packet-switched - University Of Worcester

Download Report

Transcript packet-switched - University Of Worcester

COMP3121
E-Business Technologies
Richard Henson
University of Worcester
October 2010
Week 2: Client-Server
systems and E-commerce

Objectives:
 Describe the client-server model
 Explain what a communications protocol is and
why comms protocols are so crucial for clientserver networks
 Understand the rationale for using server-end
scripting, rather than having all the code on the
client machine
 Produce a working server script running on an IIS
platform
Client/Server Networks

Server end:
 access control to the
network and its resources
controlled by logon service
server
 access to resources
depends on user rights –
assessed by logon data

Client-end:
 user who wishes to access
network resources
client
Why are networks so important?

Client-server connection only made when user
requests information
 therefore very efficient…

Client-server processes involve distributing
computing
 requires communication between processes

Any client-server systems must therefore:
 communicate 100% effectively
 use an entirely reliable set of protocols
 TCP/IP has proven to be reliable set of
communications protocols over many years
Why is knowledge
of networks important?

Any worthwhile EBusiness system
usually works
across:
 at least two different
systems
 a digital link
including the Internet
client
Network(s)
server
Request and responses
Organisation of application processing
across a client-server network…
 Client:

requests services or information from
another computer (e.g. the server)

Server:
responds to the client's request by sending
the results of the request back to the client
computer
Request and responses
client requests information
server processes the request, sends a response back to
the client
CLIENT
Client
Program
SERVER
REQUEST
RESPONSE
Send Request
Read Results
Server
Program
Process Request
Send Back Results
Internet Communications

Based on principles of client/server
networking
EITHER Internet computer can “play” the
role of client or the role of server
e.g.(1) A user in one university sends an
email to a user in another university:
» “A” client sends email to “B” server
(2) When a reply comes back…
» “B” client sends email to “A” server
“Middleware”
A layer(s) of SOFTWARE that sits between client and server
Could “glue” together incompatible formats
More on Middleware


Middleware can join users to raw data and
applications!
Attractions range around “future-proofing”
 incompatible computing systems can co-operate and interact
with each other – can be glued together to deliver
applications to the user seamlessly
 applications independent of the underlying network
infrastructure
 integration with legacy systems (protecting investment in
older technology)

Gives organisations time to decide what to do with
older systems
 e.g. during w2k “panic”!
Bandwidth and Client/Server
processes

Messages transferred between client
and server via network
Bandwidth and Client/Server
processes

Data transfer: the faster the better…
 most effective on LANs - nowadays 1000
Mbits/sec or more
 between connected Internet computers bandwidth
needs to be as high as possible - 2 Mbits/sec
upwards

Slow connections…
 data takes longer to get through
 so longer time to get a response back
 server could even “time out”
Early Network Protocols

Challenge for client-server data to be RELIABLY
transferred between Internet sites
 one purpose of the protocol
» detect errors and resend if necessary

Early model (TCP/IP)…
 used in early days of Unix (1970s)
 communication between nodes separated into four layers of
abstraction, computerized through just 4 software layers:
» Physical Network access layer
» Internet layer – became IP protocol
» Transport or Host-Host – became TCP protocol
» Application layer – became FTP and SMTP
THE OSI seven layer model

In 1978, the network model expanded to
SEVEN software layers
 included a further three levels of abstraction from
physical network through to screen display, this
was the MINIMUM number OSI committee could
agree on
 helpful for efficient client-server communication
across different networks, with different protocols

First used in the extended (7 layer…) TCP/IP
protocol stack
 remains to present day…
OSI-compliant Internet Protocols

When any OSI application layer file (e-mail
message, HTML file, GIF file, URL request,
and so forth) is sent from one place to another
on the Internet…
 at OSI level 4, the TCP protocol divides it into
"chunks" or packets of an efficient size for routing
through packet switching
 At OSI Level 3:
» packets are created and IP addresses are added
» used in conjunction with packet-switching to navigate
packets from source to destination across the physical
network
How a message is “sent”
Transmit
Station
AH DATA
Application
Layer
Application
Layer
DATA
AH
PH AH DATA
Presentation
Layer
Presentation
Layer
DATA
AH PH
Session
Layer
Session
Layer
DATA
AH
PH
SH
TH SH PH AH DATA
Transport
Layer
Transport
Layer
DATA
AH
PH
SH
NH
TH SH PH AH DATA
Network
Layer
Network
Layer
DATA
AH
PH
SH
NH
TH SH PH AH DATA
Data link
Layer
Data link
Layer
DATA
AH
PH
SH
Physical
Layer
Physical
Layer
SH PH AH DATA
LH
Receive
Station
LT
Link
LT
TH
TH
TH
NH
NH
LH
Preparation of data to send
across the network

File/message “chunking” into packets…
TCP orders the file into units of data of a
specific size containing header information
(for routing) and the data itself
this allows packets to be routed between
an origin and a destination on the Internet
or any other packet-switched network
Packet Size & Management
header

data
Traditional TCP/IP used packets with 48
bytes data + 5 bytes header
 latest implementations: e.g. 768 bytes + header


Large messages broken into many packets
Sometimes very small messages are
combined and share a packet
Contents of a basic 53 byte
TCP/IP “packet”
1. The main body of information to send
(48 bytes)
 2. The packet header (5 bytes) containing:

where to send packet (destination IP
address)
where packet came from (source IP address)
error checking information - CRC
TTL (time to live) in case it gets lost!
Movement of Data by
Packet-switching

IP protocol
 addressing and routing the packet
 each packet separately numbered


Individual packets for a given file may take
different routes through the Internet
When all packets have arrived at their
destination:
 TCP at the receiving end reads the packet numbers
 reassembles the packets into the correct order to
recreate the original file
Packet-switching

Known as “connectionless” (as opposed to
“connection-oriented”, like the public
telephone system)
 unlike the latter, packets do not follow one another
in order down a particular path

Most Internet traffic uses packet switching
 requires no connection channels
 breaking communication down into packets allows
the same data path(s) to be shared among many
users in the network
WWW-related Application
Layer (layer 7) Protocols

FTP (file transfer protocol)
 predates the www
 used to upload/download files between user computer
and the Internet
» FTP client program contacts an FTP server
» requests the transfer of a file
» FTP server responds by transferring the file to the client

HTTP (hypertext transfer protocol)
 Used, usually via the Internet:
» to upload requests for web pages from a browser on a client
computer to a web server
» to download web pages from a web server to a browser on
a client computer
 Can also be used to send data between client and server
HTTP and HTML as “middleware”
Web Browser
(HTML page)
Web Server
(Server Script)
CLIENT
Client
Program
SERVER
REQUEST
RESPONSE
Send Request
Read Results
Server
Program
Process Request
Send Back Results
Web Static Client-Server
Model (simplified – excluding
the “local” server)
More about HTTP and ClientServer Computing

Client and server systems work right up to the
application layer
 communication therefore needs to function accordingly…


Tim Berners-Lee invented HTTP to facilitate webbased application layer communication
To allow client-server interaction, Tim designed
HTTP to integrate well with his basic web page
formatting language - HTML
 HTML language GET command instructs the client process
to get data for the server
 HTML POST command sends client data either using an
email protocol or using HTTP
Web Dynamic
Client-Server Model
HOW Server-Side Processing
works in a typical web-
based client-server
application:
1. The HTML form displayed
on a web browser at the
client end collects data
2. Using HTTP the form data
is sent to a web server
Web Dynamic
Client-Server Model
 The web server
processes the data
according to instructions
on a specified server
script
 Using HTTP, the results
of processing generated
as specified by the
script are sent back to
the client
 The web browser on the
client machine displays
the results on a web
page in a specified
position
Web Dynamic
Client-Server model

This gets even
more complex
when a database,
and database
programming, are
also involved at
the server end…
Introduction to Server-scripting

The following apply to ALL types of
scripting…
scripts need to use real programming code
» note: HTML is a FORMATTING language, NOT
a programming language
both client and server ends have
programming code:
» client end…embedded within a HTML page
» server end… could be embedded or separate
Languages used for
Server Scripting

Much has been tried since HTML became interactive
in the early 1990s:
 Can use an existing language in a completely separate file,
which is already compiled and ready to go:
» the original approach: .cgi
» any language could in theory be used
» in practice “C” was usually favoured
 Can use an existing language embedded in a HTML file
» The Microsoft .asp approach, using embedded VB source code
» The Sun .jsp approach, using embedded Java (Script) source
 Can invent a new scripting language that is “HTML-like” and
easily embeds with HTML
» Cold Fusion .cf
» Preprocessor Hypertext processing .php
Microsoft’s first attempt
at server scripting…

In 1996, Microsoft introduced active server pages
(asp)
 hugely successful
 soon became more popular than .cgi

However, in spite of the great success of asp, big
problems were emerging…
 by 2000, hackers were attacking Microsoft servers and
finding many security holes in IIS
» Microsoft only coped by offering hotfixes
 further problem: used VB source code
» if server not secure, code could be copied or compromised
» Scripts could not be truly “object oriented”
ASP becomes ASP.NET

Microsoft’s new approach to server scripting
for the new millennium…
 building on asp principles
 new system that used “intermediate language”,
rather than source code on the server
 much more difficult to hack

Problem was… they had to scrap the .asp
environment, and adopt a new architecture…
known as the .net framework
 as many developers were accustomed to .asp this
took awhile to catch on!
Alternative
Scripting Lanuguages
JSP
 PHP
 PERL
 Cold Fusion

JSPs (Java Script Pages)

Produced by Sun Microsystems
 extension of the JavaTM Servlet technology

According to Sun, Servlets:
 “fit seamlessly into a Web server framework
and can be used to extend the capabilities
of a Web server with minimal overhead,
maintenance, and support.”
»
»
»
»
»
»
platform-independent
100% pure Java
enhanced performance
separation of logic from display
ease of administration
extensibility into the enterprise
PHP files
(Hypertext Pre-processor)

Originally designed for Linux-based systems
 executed on a type of web server called Apache


Integrate well with a Linux database and a
free-to-download SQL-supporting product
called MySQL
Can now run happily on IIS
 now getting very popular with non-Linux platforms

Can download the environment directly from
the PHP website:
 http://uk2.php.net/downloads.php
PHPs (continued)





“free”
Only for serious programmers
Cut-and-paste code still needs an
environment like Dreamweaver
Popular with those who dislike Microsoft!
Unix-based Servers running PHPs
considered to be more secure against
hackers than Windows 2000/IIS running asp
 but asp.net on Windows 2003/IIS v6 is another
matter…
PERL




Invented by Larry Wall in 1987
Became popular as a web
programming language in the late
1990s
Features of C but an interpreted
language (like Java)
Not for programming novices…
Cold Fusion

Originally produced by Altair with its own
scripting language (CFML) for the Microsoft
platform
 arguably easier to use than asp

Purchased by Macromedia in 2003
(Dreamweaver, Flash, Director, etc.)
 Dreamweaver has good support for Cold Fusion
scripting


Now also available for the Java environment
Macromedia itself now part of Adobe
Platforms for developing a website
running server-scripts



Computer capable of supporting Windows
XP/2003/Vista/7 or an equivalent operating
system
TCP/IP protocol stack running on server
Web Server software such as:
 Internet Information Server
 Apache

Broadband connection to the Internet
Basic Infrastructure required to
put a server-system “on-line”

Typical networking server software:
Windows NT/2000/2003/2008
Unix (many types; Linux increasing
popularity)

A Firewall to keep the server secure
security is a BIG issue in e-commerce
More typical Infrastructure to go
online (existing local network)


Make sure the internal “client-server” computer
network is secure
EITHER Use the firewall computer as a router to
separate the internal (local) network from the
External (i.e. Internet) network
 diverts data between the Internet and the local network
 will only work if the network will need to be running an
appropriate protocol
 OR, if necessary, use a gateway
» converts data into appropriate protocol and diverts it between
the Internet and the local network
» Can be used to link networks running different protocols
Firewall & Security matters


Servers MUST ALL be correctly
configured
The Firewall or Proxy Server will them
make sure that:
 internal users do not access unauthorised
sites
 unauthorised remote Internet users do not
access the local network
Putting the Secured network
on-line


A digital connection is needed between the
router/gateway and a computer connected to the
Internet
PROVIDED THAT THE NETWORK IS SECURE,
there is no need to worry about payment systems…


secure (VPN) Internet connections can be made to credit
card authorisation and payment sites using “Merchant
Server” software
Regular monitoring of the network is essential to
ensure that unauthorised users are not trying to
gain access
Web Hosting and ISPs
(Internet Service Providers)
Only the largest corporate enterprises
are likely to be part of the Internet
 Most businesses need to find a partner
who will provide a link between the
connection medium and the Internet
that meets their needs

Many Internet service providers available
The problem is usually “which to choose”,
rather than finding a partner…
Web Hosting

Two possibilities:
ISP provides hosting and web space, B2C
manages website
ISP provides hosting AND manages website

ISP will also provide:
the all important IP address that will allow a
presence on the Internet
the domain name that will allow other
Internet users to find the website
Criteria for choosing a
web host (apart from cost!)









Amount of web space?
Bandwidth availability?
Hardware & OS?
Uploading techniques?
Protocols supported?
URL available?
type of server scripts supported?
Site management tools?
Databases supported?
Exercise for Next Week

Search Google for web hosts
 How many available?
 How could you choose?

Use the following URL to compare web hosts
and their offerings:
 http://www.hostindex.com/voteresults.shtm


Select criteria for an e-commerce hosting
solution that fit with comparison data
Choose a suitable web host (server) for an
e-commerce solution
Thanks for listening
