CHAPTER 11 MY NOTES
NETWORKED APPLICATIONS
Application architectures
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ How application layer functions are spread among computers to deliver service to users
Thanks layering ability to separate function at different layers most application architecture can run over
TCP/IP, IPX/SPX and other standards below the application layer
Note: if you use TCP it does not care what application architecture you are using.
Important networked applications
videoconferencing
world wide web
electronic commerce
Application layer
The only layer whose functionality users see directly
TRADTIONAL APPLICATION ARCHITECTURES
Terminal-host systems, client/server architectures (both file server program access and client/server processing.
Hosts with Dump terminals
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ The first step beyond stand-alone machines still place the processing power on a single host computer but distributed input/output (I/O) functions out to user sites.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ It placed these functions in dumb terminals which sent user keystrokes to the host an painted host information on the terminal screen but did little else
Challenges
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Computer was often overloaded by the need to process both applications and terminal communication
And this resulted in slow response times
.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Resulted in high transmission cost. All keystrokes had to be sent to the host computer for processing
Generated a great deal of traffic.
To reduce transmission costs, most terminals limited the information they could display to monochrome text (one color against a contrasting background) graphics were seldom available
IBM MAINFRAME
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Uses a more complex design for their terminal-host systems that added other pieces of equipment beyond terminals and hosts.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ This extra equipment reduced cost and improved response time. In addition, IBM terminals-host systems had higher speeds that traditional terminals and so were able to offer limited color graphics.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ These advances extended the life of terminal-host systems, even these advanced IBM systems were less satisfactory than subsequent developments, including the client/serve systems described next.
Client/Server Systems
After terminal hosts systems
A big breakthrough came in form of client/server systems
They placed some power on the client computer
This was made possible by the emerge of personal computers in the 1980
File Server Program Access
The server's only role is to store programs and data files.
For processing the program is copied across the network the to the client PC along with data files
The client PC does the actual processing of the program and data files
Many client Pc's are operatively underpowered
Even the faster are usually fairly slow compared to servers
File server program access is only sufficient for word processing, email and other small application
It is not useful for large database applications.
Client/Server processing
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ In contrast in full client/server processing the work is done by programs on two machines
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ There server does the heavy processing needed to retrieve information.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ The client normally focuses on the user interface and on processing data delivered by the server
Scalability
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Client/server processing is highly scalable
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Scaling merely involves replacing the existing server with a larger server
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Or the server platform can be changed without the user noticing it.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ An application can start on a small Pc Server and then be moved successively to a large PC server, a workstation server, and even a mainframe.
Web-enabled Applications
Client/server processing requires a client program to be installed on a client PC.
Used to be extremely time-consuming and expensive
There is one client program that almost all PCs have today.
This is a browser
Many client/server processing applications are now web-enabled meaning they use ordinary browsers as a client programs
Electronic Mail/A Universal Service on the Internet
Provides mail even if not online
Offers the speed of a fax
Instant communication is possible but only if the other party is in and can take calls
Less intrusive than a telephonically
E-Mail Standards
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Message body standards
RFC 822 and RFC 2822 for all-text bodies
Html bodies
Unicode for multiple languages s
Simple Mail transfer Protocol (SMTP)
Message delivery
Client to sender's mail host
Message deliver: sender's mail host to receivers mail host
Downloading mail to client
Post Office Protocol (POP) is simple and widely used
Internet Message Access Program (IMAP) is less widely used and very powerful
Standards
Rare to use different standards
Key issue application layer standards
Message body standards ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ
RFC 2822 (originally RFC 822) ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Initial standard for e-mail has been updated to 2822
Plain text, no graphics no bold.
HTML bodies
Html became widespread on the WWW
Richly formatted text and graphics
UNICODE ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Rfc822
specified the use of the ASCII code to represent printable characters
Was developed for English
Even European languages need extra characters
The UNICODE standard allows characters of all languages to be represented
Note most mail readers cannot read all UNICODE
Simple Mail Transfer protocol (SMTP)
Standards are also needed for delivering RFC2822. HTML and Unicode messages
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Senders outgoing hosts sends the message to the receivers incoming mail host again using SMTP
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ The receiving host stores the message in the receiver's mailbox until the receiver retrieves it.
Receiving Mail (POP and IMAP)
Two standards are used to receive e-mail
Post office protocol (POP)
is the simpler standard and is more popular
mail host downloads some or all new mail to the users' client e-mail program
After a user deletes new email, email only exists on the users. Client Pc (after deletion)
Internet Message Access Protocol (IMAP)
Offers more features not as popular than POP
Web-enabled E-mail
Almost all PCs have browsers. Many mail hosts are now web-enabled,
Meaning that users only need browsers to interact with them in order to send receive and manager their e-mail.
Especially good for travelers
No special e-mail software is needed.
Any computer with a browser in an Internet cafe, home, or office will allow users to check mail.
Challenge
Tends to be very slow all the processing is done on the distant and often overloaded web server wit its server-asked main processing program.
THE WORLD WIDE WEB AND E-COMMERCE
HTTP ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Hypertext Transfer Protocol used in interactions between the browser and web server application programs
To give analogy
An e-mail message may be created using RFC 2822 standard but will be delivered using SMTP
Many application standards consist of a document standard and transfer standard.
Complex WebPages
Consist of several files
A master text-only HTmL file plus graphics files, audio and others
The HTML file merely consists of the pages text plus tags to show where the browser should render graphics files and so forth
Several HTTP request-response cycle may be needed to download a single webpage.
HTTP request response cycle example
Clients role
Clients role send HTTP request messages asking for the file and to draw the webpage on-screen
If the webpage has a java applet or another active element
The browser will have to execute it as well
the web servers role
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ the basic job is read each HTTP request message
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ retrieve though desired file from memory and create an HTTP response message that contains the requested file or a reason why it can not be delivered
HTTP request and Response Messages
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Both request messages and response headers use text formats.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ MIME is a standard for describing diffent types of file formats , so that the receiver will know how to process the file delivered in an HTTP response message (or an e-mail attachment
Electronic Commerce (Ecommerce) ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ
The buying and selling of goods and services over the internet
Adds extra functionality to a web servers basic file retrieval function
Catalog ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Must have electronic catalog showing the goods for sale
Can be created using basic HTML coding
Most merchants purchase e-commerce software to automate the creation of catalog pages an other e-commerce functionalities
Shopping cart, check out and payment functions ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Two core e-commerce functions
Shopping cart for holding goods
Check out when buyer has finished shopping
Most merchandiser use e-commerce software
Including cart maintenance and check out capabilities, and payments
Customer Relationship Management (CRM)
Many firms use CRM software
T examines customer data to understand the preferences of their customers.
This allows a company to tailor presentations and specific market offers to its customer specific tastes.
The goal s to increase the rate of conversions
Browsers becoming buyers
And the rate of repeat purchasing
Small increases on both can have big impact on profitability
Links to other systems ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ External systems
Payments usually requires external links to tow outside organizations
a credit card verification service
checks validity of the credit card number the user has typed
bank settlement firm
handles the credit card payment
Internal Back-end systems ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ
For accounting, pricing, product availability, shipment, and other matters.
Application servers
Most large e-commerce sites use an application server
That accepts user data from a front=end web server
Some sites combing the web server and application server
Mist large sites separate these to functions on two machines
Retrievals for external systems
the application server ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Contacts external systems and internal back-end database
Systems to satisfy the user's request.
It sends requests that these external systems can understand and then it receives responses.
This is complicated each system may have its own way of handling requests and responses.
Connecting to external systems is one of the most difficult tasks into the development of an e-commerce site.
Application Program Interfaces (APIs) ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Modern client/server database systems have publish application program interface specifications to allow application server programs to interact directly with database systems.
Mainframe Interactions ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Mainframe computers
have their own ways of communicating
With the outside world
Application server programmers must be deeply familiar with CICS and other mainframe processes
Creating a response
To document is findings the application server then crates a new webpage and passes it to the user via the web server.
Three-tier architecture
Terminal host systems perform processing on a single machine.
Most client/server systems do processing on two machines
With an application server processing take s place on a third machine as well.
E-Commerce security
SSL/TSL ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Credit card numbers or other sensitive information over the internet is almost always protected by a secure communication system at the transport layer called Secure Sockets Layer (SDSL) security
It shout be called TLS transport Layer security because this is the new name given to it by the IETF with now controls its development
SSL provides merchant authenticating (rarely client authentication ) and encryption for confidentiality
SSL is not perfect but highly effective
Demilitarized Zones (DMZs)
Shows that public e-commerce servers (and other public servers) normally are pLaced "outside the firewall". N demilitarized zone
This means that even if hackers can take over the server they cannot get into the rest of the corporate network which is protected by a strong firewall.
Between the DMZ and the Internet ,
But is weak enough to allow widespread access while stopping simpler attacks
Hardened Servers
Hackers will probably be able to get into the DMZ to attack servers there.
Therefore -commerce servers and other servers must be specially hardened against attacks
Most credit thefts come from hackers taking over e-commerce serer or back-end systems and reading the credit card numbers out of files stored there.
WEB SERVICES
Microsoft
Calls its implementation of web services .NET
Basic web service
Compares traditional web service (based on HTML with a simple web servers
Here the client is a browser
Objects
In programming terminology a web service is an object
It communicates with the outside world using a specific interface.
This interface exposes well-defined methods (actions it can take) to the outside world and ahs properties that can be changes
Clients communicate via messages directed to the interface
Simple Object Access Protocol (SOAP)
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Is a standardized way for a Web service to expose its methods on an interface to the outside world.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ SOAP is a message format that allows clients to send commands to Web services calling for methods these Web servers support.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ SOAP request specify a particular method and the specific parameters allowed or dictated for that methods
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ SOAP also specifies the formatting of messages that web services use to respond to clients
XML
The first line of each message begins with a header that says "xml version="1.)".
This shows that SOAP messages are expressed in XML (extensible Markup Language) syntax
XML allows communities of users to create their won tags for example Price and price that have semantic meaning to the community
Web services and HTTP
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Overall web services are server programs that communicate with clients using HTTP to deliver SOAP messages written in XML syntax
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ instead using HTTP to deliver HTML messages
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ HTTP is advantageous because it is simple to support and widely understood.
Web Services and Firewalls
Most firewalls pass HTTP messages on Port 80
Makes web service communication easier
SOAP specifies the addition of a few new HTTP header lines that firewalls can use to control access
Universal Description, Discovery and Integration (UDDI) protocol
In the future
Some web services will be offered on a fee-per-use basis
Many firms are now adopting the Universal Description Discover and Integration protocol to advertise themselves to the world
UDDI
is a distributed database meaning that there will be many interconnected UDDI servers that cooperate with one another
UDDI
Will offer tree basic search options
UDDI white pages
Allow users to search the web services by name like telephone books
UDDI yellow pages
Like telephone yellow pages by type
UDDI Green pages
Allow companies to understand how to interact with specific web services
In object-oriented terminology, green pages specify the interfaces on which a Web service will respond, the methods it will accept and the properties that can be changed or returned
Payment methods are also part of UDDI green pages
PEER-TO PEER (P2P)
APPLICATIONS
The newest application architecture
Is peer to peer in which most or all o the network is done by cooperating user computers such as desktop PCs.
If servers are present at all they only serve facilitating roles and do not control the processing
Advantage Central Control
All communication goes through the central server
There can be good security and policy-based control over communication
PROBLEMS ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ
Traffic Overload at the server ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ All traffic passes through can cause network overloads at the central location
Underused client PC capacity
Client/server computing often uses expensive server capacity while leaving clients underused.
Clients are usually modern PCs
Central Control ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Can be problem form the end users point of view.
Limits what end users can do
Peer-to-Peer Applications
User PCs communicate directly with one another at least for part of their work
All of the work involves P2P interactions.
2 user computers work without the assistance of a central server and also without its control
BENEFITS
Client users are freed fro central control for better or worse network traffic is spread more evenly and less user computer capacity is wasted
Problems
Transient Presences ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Another problem is that each time a user PC uses the Intent its DHCP server is likely to assign it a different IP address
No permanent phone numbers or IP address on the server
Security
Without centralized filtering on servers security will have to be implemented on all user PCs, or chaos will result
Pure peer-to-peer applications: Gnutella
Viral networking for searches
Gnutella
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Gnutella is a pure P2P file-sharing application that addresses the problems of transient presence and transient IP addresses without resorting to the use of any server.
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ The user's PC connects to one or a few other user PCs
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Which each connect to several other user PCs and so forth
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ When the users PC first connects it sends and initiation message t introduce itself vi viral networking
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ Subsequent search queries sent b the user also are passed virally to all computers reachable within a few hops
Direct File downloads
Actual file downloads are done using strictly peer-to-peer communication between the user's PC and the PC holding the file to be downloaded. There is no viral networking in actual file downloads
Super Clients
Gnutella cheats
It relies on the presence of many super clients that are always on
That have fixed IP address that have many files to share and that are each connected to several other super clients
They are not precisely servers
Using Servers to Facilitate P2P interactions
Most p2p do not even try for a pure P2P approach
Rather they use facilitating servers to solve certain problems in P2P interactions but allow clients to engage in P2P communicating for most of the work.
Napster
Used an index server
When stations connect to napster they first upload a list of files available for sharing to an index server
Later when they search, their searches go to the index servers and are returned form there
Once a client receives a search response it selects a client who has the desired file and contacts that client directly.
The large file transfer usually on to five megabytes is done entirely peep-to-peer.
H.323
In videoconferencing and IP telephony communication is governed by the H.323 standard.
The calling party knows the called party's IP address it can connect to the called party directly.
The communicating typically uses gatekeeper servers
The called party s gatekeeper authenticates the caller and then facilitates the connection to the called party
If there is a gatekeeper in a terminal's zone, the terminal is required to use the gatekeeper to communicate
Another type of server, a gateway connects and IP network to the Public Switched Telephone Network.
If all communication goes through the gatekeeper after the initial connection is made, additional services are possible, such as call waiting etc.
This spectrum of capabilities illustrates the type of flexibility that would be desired able in other P2P programs to allow individual firms to select the degree of client-server versus P2P functionality that would be best for their organization.
Processor Utilization:
SETI@HOME
PC processors sit idle most of the time
This is even true much of the time when a person is working at their keyboard. This is especially true when the user is a way form the computer doing something else.
One example of employing P2P processing to use this wasted capacity is SETI@HOME
Is the search for Extraterrestrial intelligence projects.
Many volunteers download SETI@HOME screen savers that really are programs .
When the computer is idle the screen saver awakens asks the SETI@home server for work to do and then processes the data.
Processing ends when the user begins to work which automatically turns off the screen saver ,
The future of P2p
it is so new that it is impossible to forecast its future with any certainty when should note that many more p2p applications are likely to appear in the near future offering a much broader spectrum of services than we have seen here
GAINING PERSPECITVE
Market realities
There will be one bullion intent users by 2005
Europe and Asia-pacific region will vie to have the largest number of intent users
United states is third place
The United States is expected to account for 36 percent of e-commerce revenues
ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ ÃÂÃ