Web Server Technology
- 1st Edition - March 1, 1996
- Authors: Nancy J. Yeager, Robert E. McGrath
- Language: English
- Paperback ISBN:9 7 8 - 1 - 5 5 8 6 0 - 3 7 6 - 9
- eBook ISBN:9 7 8 - 0 - 0 8 - 0 5 2 0 9 3 - 3
The success of the web depends not only on the creation of stimulating and valuable information, but also on the speed, efficiency and convenient delivery of this information to th… Read more
Purchase options
The success of the web depends not only on the creation of stimulating and valuable information, but also on the speed, efficiency and convenient delivery of this information to the Web consumer. This authoritative presentation of web server technology takes you beyond the basics to provide the underlying principles and technical details of how WWW servers really work. It explains current technology and suggests enhanced and expanded methods for disseminating information via the Web.
* Covers measurement of WWW component performance--the networks, server hardware, and operating systems--and suggests alternative Web server software designs for improving performance.
* Explains the costs and benefits of mirroring and caching Web documents.
* Surveys the web's current search tools and uses the library system as a model layout to illustrate indexing, searching, and retrieval techniques.
* Assesses web security hazards and presents mechanisms for combating these vulnerabilities, including an in-depth discussion of firewalls.
* Analyzes the risks and explains the technologies used in a variety of services available for making monetary transactions online.
* Explains the costs and benefits of mirroring and caching Web documents.
* Surveys the web's current search tools and uses the library system as a model layout to illustrate indexing, searching, and retrieval techniques.
* Assesses web security hazards and presents mechanisms for combating these vulnerabilities, including an in-depth discussion of firewalls.
* Analyzes the risks and explains the technologies used in a variety of services available for making monetary transactions online.
Web Server Technology
The Advanced Guide for World Wide Web Information Providers
Nancy J. Yeager, Robert E. McGrath
Preface
Chapter 1 Introduction
1.1 A Brief Plan of the Book
1.2 An Overview of The World Wide Web
1.3 The Documents
1.3.1 Digital Media
1.3.2 MIME Types
1.3.3. Hypertext
1.4 The Internet
1.5 The Web Server and Web Client Software
1.5.1 A Brief Survey of Web Server Software
Chapter 2 Web Server Technology
2.1 Overview
2.1.1 Web Server Components
2.1.2 The Hypertext Transfer Protocol (HTTP)
2.1.3 What a Web Server Does Not Know
2.2 The Information: Documents and the Document Tree
2.2.1 The Information to Be Served: The Web Documents
2.2.2 Organization of the Document Tree
2.3 The Hypertext Transfer Protocol (HTTP)
2.3.1 The Request (Client to Server)
2.3.2 The Response (Server to Client)
2.4 How It Works
2.4.1 Handling More than One Request at a Time
Close-up Serving a Web Document: A Step-by-Step Example
2.4.2 More Than One Web Service on the Same Server
2.4.3 A Two-Way Network Connection
2.4.4 Finding and Accessing Files
2.4.5 Inline Images
2.5 Access Control
2.6 Access to Other Protocols: FTP, Gopher, and WAIS
2.7 Non-UNIX Servers
2.8 Future Improvements to the HTTP Protocol and Web Servers
2.8.1 Addressing the Problems with HTTP
2.8.2 A New HTTP?
2.8.3 Publishing and Managing the Information
Chapter 3 Web Scripts, Gateways, and Forms
3.1 Overview
3.2 What is a Script?
3.2.1 What Files are Executable Scripts?
3.2.2 Making the Script Run: The Common Gateway Interface (CGI)
3.2.3 A User's View of a Script
3.2.4 A Web Server's View of Scripts
Close-up A Simple Example of a Script
3.2.5 Costs of Using Scripts
3.2.6 Using Perl and Shell Scripts
3.2.7 When Problem Occur
3.3 Scripts and Forms
3.3.1 How It Works: An Example of How Scripts and Forms Work Together
3.3.2 The HTML Form
3.3.3 How Arguments are Passed to Web Scripts
3.3.4 Executing the Request
3.3.5 Converting Input and Output
3.3.6 Costs of Using Forms and Gateways
3.3.7 Using a C Program Instead of a Shell Script
3.3.8 Calling the Server Twice
3.4 Dynamic Documents and Other Interactive Features
3.4.1 Imagemaps
3.4.2 Server-Side Includes
3.4.3. Netscape Push-Pull Documents
3.4.4 Annotations
3.4.5 Other Interactive Features
3.5 Security Concerns for Scripts and Forms
3.5.1 Parsing and Checking User Input
3.5.2 Programs Have Only the Power Required
3.5.3 Run-time and Dynamically Generated Programs
More about How Scripts and Forms Work Together
Phase 1: Get the Form from the Server
Phase 2: Intermezzo - the User Fills in the Form (At the Client)
Phase 3: The Filled-in Form is Sent to the Web Server, and the Search is Performed
Chapter 4 Architecture, Configuration, and Performance of Web Servers
4.1 Measuring the Performance of Web Servers
4.1.1 What to Measure
4.1.2 How to Measure a Web Server
4.1.3 In the Field: Measuring and Operational Web Server
4.1.4 In the Laboratory: Controlled Experiments
4.1.5 Software Instrumentation
4.2 Performance of the Web: Browsers and Networks
4.2.1 The Browser and the Client System
4.2.2 The Network
4.2.3 Network Protocols and the Web
4.3 Performance of Web Servers
4.3.1 Overview
4.3.2 Alternative Web Serve Architectures
4.4 Conclusion
More about the Experiments Reported in This Chapter
The Overall Setup
The Web Pinger
The Configuration of the Web Servers
The Data Collected
The Requests Used
Scripts
Instrumented Web Servers
Caveats
More about the Performance Results
More about a TCP Session
More about Passing Network Connections from Dispatcher to Helper
Chapter 5 Web Document Distribution and Caching
5.1 Organization of the Document Tree
5.2 Location-Independent Names
5.3 Caching Web Information
5.3.1 How Web Caching Works
5.3.2 The Effectiveness of Caching
5.3.3 Theory and Principles: the Costs
5.3.4 Practice: How Well Does it Work in Real Life?
5.3.6 Hierarchical Caching
5.3.7 Unresolved Problems for Web Caching
5.4 Conclusion
Chapter 6 Searching for Information on the Web
6.1 A Conventional Library
6.2 Library Services for the Web
6.3 Acquisitions
6.4 Cataloging and Creating an Index
6.5 The Web and Indexing
6.6 Searching an Index
6.7 Indexing and Searching with WAIS
6.7.1 The WAIS Indexer
6.7.2 The WAIS Search and Retrieval Functions
6.7.3 WAIS and the Web
6.8 Searching Traditional Databases on the Web
6.8.1 Forms, Databases, and Retrieval
6.8.2 Using Databases as Indexes to a Document Collection
6.8.3 Using Databases as Document Repositories
6.8.4 Gateways, Databases, and State
6.9 Searching a Set of Indexes
6.9.1 Achieving Transparency
6.9.2. Fast Access and Distributed Indexes
6.10 Conclusions
More about Using WAIS with Web Servers
Step 1: Create an Index
Step 2: Setting up the WAIS Server
Step 3: Searching the Index
Step 4: WAIS Retrieval
More about WAIS Gateways
Chapter 7 Secure Web Services
7.1 A Framework for Web Security
7.1.1 Step 1: Defining Assets
7.1.2 Step 2: Defining Risks
7.1.3 Step 3: Establishing a Security Policy for the Web Service
7.1.4 Step 4: Choosing the Right Security Mechanisms
7.1.5 How the Web Service Can Fail
7.2 Threats, Risks, and Security-Enhancing Mechanisms for Web Service Providers
7.2.1 Threats to Internet Hosts
7.2.2 Mechanisms for Securing an Internet Host
Close-up Internet Security
7.2.3 Web Server Software Vulnerabilities
7.2.4 Configurating the Web Server for Minimal Access
7.2.5 Authentication and Access Control Mechanisms
7.3 Threats, Risks, and Security-Enhancing Mechanisms for the Consumer of Services
7.3.1 Information Leakage
7.3.2 Content Negotiation
7.3.3 Executing Powerful Viewers
7.4 Firewalls and the Web
7.4.1 Accessing the Web through a Packet Filtering Router
7.4.2 Accessing the Web through a Circuit Gateway
7.4.3 Accessing the Web through an Application Gateway
7.5. Conclusion
More about Firewall Technology
Packet Filtering Routers
Circuit Gateways
Application Gateways
Chapter 8 Digital Commerce: Risks, Requirements, and Technologies
8.1 A Familiar Model for Commercial Transactions: Credit Cards
8.2 Identifying Yourself
8.2.1 Biometrics
8.3 The Web, Security, and the Internet
8.4 Interim Digital Commerce Services for the Web
8.5 Requirements for Digital Commerce
8.6 Technology to Meet These Requirements
8.6.1 Cryptography
8.6.2 Private Key Cryptography
8.6.3 Public Key Cryptography
8.6.4 Hashing Algorithms
8.6.5 Digital Signatures
8.6.6 Certificates, Certificate Authorization, and the Web
8.7 Integrating Cryptographic Algorithms and the Web
8.7.1 Selecting a Cryptographic Algorithm
8.7.2 Key Generation and Destruction
8.7.3 Key Storage and Use by the Application
8.7.4 Key Distribution across an Insecure Public Network
8.7.5 A Common Key Distribution Scheme
8.8 Operational Considerations for Digital Commerce Systems
8.8.1 Low-Tech Threats
8.8.2 Denial of Service
8.8.3 False Service Provider
8.9 Selecting a Secure Web Service
8.10 Secure HTTP (S-HTTP)
8.10.1 Creating the Secure Document
8.10.2 Completing the Secure Transaction
8.11 The Secure Socket Layer
8.12 Which is Better?
8.13 Electronic Payment Protocols and the Web
8.14 Private Anonymous Transactions and Digital Cash
8.15 Conclusion
References
Index
The Advanced Guide for World Wide Web Information Providers
Nancy J. Yeager, Robert E. McGrath
Preface
Chapter 1 Introduction
1.1 A Brief Plan of the Book
1.2 An Overview of The World Wide Web
1.3 The Documents
1.3.1 Digital Media
1.3.2 MIME Types
1.3.3. Hypertext
1.4 The Internet
1.5 The Web Server and Web Client Software
1.5.1 A Brief Survey of Web Server Software
Chapter 2 Web Server Technology
2.1 Overview
2.1.1 Web Server Components
2.1.2 The Hypertext Transfer Protocol (HTTP)
2.1.3 What a Web Server Does Not Know
2.2 The Information: Documents and the Document Tree
2.2.1 The Information to Be Served: The Web Documents
2.2.2 Organization of the Document Tree
2.3 The Hypertext Transfer Protocol (HTTP)
2.3.1 The Request (Client to Server)
2.3.2 The Response (Server to Client)
2.4 How It Works
2.4.1 Handling More than One Request at a Time
Close-up Serving a Web Document: A Step-by-Step Example
2.4.2 More Than One Web Service on the Same Server
2.4.3 A Two-Way Network Connection
2.4.4 Finding and Accessing Files
2.4.5 Inline Images
2.5 Access Control
2.6 Access to Other Protocols: FTP, Gopher, and WAIS
2.7 Non-UNIX Servers
2.8 Future Improvements to the HTTP Protocol and Web Servers
2.8.1 Addressing the Problems with HTTP
2.8.2 A New HTTP?
2.8.3 Publishing and Managing the Information
Chapter 3 Web Scripts, Gateways, and Forms
3.1 Overview
3.2 What is a Script?
3.2.1 What Files are Executable Scripts?
3.2.2 Making the Script Run: The Common Gateway Interface (CGI)
3.2.3 A User's View of a Script
3.2.4 A Web Server's View of Scripts
Close-up A Simple Example of a Script
3.2.5 Costs of Using Scripts
3.2.6 Using Perl and Shell Scripts
3.2.7 When Problem Occur
3.3 Scripts and Forms
3.3.1 How It Works: An Example of How Scripts and Forms Work Together
3.3.2 The HTML Form
3.3.3 How Arguments are Passed to Web Scripts
3.3.4 Executing the Request
3.3.5 Converting Input and Output
3.3.6 Costs of Using Forms and Gateways
3.3.7 Using a C Program Instead of a Shell Script
3.3.8 Calling the Server Twice
3.4 Dynamic Documents and Other Interactive Features
3.4.1 Imagemaps
3.4.2 Server-Side Includes
3.4.3. Netscape Push-Pull Documents
3.4.4 Annotations
3.4.5 Other Interactive Features
3.5 Security Concerns for Scripts and Forms
3.5.1 Parsing and Checking User Input
3.5.2 Programs Have Only the Power Required
3.5.3 Run-time and Dynamically Generated Programs
More about How Scripts and Forms Work Together
Phase 1: Get the Form from the Server
Phase 2: Intermezzo - the User Fills in the Form (At the Client)
Phase 3: The Filled-in Form is Sent to the Web Server, and the Search is Performed
Chapter 4 Architecture, Configuration, and Performance of Web Servers
4.1 Measuring the Performance of Web Servers
4.1.1 What to Measure
4.1.2 How to Measure a Web Server
4.1.3 In the Field: Measuring and Operational Web Server
4.1.4 In the Laboratory: Controlled Experiments
4.1.5 Software Instrumentation
4.2 Performance of the Web: Browsers and Networks
4.2.1 The Browser and the Client System
4.2.2 The Network
4.2.3 Network Protocols and the Web
4.3 Performance of Web Servers
4.3.1 Overview
4.3.2 Alternative Web Serve Architectures
4.4 Conclusion
More about the Experiments Reported in This Chapter
The Overall Setup
The Web Pinger
The Configuration of the Web Servers
The Data Collected
The Requests Used
Scripts
Instrumented Web Servers
Caveats
More about the Performance Results
More about a TCP Session
More about Passing Network Connections from Dispatcher to Helper
Chapter 5 Web Document Distribution and Caching
5.1 Organization of the Document Tree
5.2 Location-Independent Names
5.3 Caching Web Information
5.3.1 How Web Caching Works
5.3.2 The Effectiveness of Caching
5.3.3 Theory and Principles: the Costs
5.3.4 Practice: How Well Does it Work in Real Life?
5.3.6 Hierarchical Caching
5.3.7 Unresolved Problems for Web Caching
5.4 Conclusion
Chapter 6 Searching for Information on the Web
6.1 A Conventional Library
6.2 Library Services for the Web
6.3 Acquisitions
6.4 Cataloging and Creating an Index
6.5 The Web and Indexing
6.6 Searching an Index
6.7 Indexing and Searching with WAIS
6.7.1 The WAIS Indexer
6.7.2 The WAIS Search and Retrieval Functions
6.7.3 WAIS and the Web
6.8 Searching Traditional Databases on the Web
6.8.1 Forms, Databases, and Retrieval
6.8.2 Using Databases as Indexes to a Document Collection
6.8.3 Using Databases as Document Repositories
6.8.4 Gateways, Databases, and State
6.9 Searching a Set of Indexes
6.9.1 Achieving Transparency
6.9.2. Fast Access and Distributed Indexes
6.10 Conclusions
More about Using WAIS with Web Servers
Step 1: Create an Index
Step 2: Setting up the WAIS Server
Step 3: Searching the Index
Step 4: WAIS Retrieval
More about WAIS Gateways
Chapter 7 Secure Web Services
7.1 A Framework for Web Security
7.1.1 Step 1: Defining Assets
7.1.2 Step 2: Defining Risks
7.1.3 Step 3: Establishing a Security Policy for the Web Service
7.1.4 Step 4: Choosing the Right Security Mechanisms
7.1.5 How the Web Service Can Fail
7.2 Threats, Risks, and Security-Enhancing Mechanisms for Web Service Providers
7.2.1 Threats to Internet Hosts
7.2.2 Mechanisms for Securing an Internet Host
Close-up Internet Security
7.2.3 Web Server Software Vulnerabilities
7.2.4 Configurating the Web Server for Minimal Access
7.2.5 Authentication and Access Control Mechanisms
7.3 Threats, Risks, and Security-Enhancing Mechanisms for the Consumer of Services
7.3.1 Information Leakage
7.3.2 Content Negotiation
7.3.3 Executing Powerful Viewers
7.4 Firewalls and the Web
7.4.1 Accessing the Web through a Packet Filtering Router
7.4.2 Accessing the Web through a Circuit Gateway
7.4.3 Accessing the Web through an Application Gateway
7.5. Conclusion
More about Firewall Technology
Packet Filtering Routers
Circuit Gateways
Application Gateways
Chapter 8 Digital Commerce: Risks, Requirements, and Technologies
8.1 A Familiar Model for Commercial Transactions: Credit Cards
8.2 Identifying Yourself
8.2.1 Biometrics
8.3 The Web, Security, and the Internet
8.4 Interim Digital Commerce Services for the Web
8.5 Requirements for Digital Commerce
8.6 Technology to Meet These Requirements
8.6.1 Cryptography
8.6.2 Private Key Cryptography
8.6.3 Public Key Cryptography
8.6.4 Hashing Algorithms
8.6.5 Digital Signatures
8.6.6 Certificates, Certificate Authorization, and the Web
8.7 Integrating Cryptographic Algorithms and the Web
8.7.1 Selecting a Cryptographic Algorithm
8.7.2 Key Generation and Destruction
8.7.3 Key Storage and Use by the Application
8.7.4 Key Distribution across an Insecure Public Network
8.7.5 A Common Key Distribution Scheme
8.8 Operational Considerations for Digital Commerce Systems
8.8.1 Low-Tech Threats
8.8.2 Denial of Service
8.8.3 False Service Provider
8.9 Selecting a Secure Web Service
8.10 Secure HTTP (S-HTTP)
8.10.1 Creating the Secure Document
8.10.2 Completing the Secure Transaction
8.11 The Secure Socket Layer
8.12 Which is Better?
8.13 Electronic Payment Protocols and the Web
8.14 Private Anonymous Transactions and Digital Cash
8.15 Conclusion
References
Index
- Edition: 1
- Published: March 1, 1996
- Language: English