synchronized. OpenCL provides a
complex memory model with a relaxed consistency.

3.6 The CUDA programming model

The CUDA programming model is a parallel programming model that provides an abstract
view of how processes can be run on underlying GPU architectures. The evolution of GPU
architecture and the CUDA programming language have been quite parallel and
interdependent. Although the CUDA programming model has stabilized over time, the
architecture is still evolving in its capabilities and functionality. GPU architecture has also
grown in terms of the number of transistors and number of computing units over years, while
still supporting the CUDA programming model.
Until 2000 GPU architectures supported fixed pipeline functionality tightly coupled
with graphics pipeline. Separate silicon real estate was dedicated to each state of the pipeline.
Around 2001 programmability for 2D operations (pixel shaders) and 3D operations (vertex
shaders) were introduced. Then from approximately 2006 through 2008 all these operations
were combined to be executed by a shared and common computational unit using a much
higher-level programmable feature. This programmability was introduced as the CUDA
programming model. Since then the CUDA programming model has been used to implement
many algorithms and applications other than graphics, and this explosion of use and
permeability of CUDA with hitherto unknown applications has catapulted the GPU’s near
ubiquitous use in many domains of science and technology. Since then all the GPUs designed
are CUDA-capable. It should be noted that before CUDA was released, there were attempts to
create high-level languages and template libraries such as Glift [2] and Scout [3]. But such
efforts tapered down with the introduction of CUDA, and more effort was spent on refining
CUDA and building libraries using its constructs.
58
CIT421 Net-Centric Computing

Discussion
Explain the peculiarities of the CUDA programming model.

4.0 Self-Assessment/Exercises
Mention and explain two widely known parallel programming models:
Answer
a. shared memory and
b. message passing
a. In the shared-memory programming model, tasks share a common address space, which
they read and write in an asynchronous manner. The communication between tasks is implicit.
If more than one task accesses the same variable, the semaphores or locks can be used for
synchronization. By keeping data local to the processor and making private copies, expensive
memory accesses are avoided, but some mechanism of coherence maintenance is needed when
multiple processors share the same data with the possibility of writing.
b. In the message-passing programming model, tasks have private memories, and they
communicate explicitly via message exchange. To exchange a message, each sends operation
needs to have a corresponding receive operation. Tasks are not constrained to exist on the same
physical machine.

5.0 Conclusion
A suitable combination of two previous parallel programming models is sometimes
appropriate. Processors can directly access memory on another processor. This is achieved via
message passing, but what the programmer actually sees is shared-memory model

59
CIT421 Net-Centric Computing

6.0 Summary
A parallel programming model is a set of program abstractions for fitting parallel activities
from the application to the underlying parallel hardware. It spans over different layers:
applications, programming languages, compilers, libraries, network communication, and I/O
systems. Two widely known parallel programming models are:
a. shared memory and
b. message passing

7.0 References/Further Reading

1. Linköping University Electronic Press ttp://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-
40734
2. High-Performance Computing - an overview | ScienceDirect Topics

60
CIT421 Net-Centric Computing

UNIT 3 Message Passing Programming

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Message-Passing Programming
3.2 Messages
3.3 Message-Passing Programming Model
3.4 Single-Program-Multiple-Data (SPMD)
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

61
CIT421 Net-Centric Computing

1.0 Introduction
As long as you are carrying an access card or ID badge, it means that your office uses an access
system. How does it really work? It's difficult since most people have never seen an access
system. Most people believe it is just a card reader on the wall. Of course there is a little bit
more to it in reality. It’s not very difficult though, there are just a few parts behind the scenes
that make the magic of easily unlocking a door every time.
This unit will give you a full and comprehensive understanding how access control systems,
how it work, control list and AAA framework.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Explain the concept access control
 Manage access control

3.0 Main Content

3.1 The message-passing programming
3.2 Messages
A message transfer is when data moves from variables in one sub-program to variables in
another sub-program. The message consists of the data being sent. The message passing system
has no interest in the value of this data. It is only concerned with moving it. In general the
following information has to be provided to the message passing system to specify the message
transfer.
 Which processor is sending the message.
 Where is the data on the sending processor.
 What kind of data is being sent.
 How much data is there.
 Which processor(s) are receiving the message.
62
CIT421 Net-Centric Computing
 Where should the data be left on the receiving processor.
 How much data is the receiving processor prepared to accept.
In general the sending and receiving processors will cooperate in providing this information.
Some of this information provided by the sending processor will be attached to the message as
it travels through the system and the message passing system may make some of this
information available to the receiving processor.
As well as delivering data the message passing system has to provide some information about
progress of communications. A receiving processor will be unable to use incoming data if it is
unaware of its arrival. Similarly a sending processor may wish to find out if its message has
been delivered. A message transfer therefore provides synchronisation information in addition
to the data in the message.
The essence of message passing is communication and many of the important concepts can be
understood by analogy with the methods that people use to communicate, phone, fax, letter,
radio etc. Just as phones and radio provide different kinds of service different message passing
systems can also take very different approaches. For the time being we are only interested in
general concepts rather than the details of particular implementations.

3.3 The message-passing programming model

The sequential paradigm for programming is a familiar one. The programmer has a simplified
view of the target machine as a single processor which can access a certain amount of memory.
He or she therefore writes a single program to run on that processor. The paradigm may in fact
be implemented in various ways, perhaps in a time-sharing environment where other processes
share the processor and memory, but the programmer wants to remain above such
implementation-dependent details, in the sense that the program or the underlying algorithm
could in principle be ported to any sequential architecture -- that is after all the point of a
paradigm.

Figure 1: The sequential programming paradigm

The message-passing paradigm is a development of this idea for the purposes of parallel
programming. Several instances of the sequential paradigm are considered together. That is,
63
CIT421 Net-Centric Computing
the programmer imagines several processors, each with its own memory space, and writes a
program to run on each processor. So far, so good, but parallel programming by definition
requires co-operation between the processors to solve a task, which requires some means of
communication. The main point of the message-passing paradigm is that the processes
communicate by sending each other messages. Thus the message-passing model has no concept
of a shared memory space or of processors accessing each other's memory directly -- anything
other than message-passing is out with the scope of the paradigm. As far as the programs
running on the individual processors are concerned, the message passing operations are just
subroutine calls.
Those with experience of using networks of workstations, client-server systems or even object-
oriented programs will recognise the message-passing paradigm as nothing novel.

3.4 Single-Program-Multiple-Data (SPMD )

Message-passing paradigm involves a set of sequential programs, one for each processor. In
reality, it is rare for a parallel programmer to make full use of this generality and to write a
different executable for each processor. Indeed, for most problems this would be perverse --
usually a problem can naturally be divided into sub-problems each of which is solved in broadly
the same way. An example is the transformation or iterative update of a regular grid (perhaps
in image processing or the numerical modelling of a problem from physics). The same
operation is to be applied at every grid point. A typical parallel algorithm divides the grid into
sub-grids and each sub-grid is processed in the same way.
Typically then, a programmer will want to write one program which is to be replicated across
multiple processors (probably as many as possible!), often with a one-off controller process
and possibly with other one-off processes like a name-server etc.
The acronym "SPMD" stands for single-program-multiple-data and refers to a restriction of the
message-passing model which requires that all processes run the same executable. Some
vendors provide parallel environments which only support SPMD parallel programs. In
practice this is not usually a problem to the programmer, who can incorporate all the different
types of process he or she requires into one overall executable. For example, here a controller
process performs a different task (e.g. reading, checking and distributing initial data) to a
worker process:
main(int argc, char **argv)
if(process is to become a controller process)
Controller( /* Arguments */ );
64
CIT421 Net-Centric Computing
else
Worker( /* Arguments */ );
or in Fortran,
PROGRAM
IF (process is to become a controller process) THEN
CALL CONTROLLER( /* Arguments */ )
ELSE
CALL WORKER( /* Arguments */ )
ENDIF
END
Often, for related reasons of efficiency, some vendors do not allow time-sharing i.e. multiple
processes per processor (some authorities understand the term ``SPMD" to include this further
restriction). The programmer should bear in mind that in a SPMD environment in which
multiple processes per processor are not allowed, having special lightly-loaded one-off
processes such as "controllers" or name-servers may be inefficient because a whole processor
will be taken up with that process.

Figure 2: The message-passing programming paradigm.

The message-passing paradigm has become increasingly popular in recent times. One reason
for this is the wide number of platforms which can support a message-passing model. Programs
written in a message-passing style can run on distributed or shared-memory multi-processors,
networks of workstations, or even uni-processor systems. The point of having the paradigm,
just as in the sequential case, is that the programmer knows that his or her algorithms should
in principle be portable to any architecture that supports a message-passing model. Message-
passing is popular, not because it is particularly easy, but because it is so general.

65
CIT421 Net-Centric Computing

Discussion
Discuss Single Program multiple Data (SPMD).

4.0 Self-Assessment/Exercises
1. What actually is the interest of a Message-passing System?

Answer

The message passing system has no interest in the value of this data. It is only concerned with
moving it. In general the following information has to be provided to the message passing
system to specify the message transfer. Which processor is sending the message:
o Where is the data on the sending processor.
o What kind of data is being sent.
o How much data is there.
o Which processor(s) are receiving the message.

5.0 Conclusion
The message-passing paradigm is a development of this idea for the purposes of parallel
programming. Several instances of the sequential paradigm are considered together. That is,
the programmer imagines several processors, each with its own memory space, and writes a
program to run on each processor. So far, so good, but parallel programming by definition
requires co-operation between the processors to solve a task, which requires some means of
communication

6.0 Summary
Message-passing paradigm involves a set of sequential programs, one for each processor. In
reality, it is rare for a parallel programmer to make full use of this generality and to write a
different executable for each processor. Indeed, for most problems this would be perverse --
66
CIT421 Net-Centric Computing
usually a problem can naturally be divided into sub-problems each of which is solved in broadly
the same way

7.0 References/Further Reading

1. Neil MacDonald, Elspeth Minty, Tim Harding, Simon Brown, Edinburgh Parallel
Computing Centre, The University of Edinburgh. (Course Notes)
2. Advances in GPU Research and Practice | ScienceDirect

67
CIT421 Net-Centric Computing

UNIT 4 Dependence Analysis

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Dependency Analysis
3.2 How Dependencies are Found

4.0 Self-Assessment Exercises

5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This
68
CIT421 Net-Centric Computing
unit will address measures on hardware and software based to prevent potential attack or
damage of organization data.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Improve their data privacy through hardware protection
 Protect their selves from software and internet attacks

3.0 Main Content

3.1 Dependency analysis
When examining an artifact for re-use you might want to understand what it depends on.
Developing a service that has a dependency on a large number of other distinct systems is likely
to result in something that has to be revalidated every time each of those dependencies changes
(which might therefore be quite often).
To undertake a typical dependency analysis, perform the following steps:
1. Identify the artefact with dependencies you want to analyze.
2. Trace through any relationships defined on that artefact and identify the targets of the
relationships. This impact analysis thus results in a list of "dependencies" that the
selected artefact depends on.
3. If these "dependencies" also depend on other artefacts, then the selected artefact will
also have an indirect dependency. The impact analysis must therefore act recursively
looking for relationships from any of the "dependencies".
This process continues until a complete graph is obtained starting at the selected artefact and
finishing with artefacts that have no further dependencies. The selected artefact might have a
dependency on any artefact in the graph.
Note that an object can exist multiple times in the graph if it can be reached in different ways.

69
CIT421 Net-Centric Computing
3.2 How dependencies are found
When impact analysis is started, it does not change the direction of processing through the
graph. For example, an object, B, has a dependency on object C, and object B is depended
on by objects A and D, as shown in Figure 1 below.
If object A is selected for analysis, the results list includes object B and object C. Despite
object D also having a dependency on objects B and C, the analysis keeps tracing down
through the dependencies and will not find any objects which are backwards in the
dependency hierarchy that are not directly linked to the selected object, so object D will not
be in the results list.

Figure 1. Dependency analysis graph

Discussion

What is dependence Analysis and how are dependencies found?

5.0 Conclusion
Computer systems face a number of security threats. One of the basic threats is data loss, which
means that parts of a database can no longer be retrieved. This could be the result of physical
damage to the storage medium (like fire or water damage), human error or hardware failures.

Another security threat is unauthorized access. Many computer systems contain sensitive
information, and it could be very harmful if it were to fall in the wrong hands. Imagine someone
getting a hold of your social security number, date of birth, address and bank information.
Getting unauthorized access to computer systems is known as cracking.

70
CIT421 Net-Centric Computing

6.0 Summary
To undertake a typical dependency analysis, perform the following steps:
1. Identify the artefact with dependencies you want to analyze.
2. Trace through any relationships defined on that artefact and identify the targets of the
relationships. This impact analysis thus results in a list of "dependencies" that the
selected artefact depends on.
3. If these "dependencies" also depend on other artefacts, then the selected artefact will
also have an indirect dependency. The impact analysis must therefore act recursively
looking for relationships from any of the "dependencies".

7.0 References/Further Reading

1. WebSphere Service Registry and Repository /8.5.6/

71
CIT421 Net-Centric Computing

UNIT 5 Open MP programming

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Introduction to Open Specification for Multi-Processing (OpenMP)
3.2 Brief History to OpenMP
3.3 A Thread
3.4 A Process
3.5 Differences between Threads and Processes
3.6 OpenMP Programming Model
3.6.1 Explicit Parallelism
3.6.2 Compiler Directive Based
3.6.3 Fork-Join Parallelism
3.6.4 Join
3.7 A Program
3.8 OpenMP/ Hello World
3.8.1 Steps to Create a Parallel Program
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

72
CIT421 Net-Centric Computing

1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This
unit will address measures on hardware and software based to prevent potential attack or
damage of organization data.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Improve their data privacy through hardware protection
 Protect their selves from software and internet attacks

3.0 Main Content

3.1 Introduction to Open Specification for Multi-Processing (OpenMP)
Open MP means Open specifications for MultiProcessing via collaborative work between
interested parties from the hardware and software industry, government and academia. It is an
Application Program Interface (API) that is used to explicitly direct multi-threaded, shared
memory parallelism. API components include Compiler directives, Runtime library routines
and Environment variables. Portable because API is specified for C/C++ and Fortran &
Implementations on almost all platforms including Unix/Linux and Windows. Standardization
is ensured by Jointly defined and endorsed by major computer hardware and software vendors
and it is possible to become ANSI standard.
3.2 Brief History of OpenMP
73
CIT421 Net-Centric Computing
In 1991, Parallel Computing Forum (PCF) group invented a set of directives for specifying
loop parallelism in Fortran programs. X3H5, an ANSI subcommittee developed an ANSI
standard based on PCF. In 1997, the first version of OpenMP for Fortran was defined by
OpenMP Architecture Review Board. Binding for C/C++ was introduced later. Version 3.1 of
it was available since 2011.

Figure 9: Open Specification for MultiProcessing (OpenMP)

3.3 Thread
A process is an instance of a computer program that is being executed. It contains the program
code and its current activity. A thread of execution is the smallest unit of processing that can
be scheduled by an operating system. Thread model is an extension of the process model. Each
process consists of multiple independent instruction streams (or threads) that are assigned
computer resources by some scheduling procedure. Threads of a process share the address
space of this process. Global variables and all dynamically allocated data objects are accessible
by all threads of a process. Each thread has its own run-time stack, register, program counter.
Threads can communicate by reading/writing variables in the common address space.
3.4 A Process
A process contains all the information needed to execute the program.
 Process ID
 Program code
 Data on run time stack
 Global data

74
CIT421 Net-Centric Computing

 Data on heap
Each process has its own address space. In multitasking, processes are given time slices in a
round robin fashion. If computer resources are assigned to another process, the status of the
present process has to be saved, in order that the execution of the suspended process can be
resumed at a later time.

3.5 Differences between threads and processes

A thread is contained inside a process. Multiple threads can exist within the same process and
share resources such as memory. The threads of a process share the latter’s instructions (code)
and its context (values that its variables reference at any given moment). Different processes
do not share these resources.

3.6 OpenMP Programming Model

Shared memory, thread-based parallelism. OpenMP is based on the existence of multiple
threads in the shared memory programming paradigm. A shared memory process consists of
multiple threads.
3.6.1 Explicit Parallelism
In Explicit Parallelism, a Programmer has full control over parallelization. OpenMP is not an
automatic parallel programming model.
3.6.2 Compiler Directive Based
Most OpenMP parallelism is specified through the use of compiler directives which are
embedded in the source code.
OpenMP is not necessarily implemented identically by all vendors. Meant for distributed-
memory parallel systems (it is designed for shared address spaced machines). Guaranteed to
make the most efficient use of shared memory. Required to check for data dependencies, data
conflicts, race conditions, or deadlocks. Required to check for code sequences, meant to cover
compiler-generated automatic parallelization and directives to the compiler to assist such
parallelization. Designed to guarantee that input or output to the same file is synchronous when
executed in parallel.

3.6.3 Fork-Join Parallelism.

OpenMP program begin as a single process: the master thread. The master thread executes
sequentially until the first parallel region construct is encountered. When a parallel region is
encountered, master thread create a group of threads by FORK and becomes the master of this
75
CIT421 Net-Centric Computing
group of threads, and is assigned the thread id 0 within the group. The statement in the program
that are enclosed by the parallel region construct are then executed in parallel among these
threads.
3.6.4 JOIN
When the threads complete executing the statement in the parallel region construct, they
synchronize and terminate, leaving only the master thread. Master thread is shown in red. 10
I/O • OpenMP does not specify parallel I/O. • It is up to the programmer to ensure that I/O is
conducted correctly within the context of a multithreaded program. Memory Model • Threads
can “cache” their data and are not required to maintain exact consistency with real memory all
of the time. • When it is critical that all threads view a shared variable identically, the
programmer is responsible for insuring that the variable is updated by all threads as needed.
3.7 A “Pragma”
It stands for “pragmatic information”. A pragma is a way to communicate the information to
the compiler. The information is non-essential in the sense that the compiler may ignore the
information and still produce correct object program.

3.8 OpenMP | Hello World program

Prerequisite: OpenMP | Introduction with Installation Guide

In this section, we will learn how to create a parallel Hello World rogram using OpenMP.

3.8.1 Steps to Create a Parallel Program

1. Include the header file: We have to include the OpenMP header for our program along
with the standard header files.

//OpenMP header
#include <omp.h>
2. Specify the parallel region:
In OpenMP, we need to mention the region which we are going to make it as parallel using
the keyword pragma omp parallel. The pragma omp parallel is used to fork additional
threads to carry out the work enclosed in the parallel. The original thread will be denoted
as the master thread with thread ID 0. Code for creating a parallel region would be,

#pragma omp parallel

76
CIT421 Net-Centric Computing
{
//Parallel region code
}
So, here we include

#pragma omp parallel

{
printf("Hello World... from thread = %d\n",
omp_get_thread_num());
}

3. Set the number of threads:

we can set the number of threads to execute the program using the external variable.

export OMP_NUM_THREADS=5

Figure 10: Diagram of parallel region

As per the above figure, once the compiler encounters the parallel regions code, the master
thread (thread which has thread id 0) will fork into the specified number of threads. Here it
will get forked into 5 threads because we will initialise the number of threads to be executed
as 5, using the command export OMP_NUM_THREADS=5. Entire code within the parallel
region will be executed by all threads concurrently.

77
CIT421 Net-Centric Computing
Once the parallel region ended, all threads will get merged into the master thread.

4. Compile and Run:

4.1 Compile:

gcc -o hello -fopenmp hello.c

4.2 Execute:

./hello
Below is the complete program with the output of the above approach:
Program: Since we specified the number of threads to be executed as 5, 5 threads will
execute the same print statement at the same point of time. Here we cannot assure the order
of execution of threads, i.e Order of statement execution in the parallel region would not
be the same for all executions. In the below picture, while executing the program for first-
time, thread-1 gets completed first whereas, in the second run, thread-0 completed first.
omp_get_thread_num() will return the thread number associated with the thread.

4.2.1 OpenMP Hello World program

// OpenMP program to print Hello World

// using C language
// OpenMP header
#include <omp.h>
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char* argv[])
{
// Beginning of parallel region
#pragma omp parallel
{
printf("Hello World... from thread = %d\n",
omp_get_thread_num());
}
// Ending of parallel region
}

78
CIT421 Net-Centric Computing
Output:
When run for 1st time:

 When run for multiple time: Order of execution of threads changes every time.

Discussion

Is it possible to implement One Time Password on system logon security?

79
CIT421 Net-Centric Computing

6.0 Summary
The objective of system security is the protection of information and property from theft,
corruption and other types of damage, while allowing the information and property to remain
accessible and productive. System security includes the development and implementation of
security countermeasures. There are a number of different approaches to computer system
security, including the use of a firewall, data encryption, passwords and biometrics.

7.0 References/Further Reading

1. OpenMP | Introduction with Installation Guide
2. In C/C++/Fortran, parallel programming can be achieved using OpenMP.
3. http://en.wikipedia.org/wiki/Process_(computing)

80
CIT421 Net-Centric Computing

UNIT 6 Evaluation of Programs

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Program Evaluation
3.2 Definition of Program Evaluation
3.2.1 Purposes for Program Evaluation
3.3 Barriers
3.3.1 Overcoming Barriers
3.4 Types of Evaluations
3.4.1 Current Evaluation
3.4.2 Formative Evaluation
3.4.3 Process Evaluation
3.4.4 Impact Evaluation
3.4.5 Outcome Evaluation
3.5 Performance or Program Monitoring
3.6 Evaluation Standards and Designs
3.7 Logic Models
3.8 Communicating Evaluation Findings
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

81
CIT421 Net-Centric Computing

1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This
unit will address measures on hardware and software based to prevent potential attack or
damage of organization data.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Improve their data privacy through hardware protection
 Protect their selves from software and internet attacks

3.0 Main Content

3.1 Programs Evaluation

3.2 Definition of Program Evaluation

Evaluation is the systematic application of scientific methods to assess the design,
implementation, improvement or outcomes of a program (Rossi & Freeman, 1993; Short,
Hennessy, & Campbell, 1996). The term "program" may include any organized action such as
media campaigns, service provision, educational services, public policies, research projects,
etc. (Center for Disease Control and Prevention [CDC], 1999).

82
CIT421 Net-Centric Computing
3.2.1 Purposes for Program Evaluation

Demonstrate program effectiveness to funders

Improve the implementation and effectiveness of programs

Better manage limited resources

Document program accomplishments

Justify current program funding

Support the need for increased levels of funding

Satisfy ethical responsibility to clients to demonstrate positive and negative effects of

program participation (Short, Hennessy, & Campbell, 1996).

Document program development and activities to help ensure successful replication

3.3 Barriers

Program evaluations require funding, time and technical skills: requirements that are often
perceived as diverting limited program resources from clients. Program staff are often
concerned that evaluation activities will inhibit timely accessibility to services or compromise
the safety of clients. Evaluation can necessitate alliances between historically separate
community groups (e.g. academia, advocacy groups, service providers; Short, Hennessy, &
Campbell, 1996). Mutual misperceptions regarding the goals and process of evaluation can
result in adverse attitudes (CDC, 1999; Chalk & King, 1998).

3.3.1 Overcoming Barriers

Collaboration is the key to successful program evaluation. In evaluation terminology,

stakeholders are defined as entities or individuals that are affected by the program and its
evaluation (Rossi & Freeman, 1993; CDC, 1999). Involvement of these stakeholders is an integral
part of program evaluation. Stakeholders include but are not limited to program staff, program
clients, decision makers, and evaluators. A participatory approach to evaluation based on
respect for one another's roles and equal partnership in the process overcomes barriers to a
mutually beneficial evaluation (Burt, Harrell, Newmark, Aron, & Jacobs, 1997; Chalk & King,
1998). Identifying an evaluator with the necessary technical skills as well as a collaborative
approach to the process is integral. Programs have several options for identifying an evaluator.
Health departments, other state agencies, local universities, evaluation associations and other
83
CIT421 Net-Centric Computing
programs can provide recommendations. Additionally, several companies and university
departments providing these services can be located on the internet. Selecting an evaluator
entails finding an individual who has an understanding of the program and funding
requirements for evaluations, demonstrated experience, and knowledge of the issue that the
program is targeting (CDC, 1992).

3.4 Types of Evaluation

Various types of evaluation can be used to assess different aspects or stages of program
development. As terminology and definitions of evaluation types are not uniform, an effort has
been made to briefly introduce a number of types here.
3.4.1 Context Evaluation
Investigating how the program operates or will operate in a particular social, political, physical
and economic environment. This type of evaluation could include a community needs or
organizational assessment (http://www.wkkf.org/Publications/evalhdbk/default.htm).
Sample question: What are the environmental barriers to accessing program services?

3.4.2 Formative Evaluation

Assessing needs that a new program should fulfill (Short, Hennessy, & Campbell, 1996),
examining the early stages of a program's development (Rossi & Freeman, 1993), or testing a
program on a small scale before broad dissemination (Coyle, Boruch, & Turner, 1991). Sample
question: Who is the intended audience for the program?

3.4.3 Process Evaluation

Examining the implementation and operation of program components. Sample question: Was
the program administered as planned?

3.4.4 Impact Evaluation

Investigating the magnitude of both positive and negative changes produced by a program
(Rossi & Freeman, 1993). Some evaluators limit these changes to those occurring immediately
(Green & Kreuter, 1991). Sample question: Did participant knowledge change after attending
the program?

3.4.5 Outcome Evaluation

Assessing the short and long-term results of a program. Sample question: What are the long-
term positive effects of program participation?

84
CIT421 Net-Centric Computing

3.5 Performance or Program Monitoring

Similar to process evaluation, differing only by providing regular updates of evaluation results
to stakeholders rather than summarizing results at the evaluation's conclusion (Rossi &
Freeman, 1993; Burt, Harrell, Newmark, Aron, & Jacobs, 1997).

3.6 Evaluation Standards and Designs

Evaluation should be incorporated during the initial stages of program development. An initial
step of the evaluation process is to describe the program in detail. This collaborative activity
can create a mutual understanding of the program, the evaluation process, and program and
evaluation terminology. Developing a program description also helps ensure that program
activities and objectives are clearly defined and that the objectives can be measured. In general,
the evaluation should be feasible, useful, culturally competent, ethical and accurate (CDC,
1999). Data should be collected over time using multiple instruments that are valid, meaning
they measure what they are supposed to measure, and reliable, meaning they produce similar
results consistently (Rossi & Freeman, 1993). The use of qualitative as well as quantitative data
can provide a more comprehensive picture of the program. Evaluations of programs aimed at
violence prevention should also be particularly sensitive to issues of safety and confidentiality.
Experimental designs are defined by the random assignment of individuals to a group
participating in the program or to a control group not receiving the program. These ideal
experimental conditions are not always practical or ethical in "real world" constraints of
program delivery. A possible solution to blending the need for a comparison group with
feasibility is the quasi-experimental design in which an equivalent group (i.e. individuals
receiving standard services) is compared to the group participating in the target program.
However, the use of this design may introduce difficulties in attributing the causation of effects
to the target program. While non-experimental designs may be easiest to implement in a
program setting and provide a large quantity of data, drawing conclusions of program effects
are difficult.

3.7 Logic Models

Logic models are flowcharts that depict program components. These models can include any
number of program elements, showing the development of a program from theory to activities
and outcomes. Infrastructure, inputs, processes, and outputs are often included. The process of
developing logic models can serve to clarify program elements and expectations for the
stakeholders. By depicting the sequence and logic of inputs, processes and outputs, logic
85
CIT421 Net-Centric Computing
models can help ensure that the necessary data are collected to make credible statements of
causality (CDC, 1999).

3.8 Communicating Evaluation Findings

Preparation, effective communication and timeliness in order to ensure the utility of evaluation
findings. Questions that should be answered at the evaluation's inception include: what will be
communicated? to whom? by whom? and how? The target audience must be identified and the
report written to address their needs including the use of non-technical language and a user-
friendly format (National Committee for Injury Prevention and Control, 1989). Policy makers,
current and potential funders, the media, current and potential clients, and members of the
community at large should be considered as possible audiences. Evaluation reports describe
the process as well as findings based on the data

Discussion

Is it possible to implement One Time Password on system logon security?

86
CIT421 Net-Centric Computing

7.0 References/Further Reading

References

Burt, M. R., Harrell, A. V., Newmark, L. C., Aron, L. Y., & Jacobs, L. K. (1997). Evaluation
guidebook: Projects funded by S.T.O.P. formula grants under the Violence Against Women
Act. The Urban Institute. http://www.urban.org/crime/evalguide.html

Centers for Disease Control and Prevention. (1992). Handbook for evaluating HIV education.
Division of Adolescent and School Health, Atlanta.

CDC. Framework for program evaluation in public health. MMWR Recommendations and
Reports 1999;48(RR11):1-40.

Chalk, R., & King, P. A. (Eds.). (1998). Violence in Families: Assessing prevention and
treatment programs. Washington DC: National Academy Press.

Coyle, S. L., Boruch, R. F., & Turner, C. F. (Eds.). (1991). Evaluating AIDS prevention
programs: Expanded edition. Washington DC: National Academy Press.

Green, L.W., & Kreuter, M. W. (1991). Health promotion planning: An educational and
environmental approach (2nd ed.). Mountain View, CA: Mayfield Publishing Company.

National Committee for Injury Prevention and Control. (1989). Injury prevention: Meeting the
challenge. American Journal of Preventive Medicine, 5(Suppl. 3).

Rossi, P. H., & Freeman, H. E. (1993). Evaluation: A systematic approach (5th ed.). Newbury
Park, CA: Sage Publications, Inc.

Short, L., Hennessy, M., & Campbell, J. (1996). Tracking the work. In Family violence:
Building a coordinated community response: A guide for communities.

Witwer, M. (Ed.) American Medical Association. Chapter 5.

87
CIT421 Net-Centric Computing
W.K. Kellogg Foundation. W.K. Kellogg evaluation
handbook. http://www.wkkf.org/Publications/evalhdbk/default.htm

(http://www.wkkf.org/Publications/evalhdbk/default.htm).

88
CIT421 Net-Centric Computing

UNIT 7 Optimization for Scalar Architectures

Contents
1.0 Introduction
2.0 Intended Learning Outcomes (ILOs)
3.0 Main content
3.1 Hardware Protection Mechanism
3.1.1 CPU Protection
3.1.2 Memory Protection
3.1.3 I/O Protection
3.2 Software and OS security
3.2.1 Authentication
3.2.2 One Time Password
3.2.3 Program Threat
3.2.4 System Threat
3.3 Case/Example
4.0 Self-Assessment Exercises
5.0 Conclusion
6.0 Summary
7.0 References/Further Reading

89
CIT421 Net-Centric Computing

1.0 Introduction
Despite all security measures discussed above, an organization is prone to security breach if its
employees lack security caution and awareness on their working computers. These computers
contain sensitive organization details and information and therefore need to implement security
measures to protect their data. Threats such as unauthorized access, internet fraudsters, viruses
and spyware can cause a lot of damages to organization through employees’ computer. This
unit will address measures on hardware and software based to prevent potential attack or
damage of organization data.

2.0 Intended Learning Outcomes (ILOs)

At the end of this unit, students will able to
 Improve their data privacy through hardware protection
 Protect their selves from software and internet attacks

3.0 Main Content

3.1 Programs Evaluation

Contributed by
Robin Puett, MP

3.2 Definition of Program Evaluation

3.2.1 Purposes for Program Evaluation

90
CIT421 Net-Centric Computing

Demonstrate program effectiveness to funders

Improve the implementation and effectiveness of programs

Better manage limited resources

Document program accomplishments

Justify current program funding

Support the need for increased levels of funding

Satisfy ethical responsibility to clients to demonstrate positive and negative effects of

program participation (Short, Hennessy, & Campbell, 1996).

Document program development and activities to help ensure successful replication

3.3 Barriers

3.3.1 Overcoming Barriers

Collaboration is the key to successful program evaluation. In evaluation terminology,

stakeholders are defined as entities or individuals that are affected by the program and its
evaluation (Rossi & Freeman, 1993; CDC, 1999). Involvement of these stakeholders is an integral
part of program evaluation. Stakeholders include but are not limited to program staff, program
clients, decision makers, and evaluators. A participatory approach to evaluation based on
respect for one another's roles and equal partnership in the process overcomes barriers to a
mutually beneficial evaluation (Burt, Harrell, Newmark, Aron, & Jacobs, 1997; Chalk & King,
1998). Identifying an evaluator with the necessary technical skills as well as a collaborative
approach to the process is integral. Programs have several options for identifying an evaluator.
Health departments, other state agencies, local universities, evaluation associations and other
programs can provide recommendations. Additionally, several companies and university

91
CIT421 Net-Centric Computing
departments providing these services can be located on the internet. Selecting an evaluator
entails finding an individual who has an understanding of the program and funding
requirements for evaluations, demonstrated experience, and knowledge of the issue that the
program is targeting (CDC, 1992).

3.4 Types of Evaluation

3.4.2 Formative Evaluation

3.4.3 Process Evaluation

Examining the implementation and operation of program components. Sample question: Was
the program administered as planned?

3.4.4 Impact Evaluation

3.4.5 Outcome Evaluation

Assessing the short and long-term results of a program. Sample question: What are the long-
term positive effects of program participation?

3.5 Performance or Program Monitoring

92
CIT421 Net-Centric Computing
Similar to process evaluation, differing only by providing regular updates of evaluation results
to stakeholders rather than summarizing results at the evaluation's conclusion (Rossi &
Freeman, 1993; Burt, Harrell, Newmark, Aron, & Jacobs, 1997).

3.6 Evaluation Standards and Designs

3.7 Logic Models

93
CIT421 Net-Centric Computing
models can help ensure that the necessary data are collected to make credible statements of
causality (CDC, 1999).

3.8 Communicating Evaluation Findings

Discussion

Is it possible to implement One Time Password on system logon security?

94
CIT421 Net-Centric Computing