CSA M5 Ktunotes.in
CSA M5 Ktunotes.in
HTTP Request
Internet
Browser
File
Web
HTML System
Server
HTTP Request
Internet
Browser
Web Database
Static / Dynamic
CGI Scripts
information.
• Receives the information and then displays it on
document to
the user
2 Web Server
Web Server 5
sends the query
Variable to the The CGI script
CGI script generates an
HTML
document and
sends it to the
Web server
3
CGI Script
Web Server
sends the query
4
Variable to the Database
CGI script The Database
server executes
the SQL
commands and
Web Server
A computer that runs a software program that is
responsible for accepting HTTP requests from
clients, which are known as web browsers, and
serving them HTTP responses along with
optional data contents, which usually are web
pages such as HTML documents and linked
objects (images, etc.).
WEB SERVICES
The main difference between the two is that a web service requires a
network to function. As the name implies, web services operate on the
World Wide Web, providing a service to other applications running on
the internet.
This contract defines how the two communicate with each other using
requests and responses. Their API documentation contains information
on how developers are to structure those requests and responses.
How do APIs work?
API architecture is usually explained in terms of client and server. The
application sending the request is called the client, and the application
sending the response is called the server. So in the weather example,
the bureau’s weather database is the server, and the mobile app is the
client.
There are four different ways that APIs can work depending on when
and why they were created.
SOAP APIs
These APIs use Simple Object Access Protocol. Client and server
exchange messages using XML. This is a less flexible API that was more
popular in the past.
RPC APIs
These APIs are called Remote Procedure Calls. The client completes a
function (or procedure) on the server, and the server sends the output
back to the client.
Websocket APIs
Websocket API is another modern web API development that uses
JSON objects(JavaScript Object Notation (JSON) is a standard text-
based format for representing structured data based on
JavaScript object syntax. )to pass data.
A WebSocket API supports two-way communication between client
apps and the server.
The server can send callback messages to connected clients, making it
more efficient than REST API.
Downloaded from Ktunotes.in
REST APIs
These are the most popular and flexible APIs found on the web today.
The client sends requests to the server as data. The server uses this
client input to start internal functions and returns output data back to
the client.
API GATEWAYS
4 steps
2. Token validation: The user receives the token code and enters it
into the resource server to grant access to the network. The
access token has a validity of 30-60 seconds and if the user fails
to apply it can request the Refresh token from the authentication
server. There’s a limit on the number of attempts a user can make
to get access. This prevents brute force attacks that are based on
trial and error methods.
3. Storage: Once the resource server validated the token and grants
access to the user, it stores the token in a database for the session
time you define. The session time is different for every website or
app. For example, Bank applications have the shortest session
time of about a few minutes only.
API Keys: API Keys came into picture due to slow speed and highly
vulnerable nature of HTTP Basic Authentication. API Key is the code
that is assigned to the user upon API Registration or Account Creation.
API Keys are generated using the specific set of rules laid down by the
authorities involved in API Development. This piece of code is required
to pass whenever the entity (Developer, user or a specific program)
makes a call to the API. Despite easy usage and fast speed, they are
Service Mesh
Although you can code the logic that governs communication directly
into the microservices, a service mesh abstracts that logic into a
parallel layer of infrastructure using a proxy called a sidecar, which
runs alongside each service.
Downloaded from Ktunotes.in
Sidecar proxies make up a service mesh’s data plane, which manages
the exchange of data between services. Management processes make
up the control plane, which coordinates the proxies’ behavior. The
control plane also provides an API so operators can easily manage
traffic control, network resiliency, security and authentication, and
custom telemetry data for each service.
The messages are usually small, and can be things like requests, replies,
error messages, or just plain information. To send a message, a
component called a producer adds a message to the queue. The
message is stored on the queue until another component called a
consumer retrieves the message and does something with it.
It is the idea that clients access and use software using a thin client or
a web browser. The software itself is running on computers accessible
through the Internet ("in the cloud"). Clients usually pay a fee to get
access to the software.
The benefit of this approach is that clients do not need to manage the
software installation, and that they also do not need expensive
hardware.
SaaS Disadvantages
• Increased security risks
• Slower speed
• Loss of control
• Lack of customization
Examples of SaaS
• Google Docs
• Dropbox
WebSocket
TRANSFORMATIONAL SYSTEM
The working environment of many of the organizations has been greatly affected by
applications of Client/Server technologies. Following are the examples of technologies that
have changed the trade processes.
(i) Electronic mail.
(ii) Client/server and user security.
(iii) Object oriented technology: CORBA.
(iv) Electronic data interchange.
Mail Server
Workstations
Network
Mail Box
Intranet mail system creates and manages an electronic mailing list that is an alias to
multiple destinations.
Desktops are the front-end system devices, the ones that deal most
directly with user input.
Aside from physical client security in the form of disk drive locks or
diskless workstations that prohibit the loading of unauthorized software
or viruses, accessibility to all files stored on a workstation
operating system is the other gaping security hole in clients.
The easiest way to gain illegal access to computers is to get users’ login
ID and passwords. Sometimes users pick short or easily guessed
passwords or share their passwords with others.
Password management provides a security measurement for this by
requiring a minimum amount of characters to be used in passwords
checking passwords for guess ability, and regularly asking users to
change their passwords.
For example, more organizations are adopting policies of ‘pass
phrases’ rather than passwords that are more complicated and harder to
identify or guess. The system contains a scheme (minimalist, multi-
paradigm programming language) that proactively detects and blocks
spyware. It also updates daily.
Object
request
Application broker
Object
Transport
Transport
Transport
Network
Network
Server
Remote Object Object
Object
Requester
requests Network requests
response response
An Overview of CORBA
The Object Management Group (OMG) was created in 1989. The OMG solicited input from
all segments of the industry and eventually defined the CORBA standards.
CORBA specification has been implemented by numerous hardware and system software
manufacturers, provides a rich and robust framework that operates across the heterogeneous
computing platform. CORBA is a specification for an emerging technology known as
distributed object management (DOM). DOM technology provides a higher level, object
oriented interface on top of the basic distributed computing services.
At its most basic level, CORBA defines a standard framework from which an information
system implementer or software developer can easily and quickly integrate network resident
Downloaded from Ktunotes.in
software modules and applications to create new, more powerful applications. It combines
object technology with a Client/Server model to provide a uniform view of an enterprise
computing system-everything on the network is an object. The highest level specification
is referred to as the object management architecture (OMA), which addresses four
architectural elements (ORB, CORBA services, CORBA facilities and CORBA domains are
Application
Application
ORB
RPC
RPC Object Transport Object
request request Stub
Stub and and Program
response Network
Program
response Transport
Network
Component C
Client of (Server)
Client of Component D
(Server)
CORBA Concepts
The basic idea is distributed computing, nowadays, most of the application are across the
open environment, based on the connection of heterogeneous platforms. All modern business
systems employ a network to connect a variety of computers, facilitating among applications.
In the future, there will be continued evolution toward applications that exist as
components across a network, which can be rapidly migrated and combined without
significant effort. This is where CORBA shines, by providing unified access to applications,
independent of the location of each application on network, also it provides:-
• Uniform access to services.
• Uniform discovery of resource/object.
• Uniform error handling methods.
• Uniform security policies.
(i) Object-oriented model: CORBA’s object model is based on complete object approach
in which a client sends a message to an object. The message identifiesan object,
and one or more parameters are included. The first parameter defines the
operation to be performed, although the specific method used is determined by
the receiving object. The CORBA object model comprises of:
Objects: An encapsulated entity that provides services to a client.
Request: An action created by a client directed to a target object that includes information
on the operation to be performed and zero or more actual parameters.
Object creation and destruction: Based on the state of request, objects are created or
deleted.
Request Encapsulation
Object
Client Perform services
Exception values
Shipping Receiving
Department Department
Geographic information systems (GISs) provide the capability to view the topology of
a landscape, including features such as roads, sewers, electrical cables, and mineral
and soil content. GIS is a technology that has promised much and finally is beginning
to deliver. As with the expert systems technology, GISs are truly useful when they
integrate with the business process. From a technological perspective, GISs must
operate on standard technologies, integrate with the organization SDE, and directly
access the organizational databases.
Each line, curve, and symbol in a map is fixed in space by a series of numbers, called
the spatial data. Spatial data describes the precise positioning of map objects in three-
dimensional space.
Besides storing map objects such as street segments and wetland boundaries, GISs
enable designers to specify attributes the users want to associate with any map object.
Such attributes may be descriptive data, detailed measurements of any kind, dates,
legal verbiage, or other comments. When viewing a map on-screen, the user can click
Figure 10.5 illustrates the range of information sources that can be manipulated
digitally. To make efficient and effective use of this information, the means must exist
for rapid filing, retrieval, and sharing of this information among all persons. This is
the principle of making information available only to those with a "need and a right to
know."
Electronic mail can be delivered routinely in seconds anywhere in the United States.
Consumers can have direct access to suppliers. Goods can be ordered and paid for
electronically. A retired engineer in Northern California can teach algebra to
disadvantaged children in Compton, located in the southern part of the state. A parent
can deliver office work to an employer in downtown Los Angeles while he cares for
Electronic documents can be transmitted and received just like any other digital
information. The same networks and personal computers can send and receive. The
major stumbling blocks to widespread sharing of electronic documents have been the
incompatible formats in which various vendors store and distribute the digital image
and the lack of a central repository of indexes to the documents. These indexes should
describe the document content to enable users to select the correct folder and
document.
Most information used by business and government today is contained in formats that
are not manipulatable through traditional data-processing techniques. This is
consistent with the "need and a right to know," mentioned earlier. Los Angeles
County, for example, decided to overcome these problems through the definition of
standards that must be adhered to by all products acquired for county projects.
The major hardware and software technologies that have made this technology
production viable are Optical Character Recognition (OCR), ICR, optical storage,
powerful workstations, large D-RAM, software algorithms, and high-resolution
monitors. OCR and ICR technologies convert the paper documents to text files.
Companies such as Colera provide software to convert typewritten documents directly
into WordPerfect format. Recent improvements in these algorithms provide support
for most major fonts. Improvements in handwriting recognition promise to enable
users to enter data from handwritten documents as well. Colera provides a fax link
that enables documents to be entered by way of OCR as they are received from a fax.
Mitek provides high-speed ICR engines to be used with document workflow
applications. Embedded diagrams are maintained in image format.
• Thick Client: A client that offers extensive functionality, does the majority of data processing on its own, and depends on the
server only a little.
• Thin Client: An application server handles the majority of the necessary data processing for a thin-client server, which is a
lightweight computer that heavily relies on the resources of the host computer.
• Hybrid Client: A hybrid client combines the elements of a thin client and a thick client. It may do local processing but must rely on
the server to keep persistent data.
A device or computer program that serves as a hub for other components or programs is known as a server. A server is any computerized
system that a client may access or utilize to share resources and distribute tasks. Typical servers include the following:
• Application Server
• Computing Server
• Database Server
• Web server
Client-Server Model
The Client-server model is a distributed application structure that partitions task or workload between the providers of a resource or service,
called servers, and service requesters called clients. In the client-server architecture, when the client computer sends a request for data to the
server through the internet, the server accepts the requested process and deliver the data packets requested back to the client. Clients do not share
any of their resources. Examples of Client-Server Model are Email, World Wide Web, etc.
How the Client-Server Model works ?
In this article we are going to take a dive into the Client-Server model and have a look at how the Internet works via, web browsers. This article
will help us in having a solid foundation of the WEB and help in working with WEB technologies with ease.
• Client: When we talk the word Client, it mean to talk of a person or an organization using a particular service. Similarly in the digital world
a Client is a computer (Host) i.e. capable of receiving information or using a particular service from the service providers (Servers).
• Servers: Similarly, when we talk the word Servers, It mean a person or medium that serves something. Similarly in this digital world
a Server is a remote computer which provides information (data) or access to particular services.
So, its basically the Client requesting something and the Server serving it as long as its present in the database.