Documente Academic
Documente Profesional
Documente Cultură
Recap of Day 1
Process, Thread, Daemon process, Server HTTP Protocol Web Servers Static Content Dynamic Content
Web Applications
Web Servers evolved as a mechanism to share documentation and information among researchers (Static content) To enable dynamically generated content, special extensions are needed CGI (Common Gateway Interface) Gateways Other technologies for Dynamic Content Generation
Using Servers API for Dynamic content code (NSAPI, ISAPI) Java Servlets ASP (Active Server Pages) JSP (Java Server Pages)
CGI Overview
For example
Browser sends the parameter: name=Sachin . Web server passes the request to a Perl program Perl Program returns HTML that says, Hello, Sachin!
Name= Sachin
Name= Sachin
Web Browser
Hello, Sachin!
Web Server
Hello, Sachin !
C\Perl Program
(Local Network)
Web Browser PC
the hru r t e The L ct HTM ne serv Internet n o ose t Co omp u st 5. n/w t 9. C n stdo ue q o Re Web Server TP T se on (Internet) dH n sp Se Re TML 6. H ly TP HT tains ical abcbooks.co.in d n m en o na 202.68.33.49 0. S ich c ed dy 1 wh erat n ge
getinfo.exe
If using advanced server side technologies like JSP/ASP, develop JSPs or ASPs to generate content dynamically
Load
Every request serviced by the server amounts to some amount of load in terms of CPU time on the server side As number of concurrent users increase, load also increases Can a server serve any number of Requests?
No! Several Factors that determine the maximum load on server
Speed of CPU(s) in the server Number of CPU(s) in the server Memory capacity of the server Hard disk space of the server (Marginal impact) Amount of time CPU of the server spends (Turn-around time) for each request
Scalability
What is Scalability? (Move to previous slide)
The ability of an application (or server) to perform without degradation in Quality of Service as the load or demand increases Every server/application has a limit based on several factors Tune up and optimize code to reduce turnaround time for each request
Tune code Tune SQL Queries Use Database Connection Pools Tune the server (use optimum thread pool size) Caching
Increase memory capacity Increase number of CPUs Increase the speed of CPUs Increase hard-disk capacity (Marginal impact) Go for multiple servers Load balance the servers Each request requires more processing compared to static content Turnaround time for each request is higher
Performance Enhancement :
Web Farms Clustering App Servers and Database Servers Tuning the code Changing the architecture Optimizing database queries Optimizing the database indexes
Load Balancing
Disadvantages
DNS server doesnt have a way to detect which server is overloaded DNS server cannot detect if one of the server is down Difficult to determine which IP address each client will resolve the site name as Browser caching prevents effective load balancing and can result in additional load on the network
Application
For less than 5 servers
Disadvantages
Not cost effective (Specialized software and additional hardware required)
Application
Heavy Hit sites, ISPs (Internet Service Providers)
Advantages
Option to use bigger server for content which is big in size (Images, Movie Clips etc) Option to use older/less-powerful servers for content which is smaller in size (HTML files etc) Cost Effective (No additional cost incurred)
Application
Heavy hit sites, Portals
Application
Download sites, Heavy-hit Portals
Request for Dynamic Content is costly in terms of CPU time, compared to a request for static content If Turnaround time = Useful Processing Time only
performance and scalability will improve drastically
Application Servers
Application Servers
An Application server is software server that lets thin clients use applications and databases that are managed by the server. The application server handles all the application operations and connections for the clients. An application server is a server program in a computer within a distributed network that provides the business logic for an application program. It is frequently viewed as part of a three-tier application, consisting of a graphical user interface (GUI) server, an application (business logic) server, and a database and transaction server.
Application Servers
Also referred as Middle Ware sometimes Handles Business Logic Data Access and Data Manipulation
Multi-Tier Applications
Client Database1 Network Client Firewall The Internet Firewall Network Client Web Server App Server To Other Applications or Application Servers Client Web Server App Server Web Server App Server Database2
Mainframe
Authorization:
Is the process of giving individuals access to system objects based on their identity. Authorization involves granting or denying access to a network resource
Auditing:
The process an operating system uses to detect and record securityrelated events, such as an attempt to create, access, or delete objects such as files and directories. Identifies all controls that governs the information system, and assesses their effectiveness.
Confidentiality:
A service provided by cryptographic technology to assure that data can be read only by authorized users or programs. In a network, data confidentiality ensures that intruders cannot read data. It is a status indicating that the information is sensitive.
Threat Detection
Threat detection systems help reduce the risk or help you mitigate the threats to your network and critical data. The three different types of intrusion detection systems are hostbased, network-based, and anomaly-based.
Host-based detection: Detect changes made to operating system files and other critical files such as data. This method uses checksum and hashes to determine that a change has occurred. Network-based Detection: Examine network traffic and provide alerts when undesired traffic is present on the network. Anomaly-based Detection: Looks for network traffic that is not expected..
Client
Hacking Computer Viruses Theft and Fraud Line taps Vandalism Denial-of-service attacks
Decryption: To read the encrypted file, the recipient must convert the encrypted data back into its original form. This process is known as decryption..
Symmetric Encryption
Person A Person B
Plain Text Secret Key
s7%&`=S|
Encrypted Data Moving in the Encryption Software Network
38975
Decrypted Data
Decryption Software
Advantages:
Increased security Ensures non repudiation
Asymmetric Encryption
Person A Person B Computer Algorithm
Public key can only be used to encrypt (it cant decode ciphers)
Public Key
Public Key
Person B then uses the public key to encrypt any messages that he wishes to send to person A
Private Key
Private key held in a safe place. Only this can decode ciphers that have been encrypted using the public key
Internet
1. Client request
http://icicibank.com
2. Server sends the digital certificate, public key and the encryption algorithm preferences in response
Digital certificate
Server
Server's public key
Digital certificate
4. Client chooses a particular encryption algorithm which both client and server supports List of symmetric encryption algorithms that the server supports
http://icicibank.com
http://icicibank.com
Secret Key
Internet
Server
Internet
Server
Client encrypts the request using the Secret key and sends it to server
http://icicibank.com
Secret Key
Secret Key Server decrypts using the same Secret key and sends the response to the client
Digital Certificates
Digital signature:
Digital code attached to electronically transmitted message to uniquely identify contents and sender
Digital certificate:
Attachment to electronic message to verify the sender and to provide receiver with means to encode reply
certificate authority:
The certificate authority acts as an intermediary trusted by both the computers. It confirms that each computer, in fact, is who it claims to be, and then provides the public keys of each computer to the other.
Summary
Basics of networking and Internet
TCP/IP and networking, IP address, DHCP, DNS
HTTP protocol
Request and Response, GET, POST, HEAD methods
Web Servers
Working of a web server, Dynamic content genertion
Load Balancing
Scalability, Load Balancing schemes
Web Security
Authentication, Authorization and auditing
Application Servers
The Big Picture, Real world Scenario
Installing IIS
Windows 2000 and beyond
Open Control Panel Select Add/Remove Applications Select Add/Remove Windows Components
Select Internet Information Services (IIS) check box if not yet selected If installed Already, IIS option will be selected already Click on Next button to start installation (Setup Program might ask for the Windows CD)
Configuring IIS
Complete Installation Open Control Panel Select Administrative Tools Start Internet Information Services icon The control panel applet for IIS shows up with the default web site configuration
Thank You!
Copyright 2004, Infosys 55 Technologies Ltd ER/CORP/CRS/OS41/003 Version no: 2.0