10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.

Slides:



Advertisements
Similar presentations
30-31 Jan 2003J G Jensen, RAL/WP5 Storage Elephant Grid Access to Mass Storage.
Advertisements

Security middleware Andrew McNab University of Manchester.
29 June 2006 GridSite Andrew McNabwww.gridsite.org GridSite Storage Andrew McNab University of Manchester.
The GridSite Toolbar Shiv Kaushal The University of Manchester All Hands Meeting 2006.
Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
A Presentation Management System for Collaborative Meetings Krzysztof Wrona (ZEUS) DESY Hamburg 24 March, 2003 ZEUS Electronic Meeting Management System.
GridFTP: File Transfer Protocol in Grid Computing Networks
The GridSite Security Framework Andrew McNab University of Manchester.
20 March 2007 VOMS etc Andrew McNabwww.gridsite.org VOMS etc Andrew McNab University of Manchester.
HTTP By: Becky Fultz, Joe Flager, Katie Huston, Tom Packard, Allison Wilsey.
Hypertext Transfer Protocol Kyle Roth Mark Hoover.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.
Hypertext Transport Protocol CS Dick Steflik.
 What is it ? What is it ?  URI,URN,URL URI,URN,URL  HTTP – methods HTTP – methods  HTTP Request Packets HTTP Request Packets  HTTP Request Headers.
Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
Course 201 – Administration, Content Inspection and SSL VPN
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Human-Computer Interface Course 5. ISPs and Internet connection.
1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.
Andrew McNab - GACL - 16 Dec 2003 Grid Access Control Language Andrew McNab, University of Manchester
Databases and the Internet. Lecture Objectives Databases and the Internet Characteristics and Benefits of Internet Server-Side vs. Client-Side Special.
3 May 2006 GridSite Andrew McNabwww.gridsite.org Web Services for Grids in Scripts and C using GridSite Andrew McNab University of.
BY SAGAR SINHA SAPTARSHI BAKSHI SARTHAK JAIN SHAILZA CHAUDHARY
Andrew McNab - Manchester HEP - 29 January 2002 SlashGrid (“/grid”) Motivation: dynamic-accounts issues Local storage: implementation alternatives Generalisation:
Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
Web application architecture
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Data Management Kelly Clynes Caitlin Minteer. Agenda Globus Toolkit Basic Data Management Systems Overview of Data Management Data Movement Grid FTP Reliable.
Andrew McNab - GridPP Security - 24 Feb 2003 GridPP Security Middleware Andrew McNab, University of Manchester
Andrew McNab - SlashGrid, HTTPS, fileGridSite SlashGrid, HTTPS and fileGridSite 30 October 2002 Andrew McNab, University of Manchester
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Andrew McNab - GridSite/G-HTTPS - 17 Feb 2003 GridSite and G-HTTPS update Andrew McNab, University of Manchester
Grid Security work in 2006 Andrew McNab Grid Security Research Fellow University of Manchester.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
20-753: Fundamentals of Web Programming Copyright © 1999, Carnegie Mellon. All Rights Reserved. 1 Lecture 7: HTTP and CGI Fundamentals of Web Programming.
The GridSite Security System Andrew McNab and Shiv Kaushal University of Manchester.
Network Security Essentials Chapter 5
Andrew McNabETF Firewall Meeting, NeSC, 5 Nov 2002Slide 1 Firewall issues for Globus 2 and EDG Andrew McNab High Energy Physics University of Manchester.
Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.
Proxy Servers.
Grid Security in a production environment: 4 years of running Andrew McNab University of Manchester.
Andrew McNab - Grid HTTP/HTTPS extensions Grid HTTP/HTTPS extensions 18 November 2002 Andrew McNab, University of Manchester
GridSite Web Servers for bulk file transfers & storage Andrew McNab Grid Security Research Fellow University of Manchester, UK.
CEOS Working Group on Information Systems and Services - 1 Data Services Task Team Discussions on GRID and GRIDftp Stuart Doescher, USGS WGISS-15 May 2003.
2007cs Servers on the Web. The World-Wide Web 2007 cs CSS JS HTML Server Browser JS CSS HTML Transfer of resources using HTTP.
1 WWW. 2 World Wide Web Major application protocol used on the Internet Simple interface Two concepts –Point –Click.
Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.
Owen Synge and Shaun De Witt HTTP as a better file transfer protocol default for SRM Slide 1 HTTP as a better file transfer protocol default for SRM By.
Security Middleware 3 June 2004 Security Middleware Current Status – GridSite deployments – Architecture GridPP2 – Web services.
Web Server Administration Chapter 6 Configuring a Web Server.
Web Server Apache PHP HTTP Request User types URL into browser Address resolved if nec. We use directly Most browsers request.
Security Middleware Andrew McNab University of Manchester.
Andrew McNab - HTTP/HTTPS extensions HTTP/HTTPS as Grid data transport 6 March 2003 Andrew McNab, University of Manchester
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.
Web Server Administration Chapter 6 Configuring a Web Server.
Andrew McNabSlashGrid/GFS BOF, GGF9, 7 Oct 2003Slide 1 SlashGrid = “/grid” Andrew McNab High Energy Physics University of Manchester
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Standard Protocols in DPM Ricardo Rocha.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
How HTTP Works Made by Manish Kushwaha.
Third Party Transfers & Attribute URI ideas
Web Development Web Servers.
Hypertext Transport Protocol
Information Retrieval and Web Design
Presentation transcript:

10 May 2007 HTTP User data via HTTP(S) Andrew McNab University of Manchester

10 May 2007 HTTP Outline Protocol structure Advantages “Missing” features Performance APIs SlashGrid Summary

10 May 2007 HTTP Protocol structure HTTP uses a single control and data channel – cf separate control channel in (Grid)FTP Multiple requests can be sent down the same TCP connection – Each request starts with a block of headers, giving request URI, cookies etc. – No need to rebuild TCP connection: more requests are cheap – RFCs define many headers: partial fetches, redirections etc. HTTPS puts HTTP inside an encrypted SSL/TLS stream – SSL session reuse avoids need to rebuild SSL context even if TCP connection is closed

10 May 2007 HTTP Advantages Simple protocol, with independent TCP connections – No special effort needed for firewalls Clients exist in almost all languages / environments Very good quality implementations due to the Web – eg Apache with a huge developer community Integrates seamlessly into Web portals – eg poster 58, with HTTPS added to DPM Reuses users' “common knowledge” about the Web

10 May 2007 HTTP What's missing? GSI Proxies? – Clients can use GSI proxies without modification. – GridSite adds GSI proxy support to Apache webserver. Third-party transfers? – COPY is defined in WebDAV RFC – Implemented by GridSite using cookies (“onetime passcodes”) ‏ Multichannel / parallel tranfers? – Make parallel partial requests for blocks of a file – Apache supports these partial requests out of the box

10 May 2007 HTTP “GridHTTP” A profile for using HTTP in a Grid environment – Doesn't define any new headers etc. Clients use GSI Proxies over HTTPS to authenticate Can request an HTTP data transfer, using “Upgrade” header. – Server may redirect to an HTTP version of the file – Includes a onetime passcode HTTP cookie in the response Client makes an HTTP GET request using the passcode cookie – Naïve clients like curl respond this way automatically! For third party transfers, instead of GET, client issues COPY to destination site with passcode, so it can pull the file instead.

10 May 2007 HTTP Firewalls Some sites block outgoing port 80 (HTTP) and port 433 (HTTPS) ‏ – Risk of denial of service attacks on mainstream Web sites? Some sites also use transparent HTTP caches on port 80 to reduce interactive web traffic – This is decreasing due to “Web 2.0” and uncacheable pages To sidestep this, we advocate using two unused, reserved ports: – Port 488 (“gss-http”) for HTTPS – Port 777 (“multiling-http”) for HTTP Apache virtual hosts can readily listen on multiple ports: –

10 May 2007 HTTP Performance (1) ‏ Mean of 5 * 100MB from Manchester to 21 EGEE sites mean GridHTTP time / mean GridFTP time vs mean GridHTTP time 960s is ncp.edu.pk 9s is man.ac.uk

10 May 2007 HTTP Performance (2) ‏ Mean of 5 * 100MB from Manchester to 17 EGEE sites mean GridHTTP time / mean HTTPS time vs mean GridHTTP time 500s is indiacms.res.in 10s is man.ac.uk

10 May 2007 HTTP APIs Languages / environments a big issue for new applications – ie not everyone uses C++ ! Many environments have “native” HTTP(S) support – eg libxml, ROOT, PHP, Java, Gnome (Virtually) all languages have HTTP(S) libraries – eg curl supports everything from Ada to wxWidgets Command-line (wget, curl,...) and file browser tools for (virtually) all operating systems Since GridHTTP uses standard HTTP concepts like cookies, standard client libraries work without modification.

10 May 2007 HTTP SlashGrid This is the simplest API: a POSIX-like filesystem  open(), read(), write(), mkdir(), ftruncate(), unlink(), stat(), readdir(), rename() ‏ Now part of GridSite – Uses FUSE kernel module on Linux, which is included in SL 4.4 and available for all 2.4.x/2.6.x kernels HTTP(S) to retrieve remote files, with GSI proxy if available URLs mapped to local paths: – /grid/https/node42.site.name/dir/file.dat

10 May 2007 HTTP Summary HTTP(S) viable protocols for bulk data transfer Considerable advantages in terms of ubiquity of client tools and quality of servers “Missing” features provided using headers etc defined by the RFCs – In particular, “GridHTTP” profile A wide variety of APIs available for ~all langauges SlashGrid is a POSIX-like filesystem HTTP(S) client – That uses GSI proxies if available

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.