Getting started with Polymer

In my interest to understand the material design concepts I was trying to put my hands on to it and working with it. Here are my initial challenges in doing so also this post would be useful for beginners and Web designers to understand the skills required.

Best way to get started is to have to go through the youtube videos available on search on the youtube for Google I/O 2014 material design or Google Design channel.  You will be able to get very intriguing insights on why we should adopt such material design concepts.

When I try to work on it I want to hit the ground very fast I was following Polymer Getting started guide . You need to heavily depend upon two things for get things going one is nodejs and another is git.

It uses packages like Bower, Gulp, etc., for you to use the Polymer start kit which will help you start with an App with ease. Make sure you know how to setup environment variables and stuff like that. If you have sublime editor to edit the files its easy you can get the app going within an hour without much hassles.

My quick result on localhost with gulp serve:

Material Design Approach

Give a try and give your feedback. 🙂


CWRAF – Common Weakness Risk Assessment Framework

Source: Wikipedia

Anything which needs to be managed before an event occurs termed to be Risk. When it comes to building or using software in a business scenario needs lot of assessment of risk. I came across CWRAF from a not-for-profit organization MITRE which provides a comprehensive framework to address security risk for application in the business context using Vignettes.Typical risk management framework from wikipedia is given in wikipedia.

There is also an excellent paper which refer information security in analogy with “Clean Water Act” and how CWRAF can help in the process. Its worth reading. Interestingly CWRAF framework starts from weakness where any other risk framework starts from the Threat. Its always weakness becomes a Threat so CWRAF addresses the risk from that perspective.

Also its very important to understand that there could be generic Security guidelines such as OWASP Top 10 which are followed while developing or implementing a product, but there are very high chances that those security guidelines are CWRAF Framework Stepseither not sufficient or not needed. This is to be determined based completely on the business need. This is were CWRAF using the CWSS (Common Weakness Scoring System) comes to the rescue.

The steps outlined in the below given picture will hep you to understand the steps involved in establishing risk assessment for a business need. Please note that already vignettes are available form the CWRAF website for E-Commerce, Banking, SCADA based applications which can be refined or reused.

Memcached : Simple Q & A

What is Memcache ?

Memcache is a caching system used to speed up the performance of web applications as a whole.


Memcached is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering. – Source:

Why to use Memcache?

It typically caches data and objects in RAM for faster delivery instead of reading an External storage whenever the request is made.

Typical applications which uses Memcache ?

Wikipedia, Youtube, Twitter to name a few. Exhaustive list available in

Is it open source, when does its development started?

Yes, Memcached development was started in 2003 by Brad Fitzpatrick for LiveJournal

Typical scenario it would be powerful?

As its a distributed system when it is deployed on a cluster it can consolidate memory and can be very handy to provide quick response through its caching mechanism.

Is there a pointer where I can understand ?

Look at this interesting fable here:

Introduction to Microservices

“Microservices” is basically an architectural style to develop a single application having small services which can communicate using Lightweight mechanism such as HTTP resource API. This would be most suitable when you have multiple interfaces which you would like to consume in the end-user scenario. Probably this post would be a summary of the Keynote from Martin Fowler.

Also microservices are nothing but a meaningful subset of SOA. so it can never by considered as an alternative or to replace SOA.


Why Microservice?

  • Monolithic puts all functionality under one application process where in Microservice puts features/services into a separate servics.
  • During the deployment to a distributed environment monolithic service has similar replica of its services where in Microservices  can be deployed based on the need basis.

Common characteristics outlined in his talk are:

  1. Componentization via services
  2. Organized around business capabilities
  3. Products not projects
  4. Smart end points and dumb pipes
  5. Decentralized Governance
  6. Decentralized Data management
  7. Infrastructure Automation
  8. Design for failure
  9. Evolutionary design

Few important takeaways according to me:

  1. Componentization via Services: The componentization during development should be in such a way that it is independently replaceable and upgradable. Microservices uses the library and services can be built as components.
  2. Organized around business capabilities: Whenever the applications are built generally the teams are divided as UI, Middleware and DBAs. Instead the team should be organized around the communication channel in the business according to Conway’s law. These microservices dev teams are cross functional teams which has an broad spectrum resources with UX, Persistent Storage and project management knowledge. This helps align quicker to understand the business context in faster ways

We will discuss more on the other takeaways in the upcoming post.

SOA: Understanding the terminology

You might have came across this term many times. This post attempts to provide different perspectives available in different sources for this term “SOA”. Don’t miss this wonderful SO thread on the subject.


Service-Oriented Architecture (SOA) is an architectural style that supports service-orientation.

Service-orientation is a way of thinking in terms of services and service-based development and the outcomes of services.

A service:

  • Is a logical representation of a repeatable business activity that has a specified outcome (e.g., check customer credit, provide weather data, consolidate drilling reports)
  • Is self-contained
  • May be composed of other services
  • Is a “black box” to consumers of the service


Also look at this page of Martin Fowler which outlines various ambiguity around the topic. Key ambiguity issues outlined there are as follows:

  1. SOA is considered to be exposing software through web services
  2. Asynchronous messaging exchange
  3. Systems communicate over standard messaging infrastructure such as SOAP/WSDL

When Continous integeration is most needed?

Do we need to adopt continuous integration everywhere when we do development ? or Where its most applicable? This post is an attempt to find a answer to that question.

According to ThoughtWorks “Continuous integration is a development practice that helps developers to adopt several check-ins to the code they have developed multiple times in a day”. 3 important benefits stated for Continuous integration:

  1. Help detect defects and  remove them early
  2. Avoid last minutes integration failures
  3. Eliminate waiting time to check if your code will work post-integration without any problems

Now coming back to the question, following could be the reasons:

  1. Whenever you are into agile projects features has to be delivered at ease and fast.
  2. When there are distributed teams involved in development
  3. Multiple components are to be integrated to  a single product or solution
  4. Whenever there is need to build the entire source whenever someone check-in the code
  5. Provides transparency across developers on the build process and its outcomes. Helps to improve the overall ability to fix issues as it occurs.