注明： 此答案皆为原创，得分多少与博主无关

40/50

20/50

15/20

10/20

10/20
4.What tech are proposed?

10/30

1. What is global data? and why is it needed in a structures programming?

Global data is a variable with global scope, meaning that it is visible through the program.
In other words, it can be put it in anywhere in the program and you can use it any where.

They can be used to avoid having to pass frequented-used variables continuously througth many functions. We can store the value which we need to write in the program for many times. And when we need to change it, we don't need to change every place it is used.

2.Show how to treat the global data in OOP and describe the reason why global data in OOP is treated like that.

In OOP, when we need to use the global data, we just import the file where we store the global data.And when we want to change the data , we chage the file not in the codes.
 

We treat it like that as they are usually considered bad practice precisely because of their non-friendly. A global var has an unlimited potential for creating mutual dependencies, and adding mutual dependencies in creases the complexity. It will be modified everywhere in OOP

How are heap and stack used in OOP? Are there any issues there?
 

In OOD,
 

The heap is memory set aside for dynamic allocation.You can allocate a block  and free it at any time.In a heap, there is no particular order to the way items are placed. You can reach in and remnove items in any order because there is no clear top item.

The stack is the memory set aside as scratch space for a thread of execution. Whne a function is called, a block is reserved on the top of the stack for local variables. When the functions return ,the block becomes unused and canbe used the next time.

Stack is much faster than heap and variables stored in don't need a pointer to use.The heap is slower than stack but the memory for heap is much larger.
 

When you initial a variable ,itis stored on the stack;When you new an object in OOD. it stored on the heap and you use a pointer to point it

1.Describe what technologies enable a packet capture to capture packets in local networks.

The original of the Wireshark:
The technology lets the user put network interface controllers into promiscuous mode (if supported by the network interface controller), so they can see all the traffic visible on that interface including unicast traffic not sent to that network interface controller's MAC address. However, when capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all traffic through the switch is necessarily sent to the port where the capture is done, so capturing in promiscuous mode is not necessarily sufficient to see all network traffic. Port mirroring or various network taps extend capture to any point on the network.
 

The tech:

Color coding:
UDP traffic and TCP packets
Link : MAC address

Software: use a P2P software?

EIGPR technology

1. How are "heap" and "stack" used in OOP? Are there any issues there?

The stack is a place in the computer memory where all the variables that are declared and initialized before runtime are stored. The heap is the section of computer memory where all the variables created or initialized at runtime are stored. [1] You can reach in and remove items in any order because there is no clear 'top' item, but data is stored in stack using the Last In First Out (LIFO) method. Stack is a section of memory and its associated registers that is used for temporary storage of information in which the most recently stored item is the first to be retrieved. Heap is slower than stack but the memory for heap is larger.

In OOP,Most object-oriented languages have some defined structure, and some come with so-called main() function. When a program begins running, the system calls the function main() which marks the entry point of the program. For example every C, C++, or C# program must have one function named main(). This storage will be allocated in the heap memory segment.Memory space for objects is always allocated in heap. Objects are placed on the heap.
Built-in datatypes like int, double, float and parameters to methods are allocated on the stack.Even though objects are held on heap, references to them are also variables and they are placed on stack.
The stack segment provides more stable storage of data for a program. The memory allocated in the stack remains in existence for the duration of a program. This is good for global and static variables. Therefore, global variables and static variables are allocated on the stack.When a program is loaded into memory, it takes some memory management to organize the process. If memory management was not present in your computer memory, programs would clash with each other leaving the computer non-functional.[2]

In other words,

when you initial a variable, it is stored on the stack. When we 'new' an object, it's stored on the heap and you use a pointer to use it.

Issues?

There is no pointer and it's much faster to use than heap. The size of the stack is set when a thread is created, so stack overflow can happen when too much of the stack is used.It's slower than stack.The size of the heap is set on application startup is needed but memory leaks still happen.

2. Describe those in case of Java considering thread.

In Java, When you create an object using the new operator, for example myobj = new Object();, it allocates memory for the myobj object on the heap. The stack memory space is used when you declare automatic variables.
When you do a string initialization, for example String myString;, it is a reference to an object so it will be created using new and hence it will be placed on the heap.

Both stack and heap are memory areas allocated from the underlying operating system. In a multi-threaded environment each thread will have it's own cimpletely independent stack but they will share the heap. Concurrent access has to be controlled on the heap and is not possible on the stack.
The stack is attached to a thread, so when the thread exits the stack is reclaimed. The heap is typically allocated at application startup by the runtime. Although it can grow space and Java has the Java GC mechanism to recycle unreferences objects but memory leaks still happens.[3]

References:
[1] http://www.maxi-pedia.com/what+is+heap+and+stack
[2] http://www-ee.eng.hawaii.edu/~tep/EE160/Book/chap14/subsection2.1.1.8.html
[3] https://stackoverflow.com/questions/79923/what-and-where-are-the-stack-and-heap

1. Why has " reflection" of Java been introduced?

In computer science, reflection is the ability of a computer program to examine, introspect, and modify its own structure and behavior at runtime. Reflection can be implemented for languages not having built-in reflection facilities by using a program transformation system to define automated source-code changes.[1]

Basic function

In Java, The first major role of the Java reflection API is to get the internal structure of the program at run time. This is a very useful feature for program inspection tools and debuggers. Only a short span of more than a dozen lines of code, you can traverse the internal structure of a Java class, including one of the constructor, the declaration of the domain and the definition of methods.  Another function of the reflection API is to manipulate a Java object at run time. These operations include dynamically creating an object of a Java class, getting the value of a field, and invoking a method. The operations on classes and objects written in Java source code can all be done through the reflection API at runtime.


Dynamic proxy: Dynamic proxy use of the scene is more extensive. Dynamic proxies are available where you need to use the methods in AOP to intercept functionality. The AOP implementation of the Spring framework also uses dynamic proxies by default. However, the dynamic proxy JDK only supports the proxy interface, can not provide a common Java class proxy. However, this implementation has been used most of the time.


In some cases, you may need to load a Java class from a remote location to execute.
 For example, a client-side Java program can be downloaded from the server side through the network Java class implementation, which can be automatically updated mechanism. When the code logic needs to be updated, only need to deploy a new Java class to the server. The general practice is through the custom class loader to download the class byte code, define the Class object, and then through the newInstance method you can create an instance. However, this approach requires the client and server have a definition of an interface, downloaded from the server-side implementation of this interface. This can be done on the client side of the type conversion, and through the interface to use this object instance. If you want the client and server to adopt a more loose contract, use the reflection API. The contract between the two just needs to be sufficient at the level of the method's name and parameters. Server-side Java class does not need to achieve a specific interface, can be a general Java class.[2]



2.Why has "secure channel” been introduced ? Show its techniques. Then, what remains as issues?

A secure channel is a way of transferring data that is resistant to overhearing and tampering. A confidential channel is a way of transferring data that is resistant to overhearing (i.e., reading the content), but not necessarily resistant to tampering. An authentic channel is a way of transferring data that is resistant to tampering but not necessarily resistant to overhearing.[3]
 

The techniques are TEA/DES/IDEA/AES.

All the secure channel can be encryped by violence encryption if you have enough disk sourse and time.

 

3. Why is XML needed instead of HTML? Then what techniques are required to satisfy it?
 
I think it means XML in web service.

External data representation and marshalling of messages exchanged between clients and web services is done in XML.SOAP protocol specifies the rules for using XML to package messages.

XML is a markup language defined by the World Wide Web Consortium (W3C). Both XML and HTML were derived from SGML (Standardized Generalized Markup
Language). But HTML is used to specify how a browser could display the text and XML is used to describe the logical structure of the data.

 XML defines a textual format for representing structured data
– Originally intended for documents containing textual self-describing structured data
– Now also used to represent the data sent in messages exchanged by clients and servers in web services

 XML in web service: clients usually use SOAP messages to communicate with web services.
– SOAP message is in XML format whose tags are published for use by web services and their clients

XML is readable but large. However, files and messages can be compressed

XML security consits of a set of related W3C designs for signing, key managemnet and encryption.

4. Why is supervisor mode supported by kernel? And show its advantage and disadvantage.

Supervisor mode is a mode of execution in a device in which all instructions, including privileged ones, can be performed by the processor. It is thus capable of executing both input/output operations and privileged operations. The operating system of a computer usually operates in this mode.

Advantage:
Supervisor mode helps in preventing applications from corrupting the data of the operating system. The operating system runs in kernel mode or supervisor mode, it is protected from user tampering by the hardware whereas compiler and editors run in user mode.

Reason and Disadvantage comparing with user mode:

    The unrestricted mode is called supervisor mode or kernel mode, and the restricted one is called user mode.
    The operating system runs in kernel mode or supervisor mode, it is protected from user tampering by the hardware whereas compiler and editors run in user mode.
    If a user wants to write a new compiler and replace the provided one she can do it, but she is not free to write her own clock interrupt handler, which is part of the operating system and is normally protected by hardware against attempts by users to modify it.
    User modes does not allow operations like writes to random memory, to protect programs from one another whereas the supervisor mode allow such operation as the operating system needs such kind of stuff.[4]



[1] https://en.wikipedia.org/wiki/Reflection_%28computer_programming%29
[2] reflection in infoq http://www.infoq.com/cn/articles/cf-java-reflection-dynamic-proxy
[3] https://en.wikipedia.org/wiki/Secure_channel  
[4] https://www.techopedia.com/definition/22400/supervisor-mode

Explain process switching mechanism

1. Several processes run together
2. Consider shared procedures among processes


A process switch is a operating system scheduler change from one running program to another. This requires saving all of the state of the currently executing program, including its register state, associated kernel state, and all of its virtual memory configuration. All of the state of the new program is then loaded and execution continues.

When the router receives a packet that is to be processed, the router stores this packet in memory. The routers processor is then interrupted informing it that there is a packet waiting to be processed. The router inspects the packet and places it in the input queue of the appropriate switching process.

When the switching process runs, it checks the routing table to determine the next-hop and outbound interface for the destination of the packet. It also determines the layer 2 address (e.g. MAC address) of the next-hop by consulting a table such as the ARP cache. Armed with this information, the switching process rewrites the layer 2 header of the packet. The packet is then sent out through the determined outbound interface.[1]

The issue with process switching is that the process described above happens for every packet, making it quite slow. Recent IOS versions have CEF  as the default switching method for IP but we can enable process switching using the no ip route-cache interface configuration command.[1]
 

Reference:
[1] http://resources.intenseschool.com/packet-switching-methods-process-switching-fast-switching-and-cef/

Why has distributed hash table been introduced in the field of big data treatment?
And describe its advantage and disadvantage.


Hash table is a data structure which implements an associative array abstract data type, a structure that can map keys to value.
The explosive growth in big data has attracted much attention in designing efficient indexing and search methods. In many critical applications such as large-scale search and pattern matching, finding the nearest neighbors to a query is a fundamental research problem.[1] So, hash table is an efficient way to manage the data by a key value, which is also an application of map-reduce.

 Advantages

    Main advantage is synchronization.
    In many situations, hash tables turn out to be more efficient than search trees or any other table lookup structure.[2] For this reason, they are widely used in many kinds of computer softwares, particularly for associative arrays, database indexing, caches and sets.

Disadvantages

    Hash collisions are practically unavoidable. when hashing a random subset of a large set of possible keys.
    Hash tables become quite inefficient when there are many collisions.
    Hash table does not allow null values, like hash map.

 1. Why has CAP Theorem been proposed on behalf of ACID for application development over distributed computing system?

CAP stands for Consistency, Availability ans Partition-Tolerance
ACID stands for Atomicity, Consistency, Isolation and Durability

First, I want to explain what the CAP exactly is and its relationship with ACID.(Exactly no relationship)

The CAP theorem combines the three desirable properties C (data consistency), A (data availability), and P (partition-tolerance: tolerance of inconsistencies between data stored in a distributed database where partitions are allowed).
The CAP theorem asserts that any distributed system that uses data from different locations can have at most two of the three desirable CAP properties [1].(CP or AP) The NoSQL movement has applied the CAP theorem as an argument against traditional ACID (atomicity, consistency, isolation, and durability) databases, which prioritize consistency and partition-tolerance at the cost of a potentially low availability.

The reason:
In the distributed system, CAP theorem means that the maximum of the distributed storage system can only achieve two points(either C or A). Due to the current network hardware will certainly delay packet loss and other issues, we must achieve the tolerance of the partition and no NoSQL system can guarantee these three points at hte sane time. And as the relational database, in which ACID often use, many of the main features are often useless for web2.0 sites.
In a word, NoSQL cannot achieve the strong consistency ,which is the C in ACID and the CAP theorem tells us why.

By the way,
A famous theorem in the distributed system is BASE(Basically Available, Soft state, Eventually consistent), which comes from the CAP theorem and the core is replace the C in CAP by the eventually consistent.[2] So, in NoSQL system the two operation on the same data of the key at the same time will happen exactly at a serial execution to ensure that each key-value will not be destroyed.
So, BASE is a counter concept to ACID.The system may be in an inconsistent state, but will eventually become consistent.
3. What is the problem with symmetric key method with shared keys?


One big issue with using symmetric algorithms is the key exchange problem, which can present a classic catch-22. The other main issue is the problem of trust between two parties that share a secret symmetric key. Problems of trust may be encountered when encryption is used for authentication and integrity checking.[5]

The key exchange problem

The key exchange problem is how to exchange whatever keys or other information are needed so that no one else can obtain a copy. It's a question of time and there are many ways to solve it , for example,Diffie–Hellman key exchange. It means this issue can be dealt with effectively by using asymmetric algorithms.

The trust problem
Ensuring the integrity of received data and verifying the identity of the source of that data can be very important. For example, if the data happens to be a contract or a financial transaction, much may be at stake. To varying degrees, these issues can even be legally important for ordinary email correspondence, since criminal investigations often center around who knew what and when they knew it. A symmetric key can be used to check the identity of the individual who originated a particular set of data, but this authentication scheme can encounter some thorny problems involving trust. So, we need SSL and the asyn method to ensure the security of the symm key metohd in the internet.


[1] A. Fox and E. Brewer. Harvest, yield, and scalable tolerant systems. In Proceedings of the 7th Workshop
on Hot Topics in Operating Systems, pages 174
[2] https://disco.ethz.ch/courses/hs13/distsys/lecture/chapter3 weak consistency
[3] https://en.wikipedia.org/wiki/Distributed_hash_table
[4] https://www.cs.cmu.edu/~dga/15-744/S07/lectures/16-dht.pdf
[5] Net Security and Cryptography,By Peter Thorsteinson and G. Gnana Arun Ganesh
Dec 19, 2003
 

1. Why do we need fragmentation mechanism in the Internet?

Basic knowledge[1]:

#Protocol:A protocol is a set of rules and guidelines for communicating data. Rules are defined for each step and process during communication between two or more computers.
#Maximum transmission unit(MTU):
In computer networking, the maximum transmission unit (MTU) is the size of the largest network layer protocol data unit that can be communicated in a single network transaction.( a link-layer frame can carry)

Reason:
Not all link-layer protocol can carry network-layer packets of the same size.[2] Some protocols can carry big datagrams, whereas other protocols can carry only little packets.
Each IP datagram is encapsulated within the link-layer frame for transport from onr router to the neaxt router, the MTU of the link-protocol places a hard limit on the length of an IP datagram. So, the problem is different links can carry differant link-layer protocols abd different protocols ahve different MTUs.

GOAL:
Squeeze the oversized IP datagram into the payload field of link-layer frame

Idea:
IP datagram fragmentation mechanism

2.Explain how IPV6 changed fragmentation mechanism from IPV4

Reason
The point is[3]
The IPV4 designer decided to put the job of datagram reassembly in the end system rather than in network routers.However, IPV6 does not allow for fragmentation and reassembly at intermediate routers.

Idea
How to change it?[3]
If an IPV6 datagram is too large for a router, the router simply drops the datagram and sends "Packet Too Big" ICMP error message back. Then the sender can resend the data using a smaller IPdatagram size. It means IPv6 router cannot perform packet fragmentation, the IPv6 sender may fragment an IPv6 packet at the source.
Because framentation and reassembly is a time-consuming operation. Removing it can speed it up.


It's the way IPV6 do in the fragmentation and it's the basic basic but it's not all
Next we are talking about the IPV6 fragmentation mechanism.

Expand
In the IPV6 packet header,the essential change between IPv4 and IPv6 is that in IPv6 the Don’t-Fragment-bit is always on. And because it’s always on, it’s not explicitly contained in the IPv6 packet header (see Figure 1&2). There is only one fragmentation flag in the Fragmentation Header, the “More Fragments” bit, and the other two bits are reserved. The other change was that the packet identifier size was doubled in IPv6, using a 32-bit packet identifier field. It causes a lot of problems.

Problem.2 Path Asymmetry
Reason:
The src address may be unreachable from the point of the ICMP packet's geeneration in a critical intance.
Idea:[5]
There is a case of tunneling IP-in-IP, which can burden the tunnel egress. This is further confounded in the cross protocol case of IPV6-in-IPV4 and IPV4-in-IPV6.

Problem.3 Combination of IPV6 packet fragmentation and UDP
Reason:
UDP is an unreliable datagram delivery service, so a sender of UDP packet is not expected to cache the packet and prepared to resend it.
Idea:[6]
the application itself needs to explicitly manage Path MTU, and not rely on the lower levels of the protocol stack to manage this. If the network cannot complete a UDP transaction that entails a fragmented UDP response, the transaction is repeated using smaller maximum UDP packet size, and the truncated response explicitly signals to the client to re-try the query using TCP
 

Thoughts from Geoff Huston's blog

References:

[1] https://tools.ietf.org/html/rfc791
[2] [ RFC 1191 ] Mogul, J., S. Deering, “Path MTU Discovery”, November 1990
[3] James F. Kurose, Keith W.Ross, Computer Networking A Top-Down Approach 6th edition
[4][ RFC 1858 ] Ziemba, G., Reed, D., and P. Traina, “Security Considerations for IP Fragment Filtering, October 1995
[5] [ RFC 4459 ] Savola, P., “MTU and Fragmentation Issues with In-the- Network Tunneling”, April 2006.
[6] [ RFC 5405 ] Eggert, L. and G. Fairhurst, “Unicast UDP Usage Guidelines for Application Designers”, November 2008

1. What is the difference between CORBA and Java to external data presentation and marshalling and unmarshalling?

The approaches of CORBA and Java to external data representations and marshalling:
-CORBA's common data representation (CDR)
-Java's object serialization[1]

Different machines have different primitive data reps.
External data representation is an agreed standard for the representation of data structures and primitive values.
- CORBA Common Data Rep( CDR ) for many languages
- Java object serialization for Java code only

Marshalling is process of taking a collection of data items and assembling them into a form suitable for transmission. Unmarshalling is process of disassembling (restoring) to original on arrival.

- CORBA marshals data for use by recipients that have prior knowledge of the types of its components. It uses an IDL specification of the data types.The marshalled data of CDR don't include info concering type of its contents, just the values of the objects transmitted.
- Java include the info and type info in the serialized form. Java serializes data to include information about the types of its contents, allowing the recipient to reconstruct it. It uses reflection to do this.

3. Why is transport address needed? How is it used to synchronize client process and server process? Show the mechanism

IP address is in the 3rd layer and the MAC address is in the 2nd layer.
So, I don't know the exactly meaning of the transport address.
But I guess it's something about the address of the process transport, that is IP address + port#

Transport address is necessary to communicate between the client and server.
Message passing between a pair of processes can be supported by two message communication operations: Send and Receive.
The destination and source can be process id or port number, typically (IP, port#)pair, which is the transport address, I think.

I have talked about Send and Receive. Send and Receive processes synchronize at every message and they are both blocking. Whenever a send is issued, blocks until corresponding receive is issued; Whenever a receive is issued, blocks until message arrives. And we use blocking version with multiple threads. Some threads may be blocked while others continue to be active. So, we need messages(UDP) or streams(TCP) to manage it and send it in TCP/IP layers. The messages are sent to a pair (IP, local port). And the socket is for the TCP and UDP communication in the network, just like fig.3. I think the transport addess is the identifier for the receive and send process.

Describe the following items with the reason why these technologies are needed.

AOP
AOP is used to seperate those common behaviors called cross-cutting and encapsulate them into a distinct module called aspect, improving decoupling and module reuse. AOP includes programming methods and tools that support the modularization of concerns at the level of the source code, while "aspect-oriented software development" refers to a whole engineering discipline.
AOP and OOP are literally very similar, but itis designed for two different areas of thinking. OOP abstracts the entities of the business process, their attributes and behaviors in an abstraction to get a clearer and more efficient division of logic units. The AOP is for business processes in the extraction of aspects, which is the process of dealing with a certain step in order to obtain low-coupling isolation between the various parts of logic process.
The issues that AOP tackles are AOP seperates the code of log records, performance statictics, security controls, transactions,exceptions, etc. from the business logic code. Aspect-oriented programming entails breaking down program logic into distinct parts (so-called concerns, cohesive areas of functionality). Nearly all programming paradigms support some level of grouping and encapsulation of concerns into separate, independent entities by providing abstractions (e.g., functions, procedures, modules, classes, methods) that can be used for implementing, abstracting and composing these concerns. [1]
I think it's a good way to combine the AOP and OOP to make programming. The core requirements are achieved by OOP and AOP seperates the aiming aspects to fix it and weave it which can be used for implementing, abstracting and composing these concerns.

POJO

POJO is an acronym for Plain Old Java Obeject.The term was coined while Rebecca Parsons, Josh MacKenzie and I were preparing for a talk at a conference in September 2000. In the talk we were pointing out the many benefits of encoding business logic into regular java objects rather than using Entity Beans. We wondered why people were so against using regular objects in their systems and concluded that it was because simple objects lacked a fancy name. So we gave them one, and it's caught on very nicely.[2]

The term 'POJO' initially denoted a Java object which does not follow any of the major Java object models, conventions, or frameworks. It does not extend prespecified classes or implement prespecified interfaces or contain prespecified annotations. So it got  widely accepted because of the need for a common and easily understood term that contrasts with complicated object frameworks.

The problems trying to solve
POJO can be understood in essence as a simple entity class. Pojo class is used to facilitate the programmers to use the data table in the database. Pojo class can easily be used as an object, so ,it's also easy to call get and set method. What's more, Pojo brings us great convenience in the configuration in the struts framework.


 
DI

In software engineering, dependency injection is a technique whereby one object supplies the dependencies of another object. A dependency is an object that can be used (a service). An injection is the passing of a dependency to a dependent object (a client) that would use it. The service is made part of the client's state.[3] Passing the service to the client, rather than allowing a client to build or find the service, is the fundamental requirement of the pattern.
This fundamental requirement means that using values (services) produced within the class from new or static methods is prohibited. The class should accept values passed in from outside. This allows the class to make acquiring dependencies someone else's problem.[4]

All in all, DI is a practice where objects are designed in a manner where they receive instances of the objects from other pieces of code, instead of constructing them internally. This means that any object implementing the interface which is required by the object can be substituted in without changing the code, which simplifies testing, and improves decoupling.

Dependency injection is also one form of the broader technique of inversion of control. Rather than low level code calling up to high level code, high level code can receive lower level code that it can call down to. This inverts the typical control pattern seen in procedural programming.


[1] AOP in wiki, https://en.wikipedia.org/wiki/Aspect-oriented_programming#Adoption_issues
[2]  "MF Bliki: POJO". MartinFowler.com.
[3] I.T., Titanium. "James Shore: Dependency Injection Demystified". www.jamesshore.com. Retrieved 2015-07-18
[4] DI in wiki, https://en.wikipedia.org/wiki/Dependency_injection