Java Technology (Internet Technologies)

Key Components:

1. Programming Lang – source language (JPL)2. Runtime Environment – facility to run applets or

programs3. Class Library

Characteristics:

1. High level2. General Purpose3. Similar to C++ - same semantic constructs4. Object Orientated5. Dynamic – instance of object created at RT6. Strongly Typed – data item declared, intended &

prohibited7. Statically Type Checked – typed compatibility

checked @ RT8. Concurrent – Multiple threads execute

concurrently

Java as a platform Virtual Machine – (JVM) Java API – ready made software components; grouped into libraries (packages)

1. Objects, strings, threads, I/O2. Applets3. Networking (TCP, UDP)4. Internationalisation5. Security6. Software like Javabeans7. Object Serialisation (RMI)8. JDBC

Java ProgramJava APIJava Virtual MachineHardware-Based Platform

JVM

Interpretive Execution - unlike a conventional compiler that translates source into a binary object, machine independent binary representation known as byte code is read by interpreter

Automatic garbage collection- allocate and release memory

Multi-threaded Execution – concurrent thread execution, scheduling and context switching (microkernel)

Internet Access – includes socket library, java program can become client using TCP or UDP

Graphics – control display, create windows

JPL, Runtime, byte code are independent of hardware, produces the same output on any computer. Interpreter makes programs portable.

Advantages:

1. Agnostic computer brand, download and run copy of active document

2. Guarantees document produce correct output on all browsers

3. Reduces document creation costs, one version instead of multiple versions for each type of computer.

Bout Applets

1. Applets are stored on an Internet/Intranet server.

2. Run on JVM provided by the browser3. Delivery and execution is supervised under of

Security Manager which regulates tasks4. Browser looks at the <APPLET> tag on the page5. Class loader inside JVM checks to see what

classes are needed6. Class loading process, classes are loaded

through a verifier to ensure no malevolent code is run

7. Different from java program where classes are found using CLASSPATH, applets use CODEBASE attribute in the <APPLET> tag

Java is case sensitive Use fully qualified name (include package name,

classname etc..) Ensure quotes around values like CODE,

CODEBASE Ensure browser support and versioning Some browsers may omit certain parts of the

java functionality Browsers differ in their implementation of the

Security Mgr.

Solutions to browser issues:

Use same version of JDK Write only JDK 1.02 code Get the non-core Java classes installed on clients Pick on browser

Tips for deployment of Applet

Get files to right location, move HTML files aove class hierarchy (where your compile files go)

Use packages to avoid conflicts with classes Have the most current browser Use archive files, compressed class files for the

client to use.

Java Overview Review

Features:

OO with classes and inheritance Strong typing and safety Small Garbage collection Huge platform Applets and applications

TypeAll variable declarations must be typed including parameter of methods. Mostly static type checking (some dynamic and casting)Primitive Types, All Classes, Arrays

ClassesTemplatesPublic class DogClass { …} // class definePublic void bark() //dog method or field

Object & ConstructorsInitialize a class or its methods. Constructor method is same name as the class name

Class Fields are methods defined in classes

Subclasses and Inheritance pubic class Smallthing extends Mainthing

Visibility: Private – viewable only inside the class Package – viewable inside class and in the same

package Protected – private + package and subclasses Public – all classes

Interfaces:

Interface declarationPublic interface something {…}Used in a class declaration to extend

Exceptions:Use of Try - Catch syntax

Java Security Notes:

Manage threats by active content by isolating all sensitive, potentially unsafe functions of programming lang.

Browser defines security policy for authorized and unauthorized access

JPL must gain permission from module (Sec. Mgr) enforcing policy to run sensitive functions to completion and access resource. – Sandboxing

Java defines Security Manager class # of access-control methods Sandboxes major threats to active document Security manager methods have naming

convention with checkXXXX

Browser measures trustworthiness of java code

Applets and Apps loaded locally are considered trustworthyApplets and apps on network are not & access is limited by sandboxing so:

1. System resources are limited2. All the checkXXX methods in SecMgr class throw

security exceptions

Sockets…are Software interfaces that connect an app to the network. 64K addressable sockets, colloquially known as port numbers.

Server programs listen to these sockets for any service requestsClient program needs to open socket of its own before it can connect to a server socket at the end

ServerSocket (Server) and Socket (Client) classes provide complete TCP/IP connectivity support; provides methods to connect any stream (I/O) to a socket to communicate through.

Garbage Collection…Pertains to objects not being needed by a program, when object is not referenced, the heap space that is occupied is recycled to make space available for subsequent objects.

Fights heap fragmentation whereby process of extending memory this caused during the normal course of running application freeing and allocating in between live objects and not enough contiguous free heap space where a new object needs to fit.

Heap is the area of memory used for dynamic allocation where blocks are allocated and freed in arbitrary order.

Pattern of allocation and size of blocks are not known until run time.

Finalizer – is a method called immediately before a class is garbage collected.

Thread… is a single flow of control within a program which must have its own resources sometimes share many resources like memory space and open files, hence referred to as a lightweight process. Easier to create and destroy than a “true” process cause of the less resource management is involved.

Program Counter (PC) is a instruction address register in CPU contains address for the next instruction to be executed.

Enterprise ComputingHistory

1. Mainframes, Dumb terminals2. Isolated PCs3. Networks:

Client/Server model – 2 Tier Logic Application Servers – 3 Tier

Problems with 2 Tier model : Fat client Business logic on PC Clients Expensive to maintain Heavy communication Transactions conducted controlled by client Security problems Distribute updates problems

Check out Windows!

3-Tier1. Presentation Layer, 2. Business Logic Layer (web server)3. Backend Data Layer

Middle Tier is where business objects, components are storedDesign re-use, GUI frontendEasy maintenance & Change managementEasy management across all tiers:

1. Security2. Transaction Processing3. System Management

Component problems with:DLL problems with shared componentsOLE and COMCOM+ and DCOM – problems with platform dependenceShould be decoupled for re-use and easier replacement & update

Enterprise systems based on components: Transaction Logic Persistence Security Concurrency Performance

Component Models: COM, COM++ JavaBeans OMG (CORBA)

Object Management Group (OMG) is a consortium aimed at setting standards in object-oriented programming as well as system modeling.

Considerations: Multiple platforms Communication between objects Distribution of objects (mobile code) Management of components (support for hard

parts)

Examine JavaBeans, RPC, and CORBA

EJB (Enterprise JavaBeans)Session come in (stateful,- client sessions v. stateless - quicker)Persistent objectsContainers – supporting framework for components, manage the of life & instances of EJB; middleware involved in ‘hard parts’

EJBs are deployed in an EJB container within the application server. The specification describes how an EJB interacts with its container and how client code

interacts with the container/EJB combination. READ MORE specification

RMI - a Java application programming interface for performing remote procedural calls.

Remote procedure call (RPC) is a protocol that allows a computer program running on one host to cause code to be executed on another host without the programmer needing to explicitly code for this. When the code in question is written using object-oriented principles, RPC is sometimes referred to as remote invocation or remote method invocation.

RPC - Remote Procedure Callsparadigm for implementing the client-server model of distributed computingRPC is initiated by the caller (client) sending a request message to a remote system (the server) to execute a certain procedure using arguments supplied. A result message is returned to the caller. There are many variations and subtleties in various implementations, resulting in a variety of different (incompatible) RPC protocols.

In order to allow servers to be accessed by differing clients, a number of standardized RPC systems have been created. Most of these use an interface description language (IDL) to allow various platforms to call the RPC. Examples Sun RPC (sometimes called ONC RPC), DCE, Microsoft's DCOM (and ActiveX) *based in part on DCE, and CORBA

Recently a number of vendors have started using XML as the IDL, and HTTP as the network protocol. The advantage of this system, known as web services, is simplicity and standardization, the IDL is a text file that is widely understood, and HTTP is built into almost all modern operating systems. An example of such an RPC system is SOAP, developed in turn from XML-RPC.

IIOP, the Internet Inter-Orb Protocol, is a protocol for communication between CORBA ORBs

CORBA – Common Object Request Broker Architecture

Neutral way to access objects (inter-operable) ORB receives request, must find implementation ORB prepared to implement object to deal with

request Communicate with data to complete request IDL specifies how to communicate with an ORB ORB is used to access objects on same machine

and across network

Defines APIs, communication protocol, and object/service information models to enable heterogeneous applications written in various languages running on various platforms to interoperate. CORBA therefore provides platform and location transparency for well-defined objects, which are the fundamental underpinnings of any distributed computing platform.

In a general sense CORBA "wraps" code written in another language into a bundle containing additional information on the capabilities of the code inside, and how to call it. The resulting wrapped objects can then be called from other programs (or CORBA objects) over the network. In this sense CORBA can be considered as a machine-readable documentation format, similar to a header file but with considerably more information.

CORBA uses an interface definition language (IDL) to specify the interfaces that objects will present to the world. CORBA then specifies a "mapping" from IDL (Interface Definition Language) to a specific implementation language like C++ or Java. This mapping precisely describes how the CORBA data types are to be used in both client and server implementations.

CORBA Limits:

Lowest common denominator – missing advanced features, higher order, event/callback, multi-casting

Asynchronous message passing Problems of too many threads IIOP/Firewall problems Inter-operability of ORBs for different vendors.

READ MORE about POA, IR, DII

1. COM and OMG CORBA standards did not inter-operate

2. Numerous security and administrative issues3. Limited scalability expectations of the web

Web ServicesUses standardized XML message systemAlternatives to XML messaging:

XML-RPC, SOAP, HTTP GET/POST

Web Services are: Self describing Discoverable Independent – not tied to an OS

Self describing – publish a public interfaceHuman readable documentation Discoverable – mechanism to find the service

Web is human-centric, where Web Services is described as application centric – conversations can take directly between applications just as easily browsers & servers.

Examples: Credit Card Verification, Shopping bots, Currency conversion, language translation

Tim Berners Lee “actualisation of semantic web”

Decoupling presentation from content, web-app centric, component orientated, Automated web

Web Service Roles

Service Provider – implements the services and makes it available

Service Requester – any consumer for the WS. The requestor utilizes an existing WS by issuing a XML request.

Service Registry – centralized directory of services. This registry provides a central place where developers can publish new services.

The Web service protocol stack is the collection of computer networking protocols that are used to define, locate, implement, and make Web services interact with each other.

The Web service protocol stack is mainly comprised of four areas:

Service Transport: It is responsible for transporting messages between network applications and includes protocols such as HTTP, SMTP, FTP, as well as the more recent Blocks Extensible Exchange Protocol (BEEP).

XML Messaging: It is responsible for encoding messages in a common XML format so that messages can be understood at either end of the network connection. Currently, this area includes such protocols as XML-RPC and SOAP.

Service Description: It is used for describing the public interface to a specific web service. The WSDL protocol is typically used for this purpose.

Service Discovery: It centralizes services into a common registry such that network web services can publish their location and description, and makes it easy to discover what services are available on the network. At present, the UDDI protocol is normally used for service discovery.

XML: All data to be exchanged is formatted with XML tags. This encoding can be performed by SOAP or XML-RPC (note: industry standards for security, interoperability, etc. are based on SOAP).

Common protocols: XML data can be transported between applications using common protocols such as HTTP, FTP, SMTP and XMPP.

WSDL: The public interface to the web service is described by Web Services Description Language, or WSDL. This is an XML-based service description on how to communicate using the web service.

UDDI: The web service information is published using this protocol. It enables applications to look up web services information in order to determine whether to use them.

WS-Security: The Web Services Security protocol has been accepted as an OASIS standard. The standard allows authentication of actors and confidentiality of the messages sent.

Contenders: XML-RPC, SOAP

XML-RPC – simple protocol that uses XML messages to perform RPCs, is platform independent.

Messaging:Requests are encoded in XML and sent via HTTP POSTXML Responses are embedded in the body of the HTTP Response embedded in the body of HTTP response

SOAP… XML based protocol for exchanging information

between computers SOAP is RPCs transported via HTTP Like XML-RPC, its platform independent.

WSDL – currently represents the service description within the web service protocol stack, written XML grammar specifying a public interface which can include all publicly available functions, data type info for all XML messages.

UDDI – represents the discovery layer within the protocol stack. Technical spec for publicationPrincipal categories: White, Yellow, and Green Pages

Service Request Perspective:1. Find services via UDDI2. Retrieve service description file: WSDL or XML-RPC3. Create XML-RPC or SOAL client4. Invoke remote service

Service Provider Perspective:1. Create core functionality2. Create XML-RPC or SOAP service wrapper3. Create WSDL services description or XML-RPC

integration instructions4. Deploy service5. Register new service via UDDI

Needs:

Allow problem solving logic from existing applications to be reused (recycle software functionality)

Transform application ownership Viewed as standardized, platform and programming

language independent mechanism

Main Advantages:Supply Side:

Removes need to develop all necessary software Standardized platform & programming language

access to 3rd party software Compress development schedule Reduce software testing Reduce application development costs Expedites time to market Easy to add new functionality Remove platform dependencies.

Demand Side: Access feature rich apps Faster availability of new apps, new features &

software upgrades More reliable & resilient software Greater variety of apps Available economically infeasible apps

Security

Aspects of security:

Authentication – id of author or participant Authorization – are you allowed Confidentially – protect from eavesdropping Integrity – has it been altered Non-repudiation - receipts

Encryption for addressing Internet Protocol Stack

Application LayerKerberos, DNSSEC

TCP/UDP Transport LayerSSH, SSL/TLS

Internet IP LayerIPSec

Data Link, Network Access LayerTunnelling protocols

Cryptography

Science of making the cost of improperly acquiring or altering data greater than the potential value

Secret Key Public Key Message Digest Signatures Certificates

Plaintext -> Encryption -> CipherText -> Decryption->PlainText

Symmetric Key SystemsBoth keys to encrypt and decrypt are available to both parties, problems with key distribution

Asymmetric Key Systemsi.e. Diffie-HellmanPublic key and Private key, where public key can only encrypt msg not decrypt to read (need a private key)

Cryptosystems based on three cryptographic algorithms: Secret key Public key Message digest

Secret Key algorithms – encrypt plaintext messages to ciphertexts that are usually the same size; symmetric cryptography or bulk encryption; Problem with exchanging keys; SSL used to create authenticated and encrypted channels on the internet uses Digital Certificates to negotiate a secret key between server and browser

Examples: Blowfish, DES, RC2, RC4, RC5, Triple DES

Public Key algorithms – similar to secret key, but use two keys, one public, one private; because uses 2 distinct keys it is called asymmetric cryptography; keys are mathematical value, involves the use of prime numbers and factoring

Example: Diffie-Hellman, RSA

SSL (Secure Sockets Layer) creates secure and reliable communication

1. Connection is private, encryption used after initial handshake to define cryptographic protocol; secret key encryption is used for data encryption

2. The peer’s identity can be authenticated using public key cryptography

3. The connection is reliable, message transport includes integrity check using secure has functions.

Message Digest algorithms – map variable length plaintext with fixed length cipher text

Key servers (KS) act as intermediaries hold shared keys. All messages go through the key server

Kerberos – also uses a key server, but key server sends a new secret key plus another key with recipients key that are both encyrypted; considered a session key only known to Sender, Recipient & KS.

PKI – Public Key Infrastructure involves a Certificate Authority (CA); requires a public/key pair; person generates own key pair and submits the public key to the CA. CA verifies that the person is the person who say he/she is and signs a digital certificate; reliability on

Digital Keys:

BIT Frameworks

Systems thinkers are particularly interested in studying systems because changing a system frequently leads to counterintuitive system responses. For example feedback loops may operate to either keep the organization in check or unbalance it.

Traditional decision making tends to involve linear cause and effect relationships. By taking a systems approach, we can see the whole complex of bidirectional interrelationships. Instead of analysing a problem in terms of an input and an output, for example, we look at the whole system of inputs, processes, outputs, feedback, and controls. This larger picture will typically provide more useful results than traditional methods.

System thinking also helps us integrate the temporal dimension of any decision. Instead of looking at discrete "snapshots" at points in time, a systems methodology will allow us to see change as a continuous process.

Systems Thinking is a worldview based on the perspective of the systems sciences, which seeks to understand interconnectedness, complexity and wholeness of components of systems in specific relationship to each other. Systems thinking is not only constructivist, rather systems thinking embraces the values of reductionist science by understanding the parts, and the constructivist perspectives which seek to understand wholes, and more so, the understanding of the complex relationships that enable 'parts' to become 'wholes' as noted in the example below.

Methodologies

Systems thinking uses a variety of techniques that may be divided into:

Hard systems - involving simulations, often using computers and the techniques of operations research. Useful for problems that can justifiably be quantified. However it cannot easily take into account unquantifiable variables (opinions, culture, politics, etc), and may treat people as being passive, rather than having complex motivations.

HS have an explicit objective governed by fixed rules such as those encountered in decision making.

Operational Research is a hard, well defined system

Project Management Forecasting Simulation Mathematical Programming Decision Theory

Stochastic – Statistically based on prbobablity.Deterministic – fixed inputs and known outputs

Soft systems - Used to tackle systems that cannot easily be quantified, especially those involving people interacting with each other or with "systems". Useful for understanding motivations, viewpoints, and interactions but, naturally, it doesn't give quantified answers. Soft systems is a field that the academic Peter Checkland has done much to develop.

Soft systems looks at the “What?” of the system; What to do to achieve an improvement, Usually analysis before application or implementation

SSM Considers:

Systems that could be envisaged Human activity Clarification of the problem Improve the understanding Based on Ideas:

Examine Learn about and Study Understand Select and Focus

Analysis- defines and selects options.

Hard systems look at the “How?”: How to achieve and test the selected option

HSM Considers:HS analysis addresses those parts of enterprise that have a tangible formTechniques to address those problems:

Identify cost/savings Improve methods Develop User Requirements

Soft System Analysis:

Taking an Overview Understanding complexity Learning Identifying weakness Understanding relationships

Identifying Systematically Desirable Factors Information needs Ideal relationships Necessary Activities Communication links

Developing ModelsLogical thinking

CATWOE

Clients – customers of the system, those who benefit from the outputs from the systemActors – who carry out the activities within the systemTransformation – the change that takes place within the system or because of the system (conversion of input to output)Worldview - how the system is perceived from a particular viewpoint; assumptions made about the systemOwner of the system – to whom the system is answerable and who could cause it to cease to existEnvironment – world that surrounds and influences the system, but has no control over it.

Summary:

Provides guidelines for examining an organisation with view of clarifying improvements (if possible)

Does not require strict adherence to procedures or rules, but sometimes certain rules assist in practice

Difference between SSM & other approaches is the specific inclusion of systems thinking stages

Takes an explicit distinction real-world and systems-world activity

Actions by analysts are Fact finding activities Can be used by analyst in any order Encourages a process of iteration as the

analysts knowledge increases Encourages analyst to examine the situation

from a number of different viewpoints Establishes a basis for a debate with a client

about possible changes A participative approach, valuable even if

participation is limited.

Seven Stages of SMM:

1. Unstructured Problem Situationfind as much info as possible, accept many different views,|2. Expressed Problem SituationDrawing rich pictures, show problem and relationships|3. Root DefinitionsTighten the constructed description of human activity system, Use the CATWOE technique|4. Build Conceptual ModelsLogical model of key activities and processes to satisfy root definition|5. Compare conceptual models with realityDifferent alternative models can be compared to reality|6. Accessing feasible and desirable changeAn analysis of the proposed changes can be made, feasible and desirable?|7. Action to improve the problem situationApplication of the model. SSM does not describe methods for implementing solutions! Only provides a framework through which problem situations can be understood.

From this, you can use alternative methods such as SSADM Structured Systems Analysis & Design Methodology or RAD if considering the development and implementation of an information system.

Guidelines for Rich Pictures:

Elements of Structure – aspects or components that are relatively stable or change very slowly

Elements of Process – aspects of a situation that undergo change or in a state of flux

Relationship between structure and process and between processes – how does structure affect or condition the process or other processes.

Include human activities like opinions, gossip, hunches, interpersonal relationships, perceptions etc…

Areas of concerns, actual or potential issues or problems should also be shown.

Don’t impose a system on a rich picture drawing (ie a flowchart)

Understanding the boundaries vs. the environment which the system resides

Narrow the system of interest, show relationships between them

Inputs into the system from the environment The Outputs of the system, desired and

undesired, planned and unplanned.

Conceptual modelling should be:

Holistic impression of the system Use verbs to describe Group together generic activities Verify the model by comparing it to the real

world

Systems Dynamics (SD)

System is viewed in terms of elements and flows.

Flows being relationships between elements Considered simple and unitary Considers behaviour as caused by the structure

Viable Systems Diagnosis (VSD)

Focuses on organisation than structure Diagnosing problems in the organisation Model machines well, but not predictable Cybernetic approach Complex and unitary

Strategic Assumption Surfacing & Testing (SAST)

Focuses on the participants involved in a problem conext

Human & political context and not on the supposed characteristics the problem context

Metaphors: machine, organism, brain Simple & Pluralist

Interactive Planning (IP)

Planning should be continuous, holistic, and participative

Process of planning is more important than the actual plan

5 steps: formulating mess, ends planning, means planning, resource planning

Complex & Pluralist

Total Systems Intervention (TSI)

Employs a range of systems metaphors to encourage creative systems thinking

Choice of appropriate systems methodology Meta-methodology Appreciate strengths and weaknesses of

methodologies

Internet Systems:

Object Model Objects are modular Complex and interrelated Use methods Objects have attributes Inheritance Encapsulation Use of message to communicate Building of classes Polymorphism

Relational Model Data is represented as mathematical relations Subset of the Cartesian product Data is operated upon by means of relational

algebra Permits logical model of info

Building blocks: Domain (data type) Tuple (ordered set of attributes) – row Table is a visual representation of a relation Dependency is enforced through referential

integrity

TCP – Addressing mechanism for each machine that provides a way to transmit a message to an address or host, IP packs it and TCP delivers it.

* it enables two hosts to establish a connection.

IP – protocol specifies the format of packets or datagrams, only allows you to pack it and address it

IP number – unique identifier, dotted quad notation

DNS – Domain Name Services, stores and maps host names with domain names (resolves); Performs tasks as routing and addressing;

DNS can be visualized as an inverted tree.; BIND is the open source application (Berkeley Internet Name Domain)

Allows massive scaling compared to multiple hosts file.

Sequence of a Webpage request:

1. URL is typed into a browser on a client machine, browser sends the HTTP request

2. DNS is used to resolve the domain name, host name

3. TCP session makes attempt to connect to the web server

4. If a web server exists and can be connected to, then GET request is issued.

5. HTTP servers listen and respond to HTTP GET requests

6. Very simple protocol

7. Look for requested name page in file system

8. Return the page or throw error if not exist.

Methodologies (Internet Systems)

Structured Systems Analysis and Design MethodologySSADM a waterfall method by which an IS design can be arrived at; SSADM can be thought to represent a pinnacle of the rigorous document-led approach to system design, and contrasts with more contemporary Rapid Application Development methods such as DSDM.

SSADM method involves the application of a sequence of analysis, documentation and design tasks concerned with:

Analysis of the current system Outline business specification Detailed business specification Logical data Design Logical process design Physical design

JAD (Joint Application Development) is a methodology that involves the client or end user in the design and development of an application, through a succession of collaborative workshops called JAD sessions.

In comparison with the more traditional practice, is thought to lead to faster development times and greater client satisfaction, because the client is involved throughout the development process. In comparison, in the traditional approach to systems development, the developer investigates the system requirements and develops an application, with client input consisting of a series of interviews.

A variation on JAD, rapid application development (RAD) creates an application more quickly through such strategies as using fewer formal methodologies and reusing software components.

Agile DevelopmentMost agile methods attempt to minimize risk by developing software in short timeboxes, called iterations, which typically last one to four weeks. Each iteration is like a miniature software project of its own, and includes all the tasks necessary to release the mini-increment of new functionality: planning, requirements analysis, design, coding, testing, and documentation.

Agile methods emphasize realtime communication, preferably face-to-face, over written documents. Most agile teams are located in a bullpen and include all the people necessary to finish software. At a minimum, this includes programmers and their "customers." (Customers are the people who define the product. They may be product managers, business analysts, or actual customers.) The bullpen may also include testers, interaction designers, technical writers, and management.

Agile methods also emphasize working software as the primary measure of progress. Combined with the preference for face-to-face communication, agile methods produce very little written documentation relative to other methods. This has resulted in criticism of agile methods as being undisciplined hacking.

DSDM is characterized by tight timescales and budgets. DSDM addresses the problems that frequently occur in the development of Information Systems with regards to going over time and budget and other common reason for project failure such as lack of user involvement and top management commitment

Cornerstones of development using DSDM:

Delivering a system that addresses the current business needs.

No system is build perfectly in the first try Project delivery should be on time, on budget and with

good quality The requirements for the IS need to be flexible. As will

be addressed later, flexible requirements are important enablers of DSDM.

DSDM only requires each step of the development to be completed far enough for the next step to begin

The project teams need to be empowered

Prerequisites: Clearly define and prioritize the requirements possibility of decomposition into smaller parts

enables the iterative and incremental properties of DSDM

extensive testing and validation that is involved is not well suited for DSDM, also hard or difficult project are not well suited as well since focus on on time and on budget

Extreme Programming (XP)The main aim of XP is to lower the cost of change. In traditional system development methods (like SDM) the requirements for the system are determined at the beginning of the development project and often fixed from that point on. This means that the cost of changing the requirements at a later stage in the project—not unthinkable in a rapidly changing business—will be very high.

Fine scale feedback Test driven development Planning game Whole team (original name: Onsite customer) Pair programming

Continuous process rather than batch Continuous Integration Design Improvement (original name: Refactor) Small Releases

Shared understanding Simple design System metaphor Collective code ownership Coding standard or Coding conventions Programmer welfare Sustainable pace

Open Source Development Modelsoftware developed using the Bazaar model should exhibit the following patterns:

Users should be treated as co-developers. Early Releases and Release Often Frequent Integration Several Versions High Modularisation Dynamic Decison Making Structure Many users view the source code they will eventually

find all bugs and suggest how to fix them, this includes many testing enviroments as well