1 project web-based database applications lecture 3: client/server databases environment
Post on 21-Dec-2015
215 Views
Preview:
TRANSCRIPT
1
PROJECTWeb-based Database Applications
Lecture 3: Client/Server Databases Environment
2
CLIENT/SERVER
ARCHITECTURE
3
Evolution of DBMSs - Modeling
Flat-file system Often text files for sequential access
Relational Database Management System (RDBMS) Informix, Oracle, Sybase, DB2, etc.
Object-oriented Database Management System (OODBMS) Gemstone, O2, ObjectStore, Matisse, Jasmine,
Versant, etc. Object-relational Database Management System
(ORDBMS) Informix, Oracle, DB2, Illustra, UniSQL, Matisse, etc.
© H. Afsarmansesh, 2003
4
Stand-alone to Network-based DBs Centralized DBs
Stand-alone, on a mainframe or workstations e.g. Manufacturing industry, SMEs
Distributed DBs Network-based Supporting geographic dispersion of sites
e.g. Banking, Service provision industry
Federated DBsNetwork-based Supporting heterogeneity & autonomy of sites
e.g. Virtual organizations, Virtual Laboratories
Evolution of DB system - Architecture
© H. Afsarmansesh, 2003
5
Mainframe-based environment All applications run directly on the main system
Client/Server environment Operates in networked environments Splits the processing of an application between:
A Front-end Client A Back-end Processor (server)
Client process requires some resources that the server provides
Clients and servers can reside on the same computer, or locate on different computers in the network
Client and Server are intelligent and programmable
Evolution of multi-user DB environment
© H. Afsarmansesh, 2003
6
Designing the DB architecture and environment
Good balance between Centralization & Distribution
Mainframe-based or Client/Server based databases
Client/Server architecturesClient/Server architectures
1- File Server architecture
2- Database Server (two-tier) architecture
3- three-tier architecture
Hoffer © Prentice Hall, 2002
7
Client/Server Systems
A networked computing model (with LAN / WAN)
Processes distributed between clients and servers
ClientClient – application running on a workstation or a PC, that requests and uses a service
ServerServer – application running on a computer (PC/mini/mainframe), that provides a service
Client/server architectures differ in their distribution of Application Logic components across clients and servers
Hoffer © Prentice Hall, 2002
8
Application Logic in Client/Server Systems
Presentation Logic component Input – keyboard/mouse Output – monitor/printer
Processing Logic component I/O processing Business rules (validity checks) Managing Data
Storage Logic component Data storage Data retrieval
GUI InterfaceGUI Interface
Procedures, functions,Procedures, functions,programsprograms
DBMS actionsDBMS actions
Hoffer © Prentice Hall, 2002
Application Logic consists of 3 components
9
1- File server (two-tier) architecture
File server is a device that manages file operations and is shared by each of the client PCs attached to the LAN / WAN
LAN/WAN
FAT FAT CLIENTCLIENT
Hoffer © Prentice Hall, 2002
10
Limitations of file server architecture
Network is a bottleneck – high traffic load Tight-coupling among the application and the data Considerable processing burden on the client PC Large memory for the client PC (full DBMS transferred!) For multi-user environments - Expert application
programmers are needed Request to set locks for shared data(base) integrity Understand and consider how their application affects the
concurrency, recovery and security of the shared data(base)
Handling shared data(base) problems becomes the responsibility of the application program
© H. Afsarmansesh, 2003
11
2- Database server (two-tier) architecture
Database server is a computer responsible for database storage access and processing, constituting a 2-tier client/server architecture
LAN/WAN
Hoffer © Prentice Hall, 2002
Database
Server
Selected
Thinner Thinner CLIENT CLIENT
Fatter DB Fatter DB SERVERSERVER
12
Advantages of two-tier database architecture
Data traffic load is reduced
Thinner Client: Processing power only required at the Database server Authorization, integrity, query/update only at Database
server
Fatter Server: Processing power and larger memory in one location Stored proceduresStored procedures can be defined and run at Database
server A piece of code in the DBMS language (e.g. Oracle’s PL/SQL) Creates DBMS dependency Decreased performance
© H. Afsarmansesh, 2003
13
Two-Tier Database Server Architecture – 2 layers2 layers
Stored procedures:Stored procedures: Reduce the network
traffic Improve security Improve data integrity
Connolly © Addison Wesley, 2002
14
3- Three-tier Database architecture
A Client/server configuration that includes: client layer, application layer (also called application server) and database server layer
LAN/WAN
Hoffer © Prentice Hall, 2002
Database
Server
Thin Thin CLIENTCLIENT
Application
Server
Client layer
Application layer
DB server layer
15
Three-Tier Database Architecture - 3 layers3 layers
Client Client only performs a little processing with limited or no data storage
Application serverApplication server performs the data processing and applies the business rules
Database serverDatabase server performs the data validation & data access
Database connectivity provides a link between the application logic and the DBMS
A. Benabdelkader ©UvA, 2002/2003
16
Advantages of 3-tier compared to 2-tier
3-tier architecture is a popular choice for Internet applications and Net-centric information systems
The architecture provides an increased level of: Scalability
The load between layers can be measured and adjusted
Flexibility /Reusability Loose coupling among the data and application Less reliance on proprietary DBMS languages Easier to change the DBMS
Performance / Reduced risks Lower load on client and division of load between the application
layer and the server layer
Lower long term costs For maintenance and changes in the configuration
© H. Afsarmansesh, 2003
17
Client/Server Architecture - Types of ClientsTypes of Clients
Fat clientsFat clients Client does most of the work Relatively large and complex Responsible for user interfaces, application
logic and many of the DBMS functions
Thin clientsThin clients Client is simple and light A PC configured for handling user interfaces Limited storage
© H. Afsarmansesh, 2003
18
Partitioning a Database application There is no one optimal client/server architecture no one optimal client/server architecture
solutionsolution for all database applications A main goal is to reach better performance and better performance and
interoperabilityinteroperability Decisions must be made about the placement of the placement of the
processing logicprocessing logic How to partition the environment into two-, three-, two-, three-,
or n-tier architectureor n-tier architecture
In each case, storage logic is always handled by the DB server, and the presentation logic by the Client
Client/Server Architecture – Application partitioningApplication partitioning
© H. Afsarmansesh, 2003
19
WEB-DATABASES
20
Data on the Web sites
Many Web sites are file-based, where each Web document is stored in a separate file
For large sites, this can lead to significant data management problems
Also many Web sites now contain more dynamic information, e.g. products and pricing data
Maintaining updated data in both a database and separate static HTML files is problematic
Accessing database directly from Web would be a better approach
Connolly © Addison Wesley, 2002
21
Management of data at Web servers
Static Web page is an HTML documents stored in a file
Content of a dynamic Web page is generated each time it is accessed Can respond to user input from browser Can be customized for each user Hypertext formatting of the page is used by the
server to generate it Needs scripts that perform conversions from
different data formats (of the databse) into the HTML ‘on-the-fly’
Connolly © Addison Wesley, 2002
22
Web-Databases (or Web-based databases)
Web-databases are structured information repositories that can dynamically interact with a Web Server Web-databases allow for storing data content, in a
Web-structured format and let user publish information on the web
Web-databases provide a set of high-level functionality tools that support the development, maintenance, and deployment of applications with relative ease and speed
A. Benabdelkader ©UvA, 2002 /2003
23
Advantages of Web-Databases
DBMS support data structure, security for access, query languages,
etc. Platform independence Standardization
through standard database connectivity layers Open-architecture that allows interoperability with a
variety of systems and technologies. Cost-effective solution that allows for scalability,
growth, and changes in strategic directions, and helps reduce applications development costs
…
Connolly © Addison Wesley, 2002
24
Disadvantages of Web-Databases
Reliability / Availability Web Security Immaturity of development tools Performance / load balancing Statelessness
Statelessness - no information about transactions is maintained on the server (cookies can be used if necessary)
Maintaining State - server tracks the state, e.g.
location, selections made, user information
© H. Afsarmansesh, 2003
25
Web-Databases Applications
Catalogs Directories (e.g. Yellow pages) Online-Shopping Online Auctions Training courses Resource libraries Surveys Financial Analysis …
© H. Afsarmansesh, 2003
26
Approaches to Integrate Web and DBMSs
Client/server architecture development, using:Client/server architecture development, using:
Java, JDBC, SQLJ, Servlets, and JSP Common Gateway Interface (CGI) Extending the Web Server
e.g. database request handling middleware Microsoft Web Solution Platform
ASP and ADO …
Connolly © Addison Wesley, 2002
27
Two-tier vs. three-tier architectures
Presentation Logic & Processing Logic
(Java, JavaScript, ActiveX, plug-ins, etc)
Processing Logic WebServer
(CGI, HTTP server API, HTTP server module,
etc.)
Storage Logic
DBMSTier 2
Presentation Logic Web browser
Presentation Logic & Processing Logic
(Java, JavaScript, ActiveX, plug-ins, etc)
Tier 1
Tier 3
Tier 1
Tier 2
Storage Logic
DBMS
Storage Logic
Files
A. Benabdelkader ©UvA, 2002 /2003
28
Three-Tier Database Architecture
Three layers: Client (GUI interface, I/O
processing) the Browser
Application server (Business rules)
the Web Server
Database server (Data storage)
the DBMS
Connolly © Addison Wesley, 2002
29
Client/Server Database Environment
‘Thin’ client, requires less power/cost hardware at the client side
Application maintenance is centralized Easier to modify or replace one tier without
affecting the others Separating business logic from database functions,
makes it easier to implement load balancing Maps quite naturally to the Web environment …
Connolly © Addison Wesley, 2002
30
Advantages: Scalability Technological flexibility Long-term cost reduction Better match of systems to business needs Reduced risk
Challenges: High short-term costs Tools and training Incompatible standards Interaction with Legacy databases
C/S Database Environment – advantages/disadvantagesadvantages/disadvantages
Hoffer © Prentice Hall, 2002
31
C/S Database Environment - MiddlewareMiddleware
Software which allows an application to interoperateinteroperate with other software
No need for programmer/user to understand and code low-level operations for interoperability and internal processing
Accomplished via Application Program InterfaceApplication Program Interface (API) utilities
The “glue”“glue” that holds different layers of the client/server applications together
Hoffer © Prentice Hall, 2002
32
Classification of base tools/approaches to build MiddlewareClassification of base tools/approaches to build Middleware
Remote Procedure Calls (RPC) - synchronous / asynchronous Client makes calls to procedures running on remote
computers Similar to Remote Method Invocation (RMI)
Message-Oriented Middleware (MOM) Asynchronous calls between the client via message queues
Publish/Subscribe Push technology server publishes information, to
subscribed clients, when available Object Request Broker (ORB)
Object-oriented management of communications between clients and servers
SQL-oriented Data Access SQL-based Middleware between applications and database
servers Hoffer © Prentice Hall, 2002
33
Types of Middleware access to DatabasesTypes of Middleware access to Databases
Application Program Interface (API) for Native Application Program Interface (API) for Native databasedatabase A set of operations to access/manipulate the data Efficient Application developers use APIs, and so do not need
to develop low level DB operations
ODBC & JDBCODBC & JDBC Provide database connectivity standards supported by
most popular databases Fast and have high flexibility Complexity in learning
© H. Afsarmansesh, 2003
34
MANAGING WEBSITES
AND
WEB-DATABASE SECURITY
35
Challenges in Managing Websites
Web-based systems Security Issues Prevent unauthorized access and malicious data destruction
User’s Privacy Issues Protect users’ privacy rights
Coping with the Rate-of-Change of Internet Technology Deal with rapid advances in technology
Hoffer © Prentice Hall, 2002
36
An important inhibitor to the growth of e-commerce: lack of user’s confidence in the security of web-
transactions
Protection of sensitive information and preservation of user’s access rights, through the web-related database access
Risk assessment and regular monitoring & testing for intrusion
Even new software tools/techniques may break the security of the site
SecuritySecurity in Client/Server Database Environment
A. Benabdelkader ©UvA, 2002 /2003
37
Establishing Internet security
Firewall to limit external access to data
Routers to transmitand distribute message packets to correct destination
IDS to monitor and recognize security
breach attempts
Hoffer © Prentice Hall, 2002
38
Website Security enablers
FirewallFirewall – hardware/software security component that limits the external access to company’s data
Proxy serverProxy server – firewall component that manages Internet traffic to and from a LAN
RouterRouter – intermediate device that transmits message packets to correct destination over most efficient pathway
Intrusion detection system (IDS)Intrusion detection system (IDS) – system that identifies attempt to hack or break into a system
Hoffer © Prentice Hall, 2002
39
Network environments create multi-layer security issues
(Network, OS, Web-server, Database, Communication)(Network, OS, Web-server, Database, Communication)
1- Network-level security1- Network-level security create an account with a user name and passwordWeb server and DB server on separate LAN away from
other business systems
Minimize sharing of hard disks among servers
Regular monitoring of network and firewall logs
Install probe (attack)-monitor software
Variety of Security levels for C/S Environment -1
© H. Afsarmansesh, 2003
40
2- Operating system-level security2- Operating system-level security
Variety of Security levels for C/S Environment -2
Patch (fix) all known OS vulnerabilities and look for new ones Install anti-virus software for: the system boot-time, file download time, and the email reception time, for virus detection Monitor server logs for unauthorized activity, e.g using IDS Intrusion detective system Disable non-required services to reduce risk of unauthorized access, e.g. sending automatic emails during an Internet access, that is allowed by the OS, should be disabled
© H. Afsarmansesh, 2003
41
3- Web-server-level security3- Web-server-level securityVariety of Security levels for C/S Environment - 3
Restrict number of users on Web server- Give as few as possible “super users” and administrator rights
Restrict the access (minimize number of open ports) - http and https only, if possible
Remove unneeded programs that load automatically when setting up the server
- Delete demo programs that give hackers the access details
desired - Restrict CGI scripts (have security problems) to one
subdirectory For Unix, only install minimum software for Web server
- Do not boot the default OS that provides a lot of added functionality
Compilers should not be accessible through the path for internal access
© H. Afsarmansesh, 2003
42
4- Database level security4- Database level security
Variety of Security levels for C/S Environment - 4
To restrict access/manipulations rights of users to the DBs. Login/Password check Creating user roles and privileges assigned to user roles Views Access, authorization, rights preservation Other measures:
- Extra check when executing user-defined procedures
- Asking extra information (Mother’s maiden name) © H. Afsarmansesh, 2003
43
5- Data communication level security5- Data communication level security
Variety of Security levels for C/S Environment -5
TCP/IP is not a very secure protocol Encryption/decryption processes
- transforming readable (plain text) data into unreadable (ciphertext)
A standard encryption method is the Secure Socket Layer (SSL), that is used by the “https” (not with the http)Public key / Private keyAuthentication / bio-metric devices (finger-print, eye pictures,
voice recognition)Digital signature the Virtual Private Network (VPN)
© H. Afsarmansesh, 2003
44
Anonymity vs. Security of Internet communication
Internet communication must be secure
& Internet communication must remain anonymous
Chat rooms E-mail Access to public data (web-pages)
Tracking devices installed on the servers for National security reasons (e.g. FBI’s email monitoring devices installed on email servers, Carnivor and DCS1000)
Advertisement agencies tracking down users access for their data collection purposes
© H. Afsarmansesh, 2003
45
References to books
DATABASE SYSTEMS - A practical Approach to Design, Implementation, and Management, T. Connolly, C. Begg, Third Edition, Addison Wesley, 2002.
MODERN DATABASE MANAGEMENT, J. A. Hoffer, M. B. Prescott, F. R. McFadden, Sixth Edition, Prentice Hall, 2002.
Core SERVLETS and JAVASERVER PAGES, M. Hall, Java 2 Platform, Enterprise Edition Series, Prentice Hall 2002.
top related