Course Overview

What you will learn

SENG 41283 Distributed & Cloud Computing is the Year 4 course that addresses the design and engineering of systems in which components located at networked computers communicate and coordinate their actions only by passing messages. It covers the full stack of distributed systems knowledge: from foundational communication models through to the cloud-native architectures that run today's internet-scale services.

You will develop four interlocking capabilities: reasoning about distributed system properties (concurrency, no global clock, independent failures); understanding communication at every level from UDP sockets to RPC, RMI, and microservices; applying correctness principles — security, replication, and distributed transactions; and working with modern cloud infrastructure — Kubernetes, containerisation, and cloud-native patterns.

4 Parts · 12 Lectures · 4 Blog Assignments · 2 Programming Exercises

Part I — Foundations (L1–L4): Characterization, system models, networking, interprocess communication.
Part II — Communication (L5–L7): Remote invocation, monolithic vs microservices, indirect communication.
Part III — Reliability & Security (L8–L10): Security, replication, distributed transactions.
Part IV — Advanced Topics (L11–L12): Cryptography, remote invocation deep dive.

Assessment: Blog Post 1 (10%) — Individual, due after L01. Blog Post 2 (10%) — Individual, due after L04. Blog Post 3 (10%) — Individual, due after L07. Blog Post 4 ×3 (15%) — Individual, due after L11. Programming Exercises (10%) — E1 after L05, E2 after L12. Final Examination (45%) — covers all four parts.

I

Foundations

Lectures 01 – 04 · The substrate of every distributed system — from definition to network protocols

Characterization of Distributed Systems
The definition, properties, types, and engineering challenges
L01 · Part I · Coulouris §1.1–1.5
01
  • Definition: components at networked computers communicating only by message passing
  • Three core characteristics: concurrency, no global clock, independent failures
  • Seven desired properties: Fault-Tolerant, Highly Available, Recoverable, Consistent, Scalable, Predictable Performance, Secure
  • Architecture types: Client-Server, Three-Tier, N-Tier, Peer-to-Peer
  • Trends: pervasive networking, ubiquitous computing, multimedia, utility computing
  • Challenges: heterogeneity, openness, security, scalability, failure handling, transparency
System Models
Physical, architectural, and fundamental models of distributed systems
L02 · Part I · Coulouris §2.1–2.4
02
  • Physical models: three generations (early, internet-scale, contemporary with cloud)
  • Architectural elements: communicating entities, communication paradigms, placement
  • Client-server vs peer-to-peer; caching, mobile code, mobile agents
  • Interaction model: latency, bandwidth, jitter; synchronous vs asynchronous systems
  • Failure model: omission, arbitrary (Byzantine), timing failures, masking techniques
  • Security model: access rights, principals, defeating threats, secure channels
Networking and Internetworking
Protocols, packet switching, routing, and IP multicast
L03 · Part I · Coulouris §3.1–3.5
03
  • Performance: latency, data transfer rate, jitter; transmission time formula
  • Network types: PAN, LAN, WAN, MAN, WLAN, WMAN, WWAN — scope and technology
  • Packet switching; data streaming (1.5 Mbps compressed video); switching schemes
  • OSI protocol stack (7 layers); encapsulation; ports (well-known, registered, private)
  • Datagram vs virtual circuit delivery; adaptive routing algorithms
  • IP multicast (Class D, 224–239.255.255.255); overlay networks
Interprocess Communication
Sockets, UDP, TCP, marshalling, and multicast
L04 · Part I · Coulouris §4.1–4.4
04
  • Synchronous vs asynchronous communication; message destinations and reliability
  • Socket abstraction; port binding; reliability and ordering guarantees
  • UDP datagrams: omission and ordering failures; DNS and VoIP use cases
  • TCP streams: ACK scheme, flow control, duplication/ordering, HTTP/FTP/SMTP
  • External data representation: CORBA CDR, Java Serialisation, XML; marshalling
  • IP multicast: fault tolerance, service discovery, event propagation
II

Communication Paradigms

Lectures 05 – 07 · Remote invocation, modern cloud architectures, and indirect communication

Remote Invocation
Request-reply, HTTP methods, RPC, and RMI
L05 · Part II · Coulouris §5.1–5.4
05
  • Request–reply protocol: doOperation / getRequest / sendReply API; message structure
  • Failure handling: timeouts, duplicate filtering, idempotent operations, history
  • Exchange protocols: R (request), RR (request-reply), RRA (with acknowledge reply)
  • HTTP methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE; status code ranges
  • RPC: service interfaces, maybe / at-least-once / at-most-once semantics; stubs, dispatcher
  • RMI: distributed object model, proxy, dispatcher, skeleton, servant, remote reference module
Monolithic vs Microservices
Architecture patterns and Kubernetes container orchestration
L06 · Part II · Supplementary Notes
06
  • Monolithic architecture: components, benefits (simple to develop/test/deploy), drawbacks
  • Microservices: per-service databases, continuous delivery, fault isolation, tech stack freedom
  • E-commerce case study: Authorisation, Order, Catalogue, Cart, Payment, Shipping services
  • Kubernetes: velocity (immutability, declarative config, self-healing), scaling, efficiency
  • Hardware concepts: Node, Cluster, Persistent Volume
  • Software concepts: Container, Pod, Replica Set, Deployment; Service and Ingress networking
Indirect Communication
Group communication, pub-sub, message queues, DSM, tuple spaces
L07 · Part II · Coulouris §6.1–6.4
07
  • Space uncoupling and time uncoupling — the two defining properties of indirect communication
  • Group communication: integrity, validity, agreement; FIFO / causal / total ordering
  • Group membership management: failure detection, address expansion, view-synchrony
  • Publish–subscribe: channel, topic, content, type-based subscriptions; centralised vs distributed routing
  • Message queues (MOM): blocking, polling, notify receive styles; FIFO and priority
  • Distributed Shared Memory (DSM) and Tuple Spaces (write / read / take)
III

Reliability, Security & Consistency

Lectures 08 – 10 · Correctness under failure: security, replication, and distributed transactions

Security in Distributed Systems
CIA triad, cryptography, authentication, signatures, and firewalls
L08 · Part III · Coulouris §11.1–11.5
08
  • CIA Triad: Confidentiality, Integrity, Availability; threat classes and attack methods
  • Eavesdropping, masquerading, message tampering, man-in-the-middle, replay, DoS
  • Symmetric vs asymmetric encryption; three roles: secrecy, authentication, digital signatures
  • Kerberos-style authentication scenario (5 steps); public key authentication scenario
  • Digital signatures with secure digest functions — step-by-step scenario
  • Digital certificates (three-part structure); firewalls; MD5 and SHA-1 digest functions
Replication
Performance, availability, fault tolerance, passive and active models
L09 · Part III · Coulouris §18.1–18.4
09
  • Motivations: performance (caching, DNS round-robin), availability (1–p^n formula), fault tolerance
  • System model: replica managers, recoverability, static vs dynamic configurations
  • Five phases of a single request: Request, Coordination, Execution, Agreement, Response
  • Ordering guarantees: FIFO, Causal, Total; central lock server; token passing ring
  • Passive (primary-backup) replication: five-step sequence, linearisability guarantee
  • Active replication: state machine model, sequential consistency; read-one/write-all transactions
Distributed Transactions
Coordinator, two-phase commit, and nested transactions
L10 · Part III · Coulouris §17.1–17.4
10
  • Flat vs nested distributed transactions; parallel banking subtransaction example
  • The coordinator: TID structure (server ID + sequence number), participants, join operation
  • One-Phase Commit (1PC) and its fundamental limitation — no unilateral abort
  • Two-Phase Commit (2PC): prepared state, voting phase, completion phase, five operations
  • Drawback — the blocking problem: uncertain state, held locks, extensive delays if coordinator fails
  • Nested 2PC: provisional commit vs prepared state; subtransaction state machine; abort propagation
IV

Advanced Topics & Deep Dives

Lectures 11 – 12 · Cryptography in depth and a complete revisit of remote invocation

Cryptography
Conventional encryption, public key, PGP, hash functions, and certificates
L11 · Part IV · Supplementary Notes (Cryptography.docx)
11
  • Cryptographic foundations: plaintext, ciphertext, keys, algorithms, cryptanalysis
  • Conventional (symmetric) cryptography; Caesar's Cipher as a concrete worked example
  • Public key cryptography (Diffie–Hellman 1975): ElGamal, RSA, Diffie-Hellman, DSA
  • PGP — hybrid cryptosystem: compress, session key, encrypt message, encrypt session key
  • Digital signatures: encrypt digest with private key; verify with public key
  • Hash functions; digital certificates — three-part structure and purpose
Remote Invocation — Deep Dive
Message identifiers, failure model, R/RR/RRA, RPC and RMI design
L12 · Part IV · Supplementary Notes (Remote_Invocation.docx)
12
  • Message identifiers: two-part structure (requestId + sender process ID); reset at 2³²–1
  • Failure model: timeouts, duplicate filtering, idempotent operations, history (cost and purpose)
  • Exchange protocol variants: R, RR, RRA — semantics, trade-offs, and when to use each
  • HTTP methods revisited: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE
  • RPC implementation: client stub, dispatcher, server stub; auto-generated from interface definition
  • RMI design: object references, interfaces, actions, exceptions, garbage collection; distributed object model

Assessments

Assignments & Examinations

Blog Post 1 · Individual

Distributed System Technology Deep Dive

Due: After Lecture 01 · Submission via Medium · 600–1500 words

Write a blog article on a real-world distributed technology selected by the last digit of your student index number. Cover: what the technology is, how it is used, what type of distributed system it represents, and how it preserves the seven desired properties from Lecture 01.

  • [0] Blockchain  [1] Hadoop  [2] Redis Clustering  [3] CDN
  • [4] HBase  [5] Apache Spark  [6] Kafka  [7] DNS
  • [8] Google Search Engine  [9] Torrent
  • Original work only — plagiarism checking enforced
5% of Final Grade

Blog Post 2 · Individual

External Data Representation & Marshalling

Due: After Lecture 04 · Submission via Medium · 600–1500 words

Compare and contrast the three approaches to external data representation and marshalling covered in Lecture 04. Include technical design, strengths and weaknesses in different distributed contexts, and illustrative code examples.

  • CORBA CDR — Common Data Representation for distributed object systems
  • Java Object Serialisation — flattening of object graphs, serialVersionUID
  • XML — textual self-describing format, SOAP web services
  • Extension ideas: Protocol Buffers, MessagePack, Apache Avro
5% of Final Grade

Blog Post 3 · Individual

RabbitMQ Work Queue Experiment

Due: After Lecture 07 · Ref: rabbitmq.com/getstarted.html · Hands-on required

Implement the RabbitMQ Work Queue tutorial in any preferred language, then write a blog article explaining the important concepts through the lens of your practical experiment. Include observations, timing results, and at least one failure scenario tested.

  • Producer / queue / consumer pattern; durable vs transient queues
  • Message acknowledgement (basic.ack), requeue on failure
  • Round-robin vs fair dispatch; prefetch count (basic.qos)
  • When to use message queues vs synchronous RPC
5% of Final Grade

Blog Post 4 · Individual · 3 Articles

Cryptography Algorithm Series

Due: After Lecture 11 · Three separate Medium articles required

Write three separate Medium articles covering cryptographic algorithms used in securing distributed systems. Each article must demonstrate conceptual understanding and practical relevance with references to real-world protocols.

  • Secret-Key (Symmetric) Algorithms — AES, DES, 3DES, ChaCha20; key exchange problem
  • Public-Key (Asymmetric) Algorithms — RSA, ElGamal, Diffie-Hellman; TLS handshake
  • Secure Digest Functions — MD5, SHA-1, SHA-256; HMAC; use in signatures and certificates
5% of Final Grade

Programming Exercise 1 · Individual

Java RPC — HelloWorld System

Due: After Lecture 05 · Medium article + code · Ref: examples.javacodegeeks.com/jax-ws-hello-world-example-rpc-style

Design a HelloWorld system incorporating Java RPC (JAX-WS RPC-style) and publish a Medium article documenting the implementation. Explain RPC concepts through the lens of your experiment. Plagiarism is checked — write in your own words with your own code.

  • Implement JAX-WS HelloWorld service and client
  • Explain: service interface, stubs, dispatcher, marshalling
  • Describe what happens over the wire (request-reply protocol)
  • Submit Medium article link + GitHub repository link via LMS
5% of Final Grade

Programming Exercise 2 · Individual

Java RMI Experiment

Due: After Lecture 12 · Medium article + code · Ref: baeldung.com/java-rmi

Implement a Java RMI Hello or Calculator service and client, then write a Medium article explaining the concepts through your experimental observations. Plagiarism is checked — write in your own words with your own code.

  • Implement remote interface extending java.rmi.Remote; throw RemoteException
  • Implement server extending UnicastRemoteObject; bind to RMI registry
  • Implement client using LocateRegistry.getRegistry() and lookup()
  • Cover: stub generation, registry, remote exceptions, comparison with RPC
  • Submit Medium article link + GitHub repository link via LMS
5% of Final Grade

Final Project · Individual · Azure Cloud

Hands-on Cloud Services — Azure Infrastructure Implementation

Due: End of Semester · GitHub + Medium + YouTube · Reference Article ↗

Implement the cloud infrastructure architecture described in the reference article using Microsoft Azure under your University student account (KelaniNetId@kln.ac.lk). You are not required to build complex application logic — the evaluation focuses on your cloud infrastructure setup and your ability to explain what you have done. Open-source sample code repositories may be used for the application layer.

  • Azure Setup — Activate Azure Dev Tools via your University email at signup.azure.com/studentverification; create a free trial subscription
  • Required Services — CDN · Azure AD · Key Vault · Front Door · Web Apps · Azure Functions · MySQL · Azure Cache for Redis · Azure Storage · Application Insights · Firewall (Network Restrictions)
  • ARM Templates — Provide Azure Resource Manager (ARM) infrastructure-as-code templates for the full architecture; commit to a public GitHub repository
  • Medium Blog Article — Write a detailed article on Medium explaining what you built, how each service was configured, what challenges you encountered, and what you learned; include architecture diagrams and screenshots
  • YouTube Video — Record a video walkthrough of your implementation demonstrating the running system; link the video inside your Medium article; submit the YouTube URL via LMS
15% of Final Grade

Final Examination

Comprehensive End-of-Semester Examination

Examination Period · Covers All 12 Lectures · All Four Parts

Tests application of concepts from all four parts. Emphasis on reasoning, analysis, and engineering judgement about distributed system design trade-offs rather than rote recall. Exercises from the lecture notes (e.g. UDP/TCP transmission time calculation) are examinable.

  • Part I — Foundations: definitions, system models, networking, IPC (includes calculation)
  • Part II — Communication: request-reply, RPC/RMI architecture, Kubernetes diagrams
  • Part III — Security & Correctness: draw authentication flow, 2PC message sequence
  • Part IV — Advanced: cryptography scenarios, remote invocation deep analysis
55% of Final Grade

Your Journey

Learning path through this course

Weeks 1–2
Establish foundations. Read Coulouris Chapters 1 and 2 before lectures. Understand the three core characteristics and the physical–architectural–fundamental model framework. Complete Blog Post 1 early — the topic research deepens your understanding of the abstract system you study throughout the module.
Weeks 3–4
Master the communication substrate. Lectures 03–04 are dense but critical. Work through the exercises: calculate UDP/TCP transmission times, compare network types, understand why marshalling exists. Complete Blog Post 2 on external data representation.
Week 5 — Blog 1 & 2 Due
Programming Exercise 1 due. Java RPC HelloWorld system — complete immediately after Lecture 05 while the concepts are fresh. Submit Medium article + GitHub link via LMS.
Weeks 5–7
Apply communication paradigms. Lectures 05–07 cover the most practically relevant material. Do the RabbitMQ experiment for Blog Post 3 yourself — do not just read about it. Hands-on experimentation with failure scenarios will make the concepts concrete.
Week 7 — Blog 3 Due
Blog Post 3 due. RabbitMQ Work Queue experiment. Complete all hands-on steps — include timing data, screenshots, and your own failure scenario results in the article.
Weeks 8–10
Tackle correctness and security. Lectures 08–10 are conceptually demanding. Draw the Kerberos authentication flow diagrams by hand. Work through the 2PC protocol step by step with a concrete banking example. Understand why the blocking problem in 2PC is fundamental, not just an implementation detail.
Weeks 11–12
Synthesise and complete. Complete the three cryptography blog articles after Lecture 11. After Lecture 12, complete Programming Exercise 2 (Java RMI). Review the module by connecting cross-cutting themes: How does security relate to the failure model? How does replication relate to consistency in distributed transactions?
Final Project
Azure Cloud Infrastructure. Activate Azure Dev Tools under your University email (KelaniNetId@stu.kln.ac.lk) and implement the cloud architecture from the reference article. Set up all required services: CDN, Azure AD, Key Vault, Front Door, Web Apps, Azure Functions, MySQL, Redis, Storage, Application Insights, and Firewall. Write ARM templates, commit to GitHub, write your Medium blog article, and record a YouTube video walkthrough of your running implementation. Link the video inside the Medium article and submit both URLs via LMS.
Exam Period
Final Examination. Comprehensive examination across all four parts. Emphasis on engineering judgement and application of principles. Practise drawing the RPC/RMI architecture, the 2PC message flow, and the Kerberos authentication scenario from memory.

Course Resources

Materials & references

📘

Textbook

Coulouris et al., Distributed Systems: Concepts & Design, 5th ed., Pearson, 2012

🐇

RabbitMQ Tutorials

Work Queue tutorial for Blog Post 3 — complete all six getting-started examples

Java RPC (JAX-WS)

Reference for Programming Exercise E1 — HelloWorld JAX-WS RPC-style web service

🔗

Java RMI (Baeldung)

Reference for Programming Exercise E2 — comprehensive Java RMI tutorial with working examples

☁️

Azure Cloud Project

Reference article for the Final Project — cloud infrastructure architecture to implement in Azure

🔷

ARM Templates

Azure Resource Manager Templates — official docs for the infrastructure-as-code deliverable required by the Final Project

💻

Course GitHub

Lecture code examples, UDP/TCP Java implementations, and supplementary material

☁️

Kubernetes Docs

Official documentation for container orchestration concepts from Lecture 06

About This Module

Module Information

SENG 41283 — Distributed & Cloud Computing is delivered by Eng. Dr. Tiroshan Madushanka of the Department of Software Engineering, University of Kelaniya. The module is taught in Year 4, Semester 1 of the BSc (Hons) Software Engineering degree programme.

The module follows Coulouris, Dollimore, Kindberg & Blair, Distributed Systems: Concepts and Design (5th ed., Pearson, 2012) with supplementary notes for Lectures 06, 11, and 12. Students complement lectures with individual reading and practical blog writing exercises published on Medium.

Pre-requisites: SENG 21283 Computer Networks, SENG 21213 Computer Architecture and Operating Systems, SENG 21223 Object-Oriented Programming. Students are expected to be comfortable with Java and basic networking concepts before starting this module.

Academic integrity: All blog posts and programming exercises are checked for plagiarism using automated tools. Self-plagiarism (reusing your own earlier submissions) is also penalised. Articles should be written as if for a technically literate developer audience, not as a lecture summary.

Contact: Office hours by appointment. Please use the University LMS for all submission links, announcements, and assignment briefs. Grade feedback is released via the LMS within two weeks of each submission deadline.

Additional reading: For replication and consistency, Lamport's "Time, Clocks, and the Ordering of Events in a Distributed System" (1978) and the Google Spanner paper (2012) are excellent. For security, RFC 5246 (TLS 1.2) is directly relevant to Lectures 08 and 11. For microservices, Martin Fowler's microservices.io provides practitioner patterns that complement Lecture 06.

Software to install: Java JDK 8+ for programming exercises; Docker Desktop and kubectl for Kubernetes experiments; RabbitMQ with the management plugin for Blog Post 3; Wireshark to observe UDP and TCP behaviour first-hand during Lectures 03 and 04.