GMOD Chado: to a Model-View-Controller (MVC) architecture? Valentin GUIGNON ID, DAP, BIOS CIRAD Montpellier.

Slides:



Advertisements
Similar presentations
Introductory to database handling Endre Sebestyén.
Advertisements

Connecting to Databases. relational databases tables and relations accessed using SQL database -specific functionality –transaction processing commit.
PHP SQL. Connection code:- mysql_connect("server", "username", "password"); Connect to the Database Server with the authorised user and password. Eg $connect.
MIT Lincoln Laboratory A Service-Oriented Approach to Application Development Robert Darneille & Gary Schorer WPI MQP Presentations ICS Group 10 October.
PHP and MySQL Database. Connecting to MySQL Note: you need to make sure that you have MySQL software properly installed on your computer before you attempt.
Synera The Software That Thinks Like You Do Synera Technical Presentation.
Development of a Web Based B&B Reservation System Elizabeth Gates 22July04.
Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
1 1. SQL SERVER OVERVIEW zWhat Is SQL Server? zInterfaces To Use SQL Server zSQL Server Services zTypes Of Databases zSQL Server Security.
TimeTracker 2, Take 1  Servlets Web Interface (jsp) Servlet (business logic and processing) App Engine Datastore Form Submit R/W.
IS 4506 Database Connectivity.  Overview Two and Three-Tier C/S Architecture ASP Database Connection ODBC - Connection to DBMS Overview of transaction.
DB-19: OpenEdge® Authentication Without the _User Table
CSCI 6962: Server-side Design and Programming
1 Enrollment Reporting System Upgrade URL: Conf. Id: CONF Password: ERSA1 Phone Information: (225) Participant Code:
Session 5: Working with MySQL iNET Academy Open Source Web Development.
Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software
9/10/20151 Hyperion Enterprise 6.5 New Features & Functionality Robert Cybulski, CPA Finit Solutions.
MAHI Research Database Data Validation System Software Prototype Demonstration September 18, 2001
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
CST203-2 Database Management Systems Lecture 2. One Tier Architecture Eg: In this scenario, a workgroup database is stored in a shared location on a single.
Attacks Against Database By: Behnam Hossein Ami RNRN i { }
Supervisory Control and Data Acquisition (SCADA) Software.
M1G Introduction to Database Development 6. Building Applications.
PAPI Points of Access to Providers of Information.
Oracle Application Express Security. © 2009 Oracle Corporation Authentication Out-of-the-Box Pre-Configured Schemes LDAP Directory credentials Oracle.
Pemrograman Web MVC Programming and Design Pattern in PHP 5.
NMED 3850 A Advanced Online Design January 12, 2010 V. Mahadevan.
CSE Waitlist Made By: Peng Hu, Zhicheng Lin, Mark Mosby, Robert Pittman, and Derek Robati.
Archivists' Toolkit - CRADLE Presentation, 10 Feb The Archivists’ Toolkit CRADLE Presentation 10 Feb
CVSQL 2 The Revenge of the SQL. The present Read-only access to CVS repository logs Language is a subset of SQL XML interface for returning results Built-in.
Archivists' Toolkit - CDL Presentation, October 17, 2005 The Archivists’ Toolkit Lee Mandell Brad Westbrook.
Improving pS-PS Service Architecture , perfSONAR-PS Developers Meeting Aaron Brown, Andrew Lake, Eric Pouyoul.
©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.
Grid Chemistry System Architecture Overview Akylbek Zhumabayev.
SQL Server 2012 Session: 1 Session: 3 Introduction to SQL Server 2012 Data Management Using Microsoft SQL Server.
Zdenek Nejedly, Campus Services Rasim Duric, Lelio Fulgenzi, Deborah MacDougall, Networking Services Computing & Communications Services University of.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Web Server Administration Chapter 7 Installing and Testing a Programming Environment.
GOAL User Interactive Web Interface Update Pages by Club Officers Two Level of Authentication.
EGEE User Forum Data Management session Development of gLite Web Service Based Security Components for the ATLAS Metadata Interface Thomas Doherty GridPP.
CD Collection Hector Urtubia Fall Summary Motivation and Objective Technologies Used Project Design Database Design and Integration Demo.
DATABASE CONNECTIVITY TO MYSQL. Introduction =>A real life application needs to manipulate data stored in a Database. =>A database is a collection of.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
 Empowers to your customer  Product Rating and its Management in Ecommerce Framework  Product Reviews and Management: Collecting customer opinion about.
Martin Kruliš by Martin Kruliš (v1.1)1.
SDMX IT Tools SDMX Reference Infrastructure
Basics of JDBC Session 14.
ESG-CET Meeting, Boulder, CO, April 2008 Gateway Implementation 4/30/2008.
1 Annotations for CDS services Euro-VO Technology Forum, 17 March 2009 Web 2.0: annotations for CDS services Brice GASSMANN Sébastien DERRIERE Thomas BOCH.
ASSIGNMENT 2 Salim Malakouti. Ticketing Website  User submits tickets  Admins answer tickets or take appropriate actions.
Stored Procedures / Session 4/ 1 of 41 Session 4 Module 7: Introducing stored procedures Module 8: More about stored procedures.
Architecture Overview Server Database (can be on the server or separate ) Client1 Client2 Client3 HTTP  View ppt notes pages for discussion!
Event-Based Model for Reconciling Digital Entities Ahmet Fatih Mustacoglu Ahmet E. Topcu Aurel Cami Geoffrey C. Fox Indiana University Computer Science.
Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()
Expense Tracking System Developed by: Ardhita Maharindra Muskan Regmi Nir Gurung Sudeep Karki Tikaprem Gurung Date: December 05 th, 2008.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
All images © Mat Wright GOPI Training Technical Overview
Access Account Activation and Electronic Signature Web Application.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Unity Connection Provisioning API Matt Penning Unity.
Database and Cloud Security
Architecture Review 10/11/2004
Fundamental of Databases
Introduction to DBMS Purpose of Database Systems View of Data
Module 1: SQL Server Overview
Server Concepts Dr. Charles W. Kann.
Introduction to SQL Server 2000 Security
Offline Database Synchronization with SOAP and MySQL
Intro to Relational Databases
Introduction to DBMS Purpose of Database Systems View of Data
Presentation transcript:

GMOD Chado: to a Model-View-Controller (MVC) architecture? Valentin GUIGNON ID, DAP, BIOS CIRAD Montpellier

Summary 1.Introduction: Current Issues 2.Solutions 2.1MVC Architecture 2.2Integration to GMOD 3. Conclusion

1. Introduction: Current Issues Current Architecture: Clients have direct access to the data! Data: CHADO Database Views: GBrowse Apollo Artemis

1. Introduction: Current Issues Issues:  Access rights (DB): R or R/W  Edition history  Concurrent access  No client compatibility check  Network security

Summary 1.Introduction: Current Issues 2.Solutions 2.1MVC Architecture 2.2Integration to GMOD 3. Conclusion

2.1Solutions: MVC Architecture MVC: Model-View-Controller (T.Reenskaug,1979)‏ Model: the data stored + the read/write methods = PostgreSQL or MySQL (CHADO part)‏ View: the user interface = GBrowse, Apollo, Artemis,... Controller: handles user actions → effects = missing!

2.2Solutions: Integration to GMOD Data: CHADO Database Views: GBrowse Apollo Artemis Controller: HTTP layer (as web service)

2.2Solutions: Integration to GMOD Tasks:  Client compatibility check  User authentication  Access rights check (queries control)  History record  “Data integrity checker” / “annotation inspector”

2.2Solutions: Integration to GMOD How will it be achieved?  Client compatibility check External DB access will be closed Protocol will include version check

2.2Solutions: Integration to GMOD How will it be achieved?  User Authentication Modular: an external module will authenticate users

2.2Solutions: Integration to GMOD How will it be achieved?  Access Rights Check SQL Queries will be parsed and modified Some queries may be denied

2.2Solutions: Integration to GMOD How will it be achieved?  History Record Based on CHADO Audit “module”

Summary 1.Introduction: Current Issues 2.Solutions 2.1MVC Architecture 2.2Integration to GMOD 3. Conclusion

3. Conclusion  A new communication protocol must be set up: wrapped using HTTP(S), similar to SQL syntax  Requires client side-modification (Apollo, Artemis, GBrowse …) : probably a kind of Java DB driver just like the current ones  This solution should be submitted to the GMOD community

annotator_feature_access ( feature_idinteger [FK] annotator_idinteger [FK] access_levelinteger commenttext ); annotator ( id integer [PK] name varchar(32) salt binary(32) password binary(32) time_registrationtimestamp time_last_logintimestamp time_last_trytimestamp failed_login_counttinyint flags integer role text comment text ); Feature (from Chado DB) ( feature_idinteger [PK]... ); user_group_link ( group_idinteger [FK] user_idinteger [FK] ); user_session ( session_keyinteger [PK] user_id integer [FK] ip binary(16) time_expirationtimestamp access_querytext ); User Database 1 0..n 1 1 1

GMOD Controller User Database Authentication Module Login + Password  HTTPS Login + Password  Module Call Query user data  SQL User data Account status check Login failures check Password check Retrieve groups Create session OK: Session ID + Groups Failed: Error code + message OK: Session ID + Groups Failed: Error code + message Authentication Process view

GMOD Controller Query Process Session ID + Query  HTTPS User Database Fetch session OK: Session data Session check Modify query Audit (optional) CHADO Submit query Query results view

Modified Query: SELECT … FROM … feature f WHERE … AND f.feature_id IN ( SELECT fa.feature_id FROM feature_access fa WHERE fa.annotator_id IN ( 'UserID', 'Group1ID', 'Group2ID', … ) AND fa.access >= 1 ) …; Source query: SELECT … FROM … feature f WHERE … …; Query Modification Stored in user_session table access_query (set at session creation time)