Presentation is loading. Please wait.

Presentation is loading. Please wait.

563.4 Web Services Presented by: Carl A. Gunter University of Illinois Spring 2006.

Published byCollin Richards Modified over 9 years ago

Similar presentations

Presentation on theme: "563.4 Web Services Presented by: Carl A. Gunter University of Illinois Spring 2006."— Presentation transcript:

1 563.4 Web Services Presented by: Carl A. Gunter University of Illinois Spring 2006

2 2 Today’s Web Designed for applications involving human interactions Intended purpose –Information sharing: a distributed content library –Enabled B2C e-commerce –Non-automated B2B interactions How did it happen? –Built on very few standards: http + html –Simple interaction model: very few assumptions –Result was ubiquity

3 3 What’s Next? Improve machine-to-machine protocols to enable more automation. Use a readily-extensible foundation. Build in security from the start. Overcome limits to widespread web deployment of Corba, DCOM, etc.

4 4 Web Services Strategy: use XML as a foundation for both infrastructure and application formats. Build a stack of XML-based processing layers. Create XML-based security mechanisms that integrate with existing approaches (e.g. X.509).

5 5 Typical Web Service Components

6 6 SOAP Web Services consumers send and receive SOAP messages Web Services consumers send and receive SOAP messages WSDL Web Services Description Language Web Services are defined in terms of the formats and ordering of messages Web Services are defined in terms of the formats and ordering of messages Built using open Internet protocols Built using open Internet protocols XML & HTTP Web Services Architecture UDDI Universal Description, Discovery, and Integration Provide a Directory of Services on the Internet Provide a Directory of Services on the Internet

7 7 XML Extensible Markup Language Meta language that –Allows to create and format own document markups A method for putting structured data into a text file - easy to read - unambiguous - extensible - platform-independent

8 8 Sample XML Example Hi please bill to the following address Skateboard One Warehouse Park Boston

9 9 XML Declaration the XML declaration –Not required, but typically used –Attributes include: Version Encoding – the character encoding

10 10 XML Element Hi please bill the following …

11 11 XML Attribute … … XML Attribute –Describes additional information about an element – text

12 12 XML Namespaces … Namespaces –Not mandatory, but useful in giving uniqueness to an element –Declared using the xmlns:name= “value”

13 13 SOAP An XML envelope for XML messaging Headers + body SOAP is “transport independent” Supports both messaging and RPC SOAP Envelope SOAP Header : encoding, authentication, transaction information, etc. SOAP Body SOAP Body Block : parameters, return values, etc SOAP Fault

14 14 SOAP Message Example <t:Transaction xmlns:t=“URI” SOAP-ENV:mustUnderstand=“1” > 12345 Very High “XML Document”

15 15 AMPol Project Adaptive Messaging Policy Project concerns next-generation messaging systems with improved security, flexibility, and integration. Principal activities –WSEmail –Dynamic policy adaptation –Attribute-Based Messaging (ABM)

16 16 AMPol Principal Activities WSEmail Dynamic policy adaptation Attribute-based messaging

17 17 Internet Email Based on a collection of protocols SMTP, POP, IMAP, S/MIME Evolved over a vast installed base Shortcomings Flexibility Security Integration

18 18 Approaches to Improvement Make incremental changes and overlays for the existing protocols Redesign the system from a low level –Example: instant messaging Create a design from another high-level foundation –Example: use HTTP and SSL

19 19 WSEmail Project Began at Penn with support from Microsoft Aim: use web services as a new foundation for email as a way to improve security, flexibility, and integration Ongoing project at both UIUC and Penn Applications –Instant messaging –Routed forms –On-demand attachments Theory –Using Proverif and TuleFale Performance –.NET implementation on a small testbed Lux May Bhattad Gunter 05

20 20 Application: Integrated IM

21 21 Application: Routed Forms

22 22 Implementation WSEmail implemented over.NET framework with Web Services Enhancement (WSE) Messages stored on SQL Server 2000 Version 1.0 has –68 interfaces –343 classes –30 projects –C#.NET-managed code created with MS Visual Studio DNS SRV records used for routing.

23 23 WSEmail Test-bed Machines: Pentium4 Network: 100Mb switched Ethernet Client Machines: 2.8GHz, 512MB RAM Server (S i ): 2.8GHz, 1GB RAM Database (S db ): 2.4GHz, 1GB RAM Internet Emulator (S e ): 2.8GHz, 512MB RAM

24 24 Parameters Each client will send 2000 requests to S i Operations: send message, list headers, retrieve message, delete message (each with equal chance) Sent messages include local recipient (a user on S i ) and an external recipient (a user on S e ). Test coordinator holds test parameters that clients receive and parse Message database is pre-populated with a few entries Test coordinator signals test start Clients non- deterministically pick an action to perform, based on upon test parameters

25 25 Results Average latency:.274 sec / msg Rate of 1786 msg / min Client machines sent 36.4MB and received 369.4MB Test took 1824 sec to execute Benchmark comparison to SMTP on our machines showed.170 sec / msg with messages of similar size Benchmark UW Parkside peak usage figures were 1716 msg / min

26 26 Performance Results Average latency:.274 sec / msg Rate of 1786 msg / min Client machines sent 36.4MB and received 369.4MB Test took 1824 sec to execute Benchmark comparison to SMTP on our machines showed.170 sec / msg with messages of similar size Benchmark UW Parkside peak usage figures were 1716 msg / min

27 27 Theory On Demand Attachments Protocol –Nine messages, four parties –Complex messages –Want to prove that receiving an attachment means it was sent by the sender in the from field

28 28 AMPol Principal Activities WSEmail Dynamic policy adaptation Attribute-based messaging Afandi Zhang Hafiz Gunter 06

29 29 Policy Adaptation Large-scale systems often cannot operate under a uniform policy Scalability can be aided by allowing parties to express policies that must be satisfied in interactions Apply this idea to messaging systems to achieve adaptive messaging policy Case study for email based on WSEmail

30 30 Architectural Components Policy Model –What policies can be expressed –Our instantiation: AMPL and APES (Attachments, Payment, Encryption, Signature) Policy Discovery –Policy merging –Policy Query Protocol (PQP) Extension and Enforcement –Conformance –Extension –Enforcement

31 31 Policy Architecture SMTA RMTA Sender Recipient Egress Policies Ingress Policies Client Policies Merged Policies

32 32 Policy Architecture SMTA RMTA Sender Recipient Merged Policies

33 33 Policy Architecture SMTA RMTA Sender Recipient Egress Policies Ingress Policies Client Policies Plug in Server

34 34 Demo A message from Afandisandy1 to Afandigary1 Two MTAs –Afandisandy1’s egress policy is HashCash (cycle exhaustion) –Afandigary1’s ingress policy includes RTT (Reverse Turing Test) and Identity-Based Encryption (IBE) Run demo

35 35 AMPol Principal Activities WSEmail Dynamic policy adaptation Attribute-based messaging Bobba Fatemieh Kahn Gunter Khurana 06

36 36 Problem and Approach Problem –Limited scope for targeted messaging –Unwanted messages Approach –Target messages based on recipient attributes –Create recipient lists dynamically

37 37 Scenarios and Challenges Scenarios –Address all faculty going on sabbatical next term –Address all the people working on security related projects in an organization –Address all TeraGrid system administrators –Address doctors in the tri-state area who have expertise in a specific kind of operation Challenges –User attribute assimilation and query –User privacy –Access rights –Inter-domain messaging Attribute mapping Privacy policy AAA

38 38 Architecture Domain A MTA ABM Server Data Services Legacy Databases Attr. DB Domain B MTA ABM Server Data Services Legacy Databases Attr. DB Regular E-mail (SMTP) Inter Domain ABM over Web Services To: Mgr@DomA && Mgr@DomB

39 39 Phase 1 Architecture WEB Interface Send Mail Send mail B2. Standard Email Client Address: abm@uiuc.edu Attachment:xacml.xml; xquery.xml; sender... Send MTA ABM XML DB Policy. xml ABM Host MUA PDP XACML Engine C5.Xquery(ABM Address) C2.User Attribute List C1.Xquery(User ID) C 3. X A C M L r e q C 4. X A C M L r e s p Web Server A2.User ID A7.Routable Attribute List A3.Xquery(User ID) A4.User Attribute List A 5. X A C M L r e q A 6. X A C M L r e s p A 8. R o t a b l e A t t r i b u t e L i s t A 1. U s e r I D ( A u t h e n t i c a t i o n ) B1. Create Query C6.Email list Run Demo Policy Specialization Path Address Resolution Path

40 40 Phase I Attribute assimilation and query –Native XML attribute database –XQuery Privacy and privileges –Restricted access to attributes –Policy specification and enforcement using XACML Performance evaluation: –60,000 users and 100 attributes

41 41 Policy Specialization Time

42 42 Address Resolution Time RDB Relational DB

43 43 Address Resolution Time XMLDB XML DB

44 44 Conclusions Crossroads for important technology advances –Adaptive policies –Web services (“Service Oriented Architectures”) –Formal models and verification for security protocols Messaging systems –Critical in their own right –Good domain for developing and applying core advances

Download ppt "563.4 Web Services Presented by: Carl A. Gunter University of Illinois Spring 2006."

Similar presentations

Web Service Architecture

Web Service Architecture
Siebel Web Services Siebel Web Services March, From

Siebel Web Services Siebel Web Services March, From
31242/32549 Advanced Internet Programming Advanced Java Programming

31242/32549 Advanced Internet Programming Advanced Java Programming
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group

Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
General introduction to Web services and an implementation example

General introduction to Web services and an implementation example
SOAP.

SOAP.
Web Services Darshan R. Kapadia Gregor von Laszewski 1http://grid.rit.edu.

Web Services Darshan R. Kapadia Gregor von Laszewski 1http://grid.rit.edu.
Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.

Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.
WEB SERVICES DAVIDE ZERBINO.

WEB SERVICES DAVIDE ZERBINO.
Illinois Security Lab Using Attribute-Based Access Control to Enable Attribute- Based Messaging Rakesh Bobba, Omid Fatemieh, Fariba Khan, Carl A. Gunter.

Illinois Security Lab Using Attribute-Based Access Control to Enable Attribute- Based Messaging Rakesh Bobba, Omid Fatemieh, Fariba Khan, Carl A. Gunter.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.

1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
CIM2564 Introduction to Development Frameworks 1 Overview of a Development Framework Topic 1.

CIM2564 Introduction to Development Frameworks 1 Overview of a Development Framework Topic 1.
Presentation 7 part 2: SOAP & WSDL. Ingeniørhøjskolen i Århus Slide 2 Outline Building blocks in Web Services SOA SOAP WSDL (UDDI)

Presentation 7 part 2: SOAP & WSDL. Ingeniørhøjskolen i Århus Slide 2 Outline Building blocks in Web Services SOA SOAP WSDL (UDDI)
Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.

Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.
Layer 7- Application Layer

Layer 7- Application Layer
Slide 1 EE557: Server-Side Development Lecturer: David Molloy Room: XG19 Mondays 10am-1pm Notes:

Slide 1 EE557: Server-Side Development Lecturer: David Molloy Room: XG19 Mondays 10am-1pm Notes:
Grid Computing, B. Wilkinson, 20043a.1 WEB SERVICES Introduction.

Grid Computing, B. Wilkinson, 20043a.1 WEB SERVICES Introduction.
Web Services Michael Smith Alex Feldman. What is a Web Service? A Web service is a message-oriented software system designed to support inter-operable.

Web Services Michael Smith Alex Feldman. What is a Web Service? A Web service is a message-oriented software system designed to support inter-operable.
Web service testing Group D5. What are Web Services? XML is the basis for Web services Web services are application components Web services communicate.

Web service testing Group D5. What are Web Services? XML is the basis for Web services Web services are application components Web services communicate.
Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.

Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.

Similar presentations

Ads by Google