Presentation is loading. Please wait.

Presentation is loading. Please wait.

Architecture Track Session 2 Designing Enterprise Applications for Microsoft ® Windows ® Server 2003.

Similar presentations

Presentation on theme: "Architecture Track Session 2 Designing Enterprise Applications for Microsoft ® Windows ® Server 2003."— Presentation transcript:


2 Architecture Track Session 2 Designing Enterprise Applications for Microsoft ® Windows ® Server 2003

3 Audience Application architects, developers, and infrastructure professionals Responsible for designing, developing, and/or managing enterprise systems Building applications to take advantage of Windows Server 2003 Interested in Microsoft technical position on application architecture Interested in building applications for a service-oriented architecture (SOA)

4 Realistic Expectations Architecture is a complex domain with multiple perspectives and many viewpoints. This track strives to address a small subset. By no means is it comprehensive in its coverage. Technical resources are available for many of the areas not covered today. A detailed white paper accompanies this track. Event DVD MSDN ®.NET Architecture Center Microsoft patterns & practices Web site

5 Session Objectives Examine security from the standpoint of how it impacts the architecture of an application. Review the impact of advanced Microsoft ®.NET caching capabilities. Discuss reliability and scalability. Review data access methodologies. Discuss planning for transaction management.

6 Session Agenda ServicesSecurity State and transaction management Availability and scalability

7 Building Services: Design Considerations Partitioning and establishing boundaries Trust / security Transactions and state Availability and scalability Credit authorization Orders Supplier

8 Security Establishing and enforcing trust boundaries Key areas AuthenticationAuthorization Secure communications

9 Security Trustworthy design Authentication Custom or platform? Authorization Common infrastructure and management Operations coupling Secure communication Intra-applicationInter-serviceAuditing Preserving identity Profile management Federation, scalability Kerberos Certificates SSL WS-Security Presentation Business Data Profile management Auditing Secure communication Authentication Authorization Security Operation management Communication AD Other

10 Designing for Security UI components UI process components Data access components Business workflows Business components Users Business entities Service agents Service interfaces Datasources Services Trust boundaries enforced by authentication Using caller impersonation or service accounts at boundaries for outgoing calls Trust boundaries enforced by authentication Secure communication between services and within application Authorizing actions at the right granularity

11 Security Authentication Where will authentication occur? Microsoft Internet Information Server (IIS) for intranet applications Forms-based authentication within Microsoft ® ASP.NET Microsoft ®.NET Passport authentication ASP. NET IIS Forms authentication Anonymous authentication Microsoft ® SQL Server ™ authentication

12 Security Authorization Role-based ASP.NET Compatible with both forms and.NET Passport Generic and Windows objects available Customizable with IPrincipal and IIdentity ASP. NET IIS File authorization URL authorization.NET roles (authorization) NTFS permissions (authorization) User-defined role (authorization)

13 Security Database Authorization Role-based ASP.NET SQL Server user-defined database roles SQL Server application roles Role 1 Role 2 Web or Application Server Database Server Trusted Identity 1 Trusted Identity 2 Identity 1 has read permissions Identity 2 has read / write permissions Role Mapping Trust Boundary ABCDEABCDEABCDEABCDE

14 Security Two-tier Scenario SSL used for secure WAN Firewall + IPSec used for LAN ASP. NET IIS Forms authentication Anonymous authentication SQL Server authentication File authorization URL authorization.NET roles (authorization) NTFS permissions (authorization) User-defined role (authorization) SSL (privacy / integrity) IPSec (privacy / integrity) ASP.NET (process identity)

15 Security Internet Security Solutions Baseline Internet Architecture.NET forms-based authentication IPrincipal role-based authorization SSL and IPSec Two-tiered model has limited database authentication options.

16 Security Application Server Security More robust, adaptable, scalable Tiers are loosely coupled via SOAP and other Internet protocols. Additional security available: Microsoft ® Active Directory ® - based authentication and roles, and AuthzMan. Additional scalability via physical tier.

17 IIS Security with Application Server Deployment with Three Tiers ASP. NET Forms authentication Anonymous authentication URL authorization (authorization) NTFS permissions (authorization) SSL (privacy / integrity) IPSec (privacy / integrity) ASP.NET (process identity) IIS ASP.NET (Web services façade) Windows (authentication) Integrated Windows (authentication) require SSL (privacy / integrity) Web server Enterprise Services server application dllhost.exe Application server Database server IPSec (privacy / integrity) ES process identity User-defined database roles (authentication) Windows (authentication) RPC packet privacy (Authentication)

18 Summary Recommendations: Security Make use of the guidance available in “Building Secure ASP.NET Applications”. Make use of Service Accounts when user identity isn’t needed for database access. Make use of enhanced security and Active Directory within the business layer. Use the Authorization Manager for advanced authorization features. Best practices available: “Building Secure ASP.NET Applications” http://

19 Session Agenda ServicesSecurity State and transaction management Availability and scalability

20 Challenges in Service- Oriented Architecture (SOA) Services encapsulate all state management. Talk via messages over unreliable protocols. Challenges: Maintaining conversation state Managing transactions Managing concurrent access to data Caching of data for performance, scalability, and availability

21 UI components UI process components Data access components Business workflows Business componentsUsers Business entities Service agents Service interfaces DataSources Services Communication Operational management Security State and Transactions Caching for ASP.NET pages and Web services Caching across all tiers Session state management Web user state management State for conversations between services

22 Message-based Communications Messages are business documents exchanged to execute a business process. Services may expect other services to remember conversations. Example: purchase customer ID A message-based conversation requires state to be kept and re- hydrated as needed for business operations. Just like a conversation between people

23 Conversation State Isolate conversation state management in business workflows. Not in business database or service interface Microsoft ® BizTalk ® Server schedules Keep business components stateless. Finer business activities Assume messages can be lost or can arrive twice. Unless you have a transactional S & F protocol SOAP in MSMQ 3.0 over HTTP WS-Reliability long-term vision

24 Transaction Management Services are boundary around state. Services interoperate through business transactions. Business transaction <> commit/rollback Not ACID! Business transactions are better suited for message- based systems. Cancel order Order confirmed Order cancelled—cancellation fee Cancel delivery (“Compensation” messages and business logic) Committed Rollback ACID transaction boundary Business conversation boundary

25 Transaction Model Business workflows implement business processes. Finer-grained business components initiate and manage atomic transactions. Transactional resource managers participate in atomic transactions. Atomic transaction You should assume other services are not part of ACID transaction (unless using MSMQ). Rollbacks handled with compensations. Workflow Biz comp DAL Service agent DTC

26 Transaction Management Using ACID Transactions Only use a transaction when needed. Not every update requires the cost of a transaction. Reads for user interfaces don’t need transactions. Data exchange outside of transaction boundary is disconnected and potentially stale. Need to consider the type of concurrency. Optimistic—disconnected environment Pessimistic—connected environment

27 Atomic Transaction Management Selecting the Atomic Transaction Model Needtransaction? Operating with multiple resource managers? Using stored procedures? Need two stage commit? Use ADO.NET transactions Push transaction to the database Use Enterprise Services Do not implement transactions No Yes Yes Yes Yes No No No

28 Optimistic Locking Dealing with Disconnected Concurrent Data Access Consistency vs. concurrency vs. scalability Efficient for disconnected environments Assume data is potentially stale Time (time-out or time stamps) Comparing the data or certain parts Example: submitting an order with old catalog prices Need to resolve conflicts Comparing which fields changed Automatic or manual Example: updating customer records

29 Summary Recommendations: Transaction Management Guidance on transactions available “How to Code ADO.NET Manual Transactions” in the.NET Data Access Architecture Guide “Designing Data Tier Components and Passing Data Through Tiers”

30 Caching Roles of Caches in Service-Oriented Architectures Why cache? Performance? Scalability? Availability? Where to cache? ASP.NET cache—page and fragment SQL Server—persistent caches MMF—sharing across processes in memory Memory-static hash tables—within an application domain What to cache? Non-transactional, reference data Infrequently changing data Applicable to as many users as possible

31 Caching Presentation Tier and Service Interfaces ASP.NET Output page caching Very fast, but no user customization. Think of as formatted business data. Page fragment caching Allows overall customization of page. Not as fast, but excellent for heavily formatted data. Windows Forms Reduce round trips to Web services

32 Caching Data Access Components Three main scenarios Application domain-wide cache Cache in static variables (such as ASP.NET) Machine-wide cache Cache in memory-mapped files Interop issues Data center-wide cache SQL Server

33 Session State Management Facility to handle transient state between Web request on the server ASP.NET Allows three locations In-memory: single box Session service: in-memory for Web farm SQL Server: persistent for Web farm

34 Session Agenda ServicesSecurity State and transaction management Availability and scalability

35 High Availability The Problem Domain Design Considerations No single point of failure Load balancing Load balancing Clustering Clustering Service-oriented architecture and message-based communications Isolate failures Isolate failures Time to recover System that recovers automatically may appear to have greater availability Queuing and caching Improves availability Improves availability Improves perceived performance Improves perceived performance Improves perceived availability Improves perceived availability Data partitioning Required to resolve database scaling

36 High Availability Principle: plan for failures Application State management Resiliency—fast recovery Infrastructure No single point of failure Both servers and network elements Microsoft Systems Architecture Data Replication, log shipping, partitioning

37 High Availability Network Load Balancing For cloned, “stateless” services such as ASP.NET, Enterprise Services (COM+) Scale out the application server farm Built-in support for NLB in.NET Server Manages sharing the load. Supports cluster, node, and port management. May be layered with presentation and business services balanced separately. Management simplified with Application Center

38 High Availability Clustering For services that require storage Automatic failover management Provides for resilience and reliability Scalability: up and partitioning Not just for database servers Anything that maintains persistent state Exchange servers BizTalk servers MSMQ

39 High Availability Software Solutions Availability and scalability are achieved by composing infrastructure and application. Message Queuing and asynchronous operations Move bulk of work away from client. Back-end elements may be offline without impacting client’s view of application. Data partitioning Not recommended, but available when a database needs greater scalability.

40 Summary Recommendations: High Availability Load balancing and clustering both impact reliability and availability. Increase scalability by designing software that optimizes resource use. Highly available systems are the result of People – Process – Technology. The people who build an application, the technology used to implement it, and the process of creating a highly available system. Microsoft Systems Architecture

41 Session Summary Microsoft Windows Server 2003 + Microsoft Visual ® Studio ®.NET 2003 + practices = a complete application platform Security, management, and communications Performance, availability, and scalability Robust development platform for many app scenarios Resources for architects: Guidance and best practices:

42 Important Web Resources Microsoft patterns & practices MSDN.NET Architecture Center Microsoft Visual Studio.NET 2003 Microsoft Windows Server 2003

43 © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Microsoft, Visual Studio, the Visual Studio logo, Windows, the Windows logo, BizTalk, Active Directory, SQL Server, and MSDN are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "Architecture Track Session 2 Designing Enterprise Applications for Microsoft ® Windows ® Server 2003."

Similar presentations

Ads by Google