Introduction and Overview Socket Programming Higher-level interfaces Final thoughts. Network Programming. Samuli Sorvakko/Nixu Oy

Similar documents
Introduction and Overview Socket Programming Lower-level stuff Higher-level interfaces Security. Network Programming. Samuli Sorvakko/Nixu Oy

Introduction and Overview Socket Programming Higher-level interfaces Final thoughts. Network Programming. Samuli Sorvakko/Nixu Oy

Introduction and Overview Socket Programming Lower-level stuff Higher-level interfaces Security. Network Programming. Samuli Sorvakko/Trusteq Oy

COMMUNICATION PROTOCOLS: REMOTE PROCEDURE CALL (RPC)

Systems software design NETWORK COMMUNICATIONS & RPC SYSTEMS

Socket Programming. CSIS0234A Computer and Communication Networks. Socket Programming in C

ECE 435 Network Engineering Lecture 2

ECE 435 Network Engineering Lecture 2

Elementary TCP Sockets

EECS122 Communications Networks Socket Programming. Jörn Altmann

A Client-Server Exchange

Communication. Communication. Distributed Systems. Networks and protocols Sockets Remote Invocation Messages Streams. Fall /10/2001 DoCS

NETWORK PROGRAMMING. Instructor: Junaid Tariq, Lecturer, Department of Computer Science

Lecture 5: Object Interaction: RMI and RPC

Outline. Distributed Computing Systems. Socket Basics (1 of 2) Socket Basics (2 of 2) 3/28/2014

Piotr Mielecki Ph. D.

Outline. Operating Systems. Socket Basics An end-point for a IP network connection. Ports. Network Communication. Sockets and the OS

Sockets. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

Unix Network Programming

Chapter 4 Communication

Lecture 2. Outline. Layering and Protocols. Network Architecture. Layering and Protocols. Layering and Protocols. Chapter 1 - Foundation

ICT 6544 Distributed Systems Lecture 5

Hybrid of client-server and P2P. Pure P2P Architecture. App-layer Protocols. Communicating Processes. Transport Service Requirements

CS307 Operating Systems Processes

Processes. Process Concept. The Process. The Process (Cont.) Process Control Block (PCB) Process State

Outline. Distributed Computer Systems. Socket Basics An end-point for a IP network connection. Ports. Sockets and the OS. Transport Layer.

RPC Paradigm. Lenuta Alboaie Andrei Panu

CS321: Computer Networks Introduction to Application Layer

Communication. Distributed Systems Santa Clara University 2016

CS118 Discussion 1B, Week 1. Taqi Raza BUNCHE 1209B, Fridays 12:00pm to 1:50pm

Hyo-bong Son Computer Systems Laboratory Sungkyunkwan University

Application Programming Interfaces

Lecture 06: Distributed Object

PA #2 Reviews. set_name, get_name, del_name. Questions? Will be modified after PA #4 ~

(9A05803) WEB SERVICES (ELECTIVE - III)

Middleware. Adapted from Alonso, Casati, Kuno, Machiraju Web Services Springer 2004

Context. Distributed Systems: Sockets Programming. Alberto Bosio, Associate Professor UM Microelectronic Departement

UNITE 2006 Technology Conference

A Report on RMI and RPC Submitted by Sudharshan Reddy B

Oral. Total. Dated Sign (2) (5) (3) (2)

Socket Programming. Sungkyunkwan University. Hyunseung Choo Copyright Networking Laboratory

CS153: Communication. Chengyu Song. Slides modified from Harsha Madhyvasta, Nael Abu-Ghazaleh, and Zhiyun Qian

Lecture 15: Frameworks for Application-layer Communications

Lecture 15: Frameworks for Application-layer Communications

Distributed Systems. 02. Networking. Paul Krzyzanowski. Rutgers University. Fall 2017

How do we Communicate? Introduction to Unix Network Programming. What does Alice do? What does Bob do? Two simplest networking programs

UNITE 2003 Technology Conference

Sockets. Dong-kun Shin Embedded Software Laboratory Sungkyunkwan University Embedded Software Lab.

The BSD UNIX Socket Interface (CS 640 Lecture) Assignment 1. Interprocess Communication (IPC) Work Individually (no groups)

Ports under 1024 are often considered special, and usually require special OS privileges to use.

Randall Stewart, Cisco Systems Phill Conrad, University of Delaware

SOCKETS. COMP750 Distributed Systems

Socket Programming TCP UDP

Distributed Environments. CORBA, JavaRMI and DCOM

Overview. Communication types and role of Middleware Remote Procedure Call (RPC) Message Oriented Communication Multicasting 2/36

Communication. Overview

Lecture 24. Thursday, November 19 CS 375 UNIX System Programming - Lecture 24 1

Cloud Computing Chapter 2

UNIX Network Programming. Overview of Socket API Network Programming Basics

Distributed Objects. Object-Oriented Application Development

Client Server Computing

Integrating Legacy Assets Using J2EE Web Services

Chapter 3: Client-Server Paradigm and Middleware

JXTA TM Technology for XML Messaging

Review. Preview. Closing a TCP Connection. Closing a TCP Connection. Port Numbers 11/27/2017. Packet Exchange for TCP Connection

Communication. Outline

UNIX Sockets. Developed for the Azera Group By: Joseph D. Fournier B.Sc.E.E., M.Sc.E.E.

Outline. EEC-681/781 Distributed Computing Systems. The OSI Network Architecture. Inter-Process Communications (IPC) Lecture 4

Tutorial on Socket Programming

Sockets 15H2. Inshik Song

Implementing Remote Procedure Calls*

DS 2009: middleware. David Evans

1.264 Lecture 16. Legacy Middleware

UNIT 1 TCP/IP PROGRAMMING CONCEPTS

We will cover in this order: 2.1, 2.7, 2.5, 2.4, 2.2

CLIENT-SIDE PROGRAMMING

Department of Computer Science

Introduction to Web Services & SOA

Applications and Layered Architectures. Chapter 2 Communication Networks Leon-Garcia, Widjaja

Session NM056. Programming TCP/IP with Sockets. Geoff Bryant Process software

UNIX System Programming Lecture 19: IP Sockets

Network Programming in C: The Berkeley Sockets API. Networked Systems 3 Laboratory Sessions

Programming with TCP/IP. Ram Dantu

A Socket Example. Haris Andrianakis & Angelos Stavrou George Mason University

Distributed Objects and Remote Invocation. Programming Models for Distributed Applications

XML Web Service? A programmable component Provides a particular function for an application Can be published, located, and invoked across the Web

Fundamental Issues. System Models and Networking Chapter 2,3. System Models. Architectural Model. Middleware. Bina Ramamurthy

Distributed Systems Question Bank UNIT 1 Chapter 1 1. Define distributed systems. What are the significant issues of the distributed systems?

RPC. Remote Procedure Calls. Robert Grimm New York University

Network Programming and Protocl Design. Nixu Ltd.

Introduction to Computer Systems. Networks 2. c Theodore Norvell. The Sockets API

Distributed Systems 8. Remote Procedure Calls

CSC209H Lecture 9. Dan Zingaro. March 11, 2015

Lecture 3 Overview! Last Lecture! TCP/UDP and Sockets introduction!

UNIT IV- SOCKETS Part A

Network Software Implementations

Network Programming in C. Networked Systems 3 Laboratory Sessions and Problem Sets

Socket Programming. Dr. -Ing. Abdalkarim Awad. Informatik 7 Rechnernetze und Kommunikationssysteme

Chapter 4 Interprocess Communication. Copyright 2015 Prof. Amr El-Kadi

CS321: Computer Networks Socket Programming

Transcription:

Network Programming Samuli Sorvakko/Nixu Oy Telecommunications software and Multimedia Laboratory T-110.4100 Computer Networks October 16, 2008

Agenda 1 Introduction and Overview Introduction 2 Socket Programming Overview Client sockets Server sockets Sockets recap 3 Higher-level interfaces RPC Java RMI CORBA Microsoft s offerings Web Services 4 Final thoughts Security Discussion

Introduction Introduction 1 Introduction and Overview Introduction 2 Socket Programming Overview Client sockets Server sockets Sockets recap 3 Higher-level interfaces RPC Java RMI CORBA Microsoft s offerings Web Services 4 Final thoughts Security Discussion

Introduction Overview Wide-area concurrency Two or more entities Client-server, peer-to-peer, unidirectional or bidirectional multicast, broadcast,... Multiple levels of information exchange From TCP/IP point of view, HTTP is an application From SOAP or AJAX point of view, HTTP is a transport From a suitably abstracted framework s point of view, SOAP is a transport... All quite complex, eh?

Introduction Managing complexity Well-known protocols Layering Modularization / compartmentalization

Socket Programming 1 Introduction and Overview Introduction 2 Socket Programming Overview Client sockets Server sockets Sockets recap 3 Higher-level interfaces RPC Java RMI CORBA Microsoft s offerings Web Services 4 Final thoughts Security Discussion

Overview Overview The UNIX way Introduced in 1983 (4.2 BSD Unix) Bind together software and the communication channels they use

Overview Overview cont d. Bind together four items: Remote host address Remote host port number Local host address Local host port number Also additional information: Socket protocol (Local, IPv4, IPv6, IPX, X25,...) Communication type (Stream, datagram, raw,...) Other options (blocking/non-blocking, keepalive,...)

Client sockets Client sockets Create a socket (binding it to a file descriptor) Connect the socket with the other party int sockfd=socket(pf_inet, SOCK_STREAM, 0); connect(sockfd, (struct sockaddr *) &remoteaddr, sizeof(struct sockaddr));

Client sockets Client sockets cont d. Of course need to verify return values The remoteaddr struct needs to be filled sin_family (AF_INET) sin_port (generally via htons()) sin_addr (usually from hostent struct from gethostbyname())

Server sockets Server sockets A bit more complicated than the client Again, socket needs to be created Then bound to desired protocol, port and listening address After that, indicate willingness to listen to the OS Now ready to accept connections int sockfd=socket(pf_inet, SOCK_STREAM, 0); bind(sockfd, (struct sockaddr *) &myaddr, sizeof(struct sockaddr)); listen(sockfd, backlog); sin_size=sizeof(struct sockaddr_in); incoming_fd=accept(sockfd, (struct sockaddr *)&remote_addr, &sin_size);

Server sockets Server sockets cont d. What is usually done here is to fork() a child process New connections can be accepted as quickly as possible Old connections are served by the childs asynchronously Other keywords: select(2), poll(2)

Sockets recap Sockets recap Examples were for TCP sockets, UDP similar Very simplified examples, don t do it like this :) What is sent over the socket is decided by programmer Actual communication is handled by OS, socket operations are syscalls

Higher-level interfaces 1 Introduction and Overview Introduction 2 Socket Programming Overview Client sockets Server sockets Sockets recap 3 Higher-level interfaces RPC Java RMI CORBA Microsoft s offerings Web Services 4 Final thoughts Security Discussion

RPC Remote Procedure Call Developed by Sun Microsystems Originally for NIS and NFS Defines a data representation for binary information (byte orders!)

RPC Remote Procedure Call cont d. Uses a portmapper portmap/rpcbind instead of direct communication RPC server opens up a free UDP or TCP port and registers with portmapper RPC client contacts portmapper and gets exact location of server Also contains some options for authentication etc.

RMI Java Remote Method Invocation Also developed by Sun Microsystems Provides a way for Java object invocation from other Java VMs Supports object serialization

RMI Java Remote Method Invocation cont d Remote end: Export interfaces public interface MyInterface extends Remote{} Comms failures will be reported with RemoteException Creates instance(s) of a remote object Register the object(s) with RMI remote object registry Local end: Request the object from the remote server, which returns a Stub instance Methods invoked on the stub are run on the server, with RMI serializing and deserializing the communication

CORBA CORBA Common Object Request Broker Architecture Vendor-independent way for remote objects Specified by Object Management Group (OMG...) IDL, Interface Definition Language describes exported interfaces Similar to RMI in principle Mappings exist for C, C++, Java, COBOL, Lisp, Python...

CORBA CORBA cont d Interface is well separated from the implementation CORBA is well suited for middleware ( glue ) tasks Allows for access control on object level

DCOM Microsoft s offerings Distributed Component Object Model (DCOM) Based on local COM, with added RPC, serializing and garbage collection functionality.net Remoting Part of the.net framework Windows Communication Foundation Unifies.NET comms programming models Web services,.net Remoting, Message Queues, Distributed Transactions Can also serve AJAX web request via JSON encoder Idea here is exactly the same as in CORBA et al, remote invocation of procedures or methods in objects.

Webserv Web Services Leverage the power of the Web Machine-to-machine communication SOAP: Extensible, XML-based communication over HTTP WSDL: Interface description language UDDI (Universal Description Discovery and integration): Publishing and discovery of Web services Can be used in many ways; RPC emulation, Service-oriented architecture (SOA), Representational State Transfer (REST)

Webserv Web Services AJAX (Asynchronous JavaScript and XML) could also be categorized as a web service Not strictly machine-to-machine User s browser may do operations without interaction Data exchange between server and browser Only a part of the web page is refreshed Communication with XMLHttpRequests (or IFrames) Not a standard or a technology, describes functionality

Final thoughts 1 Introduction and Overview Introduction 2 Socket Programming Overview Client sockets Server sockets Sockets recap 3 Higher-level interfaces RPC Java RMI CORBA Microsoft s offerings Web Services 4 Final thoughts Security Discussion

Security Security Cannot trust the network Client cannot trust server Server must not trust client

Security Security - Input handling Being on a network means communicating with more entities than you might think What if one of the entities is malicious? What happens to a server if a client sends it e.g. \0 s, SQL statements, very large amounts of data...

Security Security - Input handling Usually there are limits for things Field length, allowed characters, timeouts etc. It is best to make the limits explicit and force validation Example: A field in a text-based protocol contains a length for the payload (e.g. HTTP Content-Length: ) Check that the length is not negative Check that the length is a number Do not trust the reported length... Example: A server-side AJAX handler will look up entries from an SQL database Check that the request is sane (e.g. discard SQL wildcards) Check that the request contains NO fragments of SQL statements Remember to check for different character encodings, character entities etc... Input handling should be handled in a consistent manner throughout the application

Security Security - Application logic Usually apps have different states they can be in Waiting for connection, authenticating, authorized but idle, data transfer... States can be implicit or explicit As with input handling, explicit usually better Need to verify that the state transition is proper Initiating a monetary transaction not allowed without authentication and authorization Inserting routing table entries not allowed if routing table static... States are application specific State machines will help immensely (don t we all love theoretical computer science :)

Security Security - yet again... Use ready and tested protocol implementations if possible Use well-known protocols if possible Design protocols with security on mind from the start Always test for robustness, not only compliance

Security Further reading Richard Stevens: UNIX Network Programming, Volume 1, Second Edition: Networking APIs: Sockets and XTI, Prentice Hall, 1998, ISBN 0-13-490012-X man 2 socket, man 2 connect, man 2 bind and other UNIX man pages Sun Java RMI guides, http://java.sun.com/j2se/1.4.2/docs/guide/rmi/ Object Management Group CORBA FAQ and other documentation, http://www.omg.org/gettingstarted/corbafaq.htm Secure Programming for Linux and Unix HOWTO, http://www.dwheeler.com/secure-programs/

Discussion Discussion Comments? Remarks? Questions?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback