The term vertical slice refers to a cross-sectional slice through the layers that form the structure of the software code base. It is mostly used in Scrum terminology where the work is planned in terms of features (or stories). For example, as a very basic approach, a software project may consist of three layers (or components):
In this common approach, a vertical slice means a bit of every layer. Again as an example, a new feature request like "showing x information on main screen" would contain these work bits:
Work in the UX/UI that will display the information
Work in the service layer to transform the information
Work in the database layer to store / fetch the information.
So a vertical slice can be defined as "the sum of the work that has to be done in every layer that is involved in getting a specific feature working." A vertical slice doesn't necessarily affect every component in the software. For example, if the solution contains a web service, it would live in the same "floor" as the UI, and a feature like "supporting login/logout in webservice" that involves only the web service does not require a change in the UI, but the business and database access layers.
Vertical user stories
A vertical user story encapsulates the action of one function.
An example of a vertical user story is, "As an end user I must be able to log into my company portal so that I can perform the functions of my job."
Acceptance criteria
Acceptance criteria are conditions of satisfaction. This story is "done" when the detailed functionalities are completed.
For example:
Verify that I can log into the system
Verify that my login credentials will be remembered
Verify that I can reset my own password by clicking the "Forgot Password" link
Verify that I cannot navigate back to the landing page without first logging in
Dissected by layer
As a developer, you will need to think about every file encapsulated in each layer that needs to be created and/or extended in order to complete this "Login User" story.
In software engineering, multitier architecture is a client–server architecture in which presentation, application processing and data management functions are physically separated. The most widespread use of multitier architecture is the three-tier architecture.
A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of password-protected services that a typical individual accesses can make memorization of unique passwords for each service impractical. Using the terminology of the NIST Digital Identity Guidelines, the secret is held by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol, the verifier is able to infer the claimant's identity.
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A keystroke recorder or keylogger can be either software or hardware.
Unix security refers to the means of securing a Unix or Unix-like operating system. A secure environment is achieved not only by the design concepts of these operating systems, but also through vigilant user and administrative practices.
In software and systems engineering, the phrase use case is a polyseme with two senses:
A usage scenario for a piece of software; often used in the plural to suggest situations where a piece of software may be useful.
A potential scenario in which a system receives an external request and responds to it.
passwd is a command on Unix, Plan 9, Inferno, and most Unix-like operating systems used to change a user's password. The password entered by the user is run through a key derivation function to create a hashed version of the new password, which is saved. Only the hashed version is stored; the entered password is not saved for security reasons.
A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.
Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.
A password manager is a computer program that allows users to store and manage their passwords for local applications and online services like a web applications, online shops or social media. Password managers usually simplify authentication by reducing interaction from many steps like “recall-enter-submit” to one step “submit”.
There are several forms of software used to help users or organizations better manage passwords:
There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.
A functional specification in systems engineering and software development is a document that specifies the functions that a system or component must perform.
A CCSO name-server or Ph protocol was an early form of database search on the Internet. In its most common form it was used to look up information such as telephone numbers and email addresses. Today this service has been largely replaced by LDAP. It was used mainly in the early-to-middle 1990s. The name-server was developed by Steve Dorner at the University of Illinois at Urbana–Champaign, at the university's Computing and Communications Services Office (CCSO).
Information cards are personal digital identities that people can use online, and the key component of an identity metasystem. Visually, each i-card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select one they want to use for any given interaction. The information card metaphor is implemented by identity selectors like Windows CardSpace, DigitalMe or Higgins Identity Selector.
Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.
Apple ID is an authentication method used by Apple for iPhone, iPad, Mac and other Apple devices. Apple IDs contain the user's personal data and settings. With one account, users can access all Apple products, such as the App Store and iCloud. When an Apple ID is used to log in to an Apple device, the device will automatically use the data and settings associated with the Apple ID.
SAP Logon Tickets represent user credentials in SAP systems. When enabled, users can access multiple SAP applications and services through SAP GUI and web browsers without further username and password inputs from the user. SAP Logon Tickets can also be a vehicle for enabling single sign-on across SAP boundaries; in some cases, logon tickets can be used to authenticate into 3rd party applications such as Microsoft-based web applications.
Google Authenticator is a software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm and HMAC-based One-time Password algorithm, for authenticating users of software applications.
In cryptography, the Salted Challenge Response Authentication Mechanism (SCRAM) is a family of modern, password-based challenge–response authentication mechanisms providing authentication of a user to a server. As it is specified for Simple Authentication and Security Layer (SASL), it can be used for password-based logins to services like SMTP and IMAP (e-mail), XMPP (chat), or MongoDB (database). For XMPP, supporting it is mandatory.
This page is based on this Wikipedia article Text is available under the CC BY-SA 4.0 license; additional terms may apply. Images, videos and audio are available under their respective licenses.
