1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

(4.4) Internet Protocols Layered approach to Internet Software 1.

Internet Networking Spring 2006 Tutorial 12 Web Caching Protocols ICP, CARP.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Hypertext Transfer Protocol Kyle Roth Mark Hoover.

Chapter 6: Distributed Applications Business Data Communications, 5e.

Chapter 29 Structure of Computer Names Domain Names Within an Organization The DNS Client-Server Model The DNS Server Hierarchy Resolving a Name Optimization.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #13 Web Caching Protocols ICP, CARP.

1 Web Proxies Dr. Rocky K. C. Chang 6 November 2005.

Circuit & Application Level Gateways CS-431 Dick Steflik.

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.

Web Cache. Introduction what is web cache?  Introducing proxy servers at certain points in the network that serve in caching Web documents for faster.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Enabling Secure Internet Access with ISA Server.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Intranet, Extranet, Firewall. Intranet and Extranet.

Communications and Networks Lecture 5 Instructor: Rina Zviel-Girshin.

Chapter 7: Internet-Based Applications Business Data Communications, 6e.

思科网络技术学院理事会. 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

1 Computer Communication & Networks Lecture 28 Application Layer: HTTP & WWW p Waleed Ejaz

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.

CH2 System models.

WebServer A Web server is a program that, using the client/server model and the World Wide Web's Hypertext Transfer Protocol (HTTP), serves the files that.

Web HTTP Hypertext Transfer Protocol. Web Terminology ◘Message: The basic unit of HTTP communication, consisting of structured sequence of octets matching.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

1 Chapter 1 Web Components (Introduction) Web Protocols and Practice.

POSTER TEMPLATE BY: Whitewater HTTP Vulnerabilities Nick Berry, Joe Joyce, & Kevin Vaccaro. Syntax & Routing Attempt to capture.

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

The Inter-network is a big network of networks.. The five-layer networking model for the internet.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Module 10: How Middleboxes Impact Performance

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

TCP/IP (Transmission Control Protocol / Internet Protocol)

SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)

1 Pertemuan 5 Networking Models. Discussion Topics Using layers to analyze problems in a flow of materials Using layers to describe data communication.

Web Services. 2 Internet Collection of physically interconnected computers. Messages decomposed into packets. Packets transmitted from source to destination.

1 Firewalls - Introduction l What is a firewall? –Firewalls are frequently thought of as a very complex system that is some sort of magical, mystical..

Overview of Servlets and JSP

09/13/04 CDA 6506 Network Architecture and Client/Server Computing Peer-to-Peer Computing and Content Distribution Networks by Zornitza Genova Prodanoff.

1 6 Chapter 6 Implementing Security for Electronic Commerce.

Ch 2. Application Layer Myungchul Kim

HTTP Protocol Amanda Burrows. HTTP Protocol The HTTP protocol is used to send HTML documents through the Internet. The HTTP protocol sends the HTML documents.

Module 3: Enabling Access to Internet Resources

How HTTP Works Made by Manish Kushwaha.

Enabling Secure Internet Access with TMG

WWW and HTTP King Fahd University of Petroleum & Minerals

Web Development Web Servers.

Internet and Intranet.

Host of Troubles : Multiple Host Ambiguities in HTTP Implementations

Web Caching? Web Caching:.

Processes The most important processes used in Web-based systems and their internal organization.

Internet and Intranet.

* Essential Network Security Book Slides.

Application layer Lecture 7.

Web Privacy Chapter 6 – pp 125 – /12/9 Y K Choi.

Internet and Intranet.

Internet and Intranet.

Presentation transcript:

1 3 Web Proxies Web Protocols and Practice

2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries  Classification of Proxies  Gateway to non-HTTP Systems  Filtering Request and Responses  Request-Response Exchange with a Proxy  Handling HTTP Requests and Responses  Proxy Chaining and Hierarchies  Proxy Configuration  Proxy Privacy Issues  Other kinds of Proxies

3 Web Proxy Definition Web Protocols and Practice WEB PROXIES  A Web proxy is an intermediary program that could be on the same machine or on a machine different form where the request originated.  A Web proxy acts on behalf of a set of clients in communication with servers.  A proxy acts as a server to clients and as a client to other proxies or origin servers.

4 Web Proxy Definition Web Protocols and Practice WEB PROXIES  A Web proxy is used for  Sharing of resource access  Caching of responses  Anonymization  Transformation of requests and responses  Filtering requests/responses

5 Three of the Most Common Intermediaries Web Protocols and Practice WEB PROXIES  Three of the most common intermediaries are  Proxy »An intermediary program which acts as both a server and a client for the purpose of forwarding requests.  Gateway »A server that typically acts as an intermediary for a non-HTTP server such as a mail or FTP server.  Tunnel »An intermediary program that relays bits between two connections and acts at the syntactic level, unlike a proxy or gateway; it does not parse or interpret the HTTP message following through it.

6 Web Protocols and Practice WEB PROXIES B A A Client 1 Client 2 Client 3 GET A GET B Proxy Server 2 Server 1 GET B GET A Figure 3.1. Proxy as an intermediary between a client and an origin server

7 Web Protocols and Practice WEB PROXIES  Figure 3.1 demonstrates a proxy playing the role of client and server. Client 1’s request for resource B being forwarded by the proxy to server 1 and the response returned to the client. This response is not cached. The request from client 2 for resource A is forwarded to server 2, but the response is cached in the proxy and returned to the client. Now, when client 3 requests for resource A, the request is not forwarded by the proxy; instead a cached copy of resource A is returned to client 3.

8 Classification of Proxies Web Protocols and Practice WEB PROXIES  Proxies can be divided to:  Caching proxy »Proxies that have caches associated with them.  Transparent proxy »Proxies that do not modify messages as they flow through them.

9 Gateway to non-HTTP Systems Web Protocols and Practice WEB PROXIES  A proxy can play the role of an intermediary like gateway to other systems that communicate using non-HTTP.  In communicating between a Web client and a FTP server, proxy acts as a gateway, because the client and server do not speak the same protocol (Figure 3.2).

10 Web Protocols and Practice WEB PROXIES F A Client 1 Client 2 Client 3 GET mail resource M GET A GET ftp-resource F Proxy Mail server FTP server Figure 3.2. Proxy acting as a gateway to FTP,HTTP, and mail servers A F HTTP server M

11 Web Protocols and Practice WEB PROXIES  Figure 3.2 shows how an proxy acts as a gateway to an FTP and mail server while also playing the role of an HTTP proxy.  A Web client sends a request to an FTP server via a proxy. The request to the proxy is a regular HTTP request. The proxy first converts the Web client’s request into an FTP request. Similarly, the proxy can act as a gateway to a mail server and obtain a mail resource M. The proxy would return the file to the Web client in the form of an HTTP response.

12 Filtering Requests and Responses Web Protocols and Practice WEB PROXIES  A proxy filters improper requests and responses based on  Destination sites  Characteristics (response size)  Performance  Security

13 Request-Response Exchange with a Proxy Web Protocols and Practice WEB PROXIES  A proxy can play the role in handling HTTP requests and responses. Various steps involved when a proxy is present in the path of a request from a browser to an origin server (Figure 3.3).

14 Web Protocols and Practice WEB PROXIES Figure 3.3. Steps in a browser process with proxy in the path URL Browser DNS server Origin server Proxy 1 DNS query 4 DNS query 2 TCP connection 3 HTT Request 8 HTTP Response 9 optional parallel connection 5 TCP connection 6 HTT Request 7 HTTP Response 10 optional parallel connection

15 Web Protocols and Practice WEB PROXIES  Figure 3.3 shows that upon the user’s selection of a URL, the browser does the Domain Name System (DNS) lookup of the proxy and then sets up a TCP connection to the proxy (steps1 and 2). The HTTP request form the browser (step 3) triggers the proxy to do the DNS lookup of the origin server (step4). The proxy sets up a TCP connection to the origin server and then sends the HTTP request to the origin server (steps 5 and 6). The response from the origin server is sent back to the proxy, which forwards it to the browser (steps 7 and 8). The browser might set up optional parallel connections to the proxy, and the proxy may set up its own optional parallel connections to the origin server (steps 9 and 10).

16 Handling HTTP Requests and Responses Web Protocols and Practice WEB PROXIES  A proxy must be able to abide by several requirements like:  Syntactic requirements Syntactic requirements  Semantic requirements Semantic requirements

17 Syntactic Requirements Web Protocols and Practice WEB PROXIES  Syntactic requirements typically concern headers that a proxy add to messages and modifications of existing headers.

18 Semantic Requirements Web Protocols and Practice WEB PROXIES  The semantic requirements include proper handling of requests and responses and obeying the constraints on returning cached responses.

19 Handling HTTP Requests and Responses Web Protocols and Practice WEB PROXIES  The various requirements (syntactic and semantic) fall into the following categories:  Identification  Version number change  Adding obligatory information about the resource  Semantic neutrality  Handling delays and buffering  State maintenance and policy issues  Practical implementation issues  Handling cookies

20 Proxy Chaining and Hierarchies Web Protocols and Practice WEB PROXIES  A user’s request and origin server’s response may travel through several proxies chained together. (Figure 3.4)  A set of proxies within an organization may be connected in a hierarchy. A regional proxy may be connected to other regional proxies, which in turn may be connected to a national proxy. This way is useful for reducing  Communication costs  Communication latency

21 Client Proxy-1Proxy-2Proxy-n Origin Server Web Protocols and Practice Figure 3.4. Proxy chain on the Web

22 Web Protocols and Practice WEB PROXIES  Figure 3.4 shows that a message form a user agent may traverse through multiple servers before it reaches the origin server. Often, rather than a simple linear pipeline, the intermediate servers have other servers connected to them as well on both sides.

23 Proxy Configuration Web Protocols and Practice WEB PROXIES  A user can configure a browser to set various physical and semantic attributes.  In the case of proxies, end users do not have any influence in changing configuration information associated with a proxy such as its cache size or frequency of revalidation.

24 Proxy Privacy Issues Web Protocols and Practice WEB PROXIES  A proxy is aware of many details that affects the privacy of the user.  A proxy is viewed as a trusted intermediary.  To keep user’s privacy, a proxy must act as a tunnel and providing end-to-end encryption.

25 Other kinds of Proxies Web Protocols and Practice WEB PROXIES  Reverse proxies  Proxies had to be positioned closer to the origin server to »Reduce the load on servers »Prevent the origin server from being vulnerable »Balance the load between the set of servers »Access to origin servers behind a firewall

26 Other kinds of Proxies Web Protocols and Practice WEB PROXIES  Interception proxies  A proxy that either directly examines network traffic and intercepts Web traffic or receives redirected traffic flow from network elements performing traffic interception.  Interception proxies were called Transparent proxies in the industry.