e-commerce architectures and technologies rob oshana southern methodist university
TRANSCRIPT
E-CommerceArchitecturesand Technologies
Rob Oshana
Southern MethodistUniversity
Anatomy of E-Business Functions
Distributed Computing
Distributed Computing• Computing is said to be "distributed"
when the computer programming and data that computers work on are spread out over more than one computer, usually over a network
• Computing prior to low-cost computer power on the desktop, was organized in centralized "glass houses" (so-called because the computers were often shown to visitors through picture windows)
Distributed Computing
• Modern enterprises are using a mix of desktop workstations, local area network servers, regional servers, Web servers, and other servers
Distributed Computing
• A popular trend has been client-server computing which is simply the view that a client computer can provide certain capabilities for a user and request others from other computers that provide services for the clients– (The Web's HTTP protocol is an
example of this idea.)
Client/Server Computing
What is Client/ServerComputing
The client–server model consists of three parts: • client - the active component that initiates a request• server - the passive component that returns a service• network - the media that enable the transmission of
requests and services
A request A request
Client
ServerA service
/Client
Server
A service
What are the Models of Client/Server Computing?
• The key is the leverage of computing power between Clients and the Server
How much work or how many functions are to be handled by the client versus its server
Major Components in Client/Server
• User Interface (I/O functions - Thin Client, WWW, Phone)
Functional Process (Business Rules)
DBMS (for data access and retrievals, networking, services)
User Interface (e.g., Browser, I/O routines)
Functional Obj. (e.g., Stored procedures/Triggers)
Data Mgmt (e.g., DB2, Oracle, SQL/Server)
Major Models for Client/Server Three-Tier Model
• Client requests its service via some pre-compiled modules (COM) to interact with data access software on the server
Client ServerAgent(COM)
Component Object Module(e.g., precompiled stored procedures)
3 Tier Client/Server
Third-Tier - Databases, Legacy Data
COM
SNAetc...
CORBA
Mid-Tier - HTTP, Biz Objects, Active Server Pages, Scripting
COM
HTTP
“Desktop” - Compound Documents, Controls, Scripting
Three-Tier Client/Server Model Data Mgmt
ClientDB Server
User Interface(e.g., Browsers)
Functions
Function Server
CommunicationNetwork
A New Trend in Object-oriented Client/Server - N-tier Model
N-tier Architecture
Back-end-tierSystem Server
Database ServerMail ServerGateway ServerDNS Server
x-tierBusiness COM
3rd-tierBusiness COM
2nd-tierBusiness COM
First tierClient Interface
Distributed Computing
• Most popular distributed object paradigms – Common Object Request Broker
Architecture (CORBA)– Distributed Component Object Model
(DCOM)– Java/Remote Method Invocation
(Java/RMI)
CORBA and ORBs
CORBA
• Common Object Request Broker Architecture
• Brokers requests for services from objects that may reside elsewhere on a network
• Provides location independence• Provides vendor and language
interoperability
CORBA
• Everything in the CORBA architecture depends on an Object Request Broker (ORB)– acts as a central Object Bus over which
each CORBA object interacts transparently with other CORBA objects located either locally or remotely
CORBA
• Since CORBA is just a specification, it can be used on diverse operating system platform– mainframes– UNIX boxes– Windows machines– handheld devices
• As long as there is an ORB implementation for that platform
CORBA Architecture
• Object Request Broker (ORB) is the most important component
• Object Services are the low-level services that must be available on all platforms in a distributed system (e.g., lifecycle)
CORBA Architecture
• Common Facilities are the commonly-found services in particular distributed systems (e.g., email, print queuing)
• Application Objects are the high-level applications themselves (e.g., spreadsheets, word processors, programmable controllers)
CORBA Architecture
CORBA ORB
CORBAApplications
CORBADomains
CORBAFacilities
CORBA Services
Object Request Broker
• A CORBA Object Request Broker (ORB) is the middleware that establishes the client-server relationship between objects
• Using an ORB, a client object can invoke a method on a server object that can be on the same machine or across a network
Object Request Broker
• The ORB intercepts the call and finds an object that can implement the request, pass it the parameters, invoke its method, and return the results
• CORBA, like SQL, provides both static and dynamic interfaces to its services
Object Request Broker
• The client does not have to know the object's location, its programming language, its operating system, or any other system aspects that are not part of an object's interface
• Also, the client and server roles are dynamic: an object on the ORB can act as either client or server, depending on the occasion
Communicating via ORBs
Local Host
JavaInterpreteror Browser
ClientApplet
Remote Host
ObjectImplementation
ORB
RequestRequest
Distributed Computing with CORBA
• The client application does not need to know whether the object resides on the same computer or on a remote computer elsewhere on the network
• The client application needs to know only two pieces of information– the object's name– how to use the object's interface
Distributed Computing with CORBA
• The ORB takes care of the details– locating the object– routing the request– returning the result
Features and Benefits
• Each object encapsulates the details of its inner workings and presents a well-defined interface, reducing application complexity
• The CORBA approach also reduces development costs, because once an object is implemented and tested, it can be used over and over again
Features and Benefits
• CORBA's platform independence lets you run and invoke the object from any platform; you can run an object from the platform that makes the most sense for that object
• CORBA's language independence lets you reuse existing code and leverage your existing programming skills
Features and Benefits
• CORBA is based on an open, published specification
• Implemented on and supported by numerous hardware and operating system platforms
• CORBA Java objects are portable– build objects on one platform and deploy them
on any other supported platform
Features and Benefits
• Interoperability. CORBA objects are fully interoperable because they communicate using the Internet Inter-ORB Protocol (IIOP)
• Software bridges enable communications between CORBA objects and objects developed using Microsoft's DCOM technology
Features and Benefits
• Modularity. CORBA objects interact via interfaces – developers can modify objects without
breaking other parts of the application– Changing an object's implementation
does not affect other objects or applications because that object's interface stays the same
Features and Benefits• Compatibility. CORBA protects your
investment in existing systems– You can encapsulate a legacy application,
module, or entry point in a CORBA IDL wrapper that defines an interface to the legacy code
• Security. CORBA provides security features such as encryption, authentication, and authorization to protect data and to control user access to objects and their services
CORBA Environment
Source: Netscape
CORBA in a Three Tier Architecture
Source: Netscape
Example
• Parcel-tracking application
• Suppose an Internet user wants to track delivery of a package
• From a browser, the user enters a URL that points to the delivery company's Web server
Source: Netscape
Example
• The server uses HTTP to send a Web page to the user– that page contains an embedded Java
applet, which is the client component of the parcel-tracking system
• So far, nothing is different from a traditional HTTP Web transaction
Example
• Next, the user enters a parcel-tracking number into the appropriate field in the Java applet
• Using the client-side ORB, the applet then generates and sends an IIOP message across the network, looking for a specifically-named server object that can obtain the status of the parcel
Example
• The ORB on the server with the appropriate parcel-tracking object picks up the message and invokes the object's status-finding method
• Through the server ORB, the object then generates another IIOP message looking for an object on a legacy system that contains all the parcel company's data
Example
• Upon obtaining the last request through its ORB, the mainframe containing the data-tracking object determines that status of the parcel from its database
• The mainframe returns an IIOP message with the information to the server object
Example
• The server then routes the information-again with IIOP and the ORBs-to the Java applet running on the client, which displays the results to the user
Example
Source: Netscape
COM
• COM (Component Object Model) is Microsoft's framework for developing and supporting program component objects
• It is aimed at providing similar capabilities to those defined in CORBA
COM• COM provides the underlying services of
interface negotiation, life cycle management (determining when an object can be removed from a system), licensing, and event services (putting one object into service as the result of an event that has happened to another object)
• COM includes COM+, DCOM, and ActiveX interfaces and programming tools
COM Principles
• Rigorous Encapsulation– Black box -- no leakage of implementation
details– All object manipulation through strict
interfaces
• Polymorphism– via multiple interfaces per class– “Discoverable”: QueryInterface COM
Object
IUnknown
IRobot
IDispatch
COM Architecture
ClientClient ComponentComponent
InprocessInprocess
COMCOMrun timerun time
providerproviderSecuritySecurity
RPCRPC
COMCOMrun timerun time
SecuritySecurityproviderprovider RPCRPC
LocalLocal
LPCLPCProtocol stackProtocol stack Protocol stackProtocol stack
DCOM network-DCOM network-protocolprotocol RemoteRemote
Source: Microsoft
Pluggable Transports
COMCOMClientClient
COM Runtime ArchitectureFlexible and extensible
Component
CO
M R
un
tim
e
Server MachineClient Machine
TCP, UDP
SPX,IPX
Net BUI
HTTP
“Falcon”CO
M R
un
tim
e
Proxy
Other Component
Source: Microsoft
The COM ArchitectureA scalable programming model
ClientClient ComponentComponent
In the same In the same process process Fast, direct Fast, direct
function callsfunction calls
ClientClient ComponentComponentCOMCOM
Client ProcessClient Process Server ProcessServer Process On the same On the same machinemachine Fast, secure IPCFast, secure IPC
Across machinesAcross machines Secure, reliable Secure, reliable
and flexibleand flexibleDCE-RPC based DCE-RPC based DCOM protocolDCOM protocol
COMCOMDCERPC
ClientClient
Server MachineServer MachineClient MachineClient Machine
COMCOM ComponentComponent
Source: Microsoft
DCOM
• DCOM which is often called 'COM on the wire', supports remoting objects
• A DCOM server is a body of code that is capable of serving up objects of a particular type at runtime
• DCOM server components can be written in diverse programming languages like C++, Java, Object Pascal (Delphi), Visual Basic and even COBOL
DCOM
• As long as a platform supports COM services, DCOM can be used on that platform
• DCOM is now heavily used on the Windows platform
ServerServerClientClient
COM/DCOMLets ActiveX components run anywhere
CO
MC
OM
Remote object onRemote object onany server any server
Object runningObject runningon clienton client
Object runningObject runningon clienton client
COM
Source: Microsoft
COMClient
Linux 2.0 (Intel)
BETA COM
HP/UX
COM
Digital Open VMS
COM
Siemens Nixdorf SINIX
COM
SCO UnixWare
COM
Digital Unix 4.0 (Alpha)RC
COM
IBM MVS 5.2.2 (OS390)
COM
IBM OS/400
COM
IBM AIX
COM
DCOM
Sun Solaris (Sparc) 2.5
RC COM Q3’97
Q3’97
Q1’98
H1’98
H1’98 H1’98
Q4’97
H1’98
H1’98
Q4’97
COM and DCOM
Source: Microsoft
ContainersContainers
Office BinderOffice BinderOffice BinderOffice Binder
MosaicMosaicMosaicMosaic
Internet ExplorerInternet ExplorerInternet ExplorerInternet Explorer
Windows ShellWindows ShellWindows ShellWindows Shell
Architecture Overview
Internet ExplorerInternet ExplorerInternet ExplorerInternet Explorer
HTMLHTMLHTMLHTML
VRMLVRMLVRMLVRML
WordWordWordWord
VisioVisioVisioVisio
MicroGrafxMicroGrafxMicroGrafxMicroGrafx
ActiveX documentsActiveX documents
HTMLHTMLHTMLHTML
VRMLVRMLVRMLVRML
MPEGMPEGMPEGMPEG
VRMLVRMLVRMLVRML
RealAudioRealAudioRealAudioRealAudio
HTMLHTMLHTMLHTML
ActiveX controlsActiveX controls
ShockwaveShockwaveShockwaveShockwave ODBCODBCODBCODBC
VRMLVRMLVRMLVRML HTMLHTMLHTMLHTML
Visual Basic Visual Basic ScriptScript
Visual Basic Visual Basic ScriptScript
JavaScriptJavaScriptJavaScriptJavaScript
REXXREXXREXXREXX
ActiveX scriptingActiveX scripting
PERLPERLPERLPERL
Visual BasicVisual BasicScriptScript
Visual BasicVisual BasicScriptScript
JavaScriptJavaScriptJavaScriptJavaScriptServicesServices URL resolutionURL resolutionHTTP, FTPHTTP, FTP
URL resolutionURL resolutionHTTP, FTPHTTP, FTP
HyperlinkingHyperlinkingHistoryHistory
FavoritesFavorites
HyperlinkingHyperlinkingHistoryHistory
FavoritesFavorites
Code downloadCode downloadand securityand security
Code downloadCode downloadand securityand security
COM+
• COM+ is an extension of COM
• COM+ is both an object-oriented programming architecture and a set of operating system service
• It adds to COM a new set of system services for application components while they are running, such as notifying them of significant events or ensuring they are authorized to run
COM+
• COM+ is intended to provide a model that makes it relatively easy to create business applications that work well with the Microsoft Transaction Server (MTS) in a Windows NT system
COM+• It is viewed as Microsoft's answer to the
Sun Microsystems-IBM-Oracle approach known as Enterprise JavaBeans (EJB)
• Among the services provided by COM+ are: – An event registry that allows components to
publish the possibility of an event and other components to subscribe to be notified when the event takes place
COM+
– The interception of designated system requests for the purpose of ensuring security
– The queueing of asynchronously received requests for a service
COM+COM+COM+ Services:COM+ Services:EventsEventsSecuritySecurityLoad Load Balancing Balancing Queued Queued ComponentsComponentsIn Memory In Memory Database DatabaseCompensatingCompensating ResourceResource ManagerManagerAdministrationAdministration
MTSMTS
MTS Services:MTS Services: TransactionsTransactions Resource PoolingResource Pooling SecuritySecurity AdministrationAdministration
COMCOMThe ModelThe ModelTools SupportTools SupportMulti-LanguageMulti-LanguageDiscovery (QI)Discovery (QI)
COM+COM+A caring, sharingA caring, sharing
environment forenvironment for youryourcomponentscomponents
COM+COM+A caring, sharingA caring, sharing
environment forenvironment for youryourcomponentscomponents
Technology Scenario
E-Business Servers
• E-Business functions can be processed by several servers in an e-business site– Arrive by browsers (B2C)– Generated by computers (B2B)
Servers of an E-Business Site
E-business site
client
Web server
SecureWeb server
Paymentserver
Applicationserver
Databaseserver
Anatomy of E-Server Transactions
• E-business functions implemented through client/server interactions– Client makes a request to a server
(primary server)– Possible help from secondary servers
• Execution is not deterministic– Request only sent to DB server if the
application server does not have the data
E-Business Functions and C/S Interactions
E-Business Function(e.g. Browse, Search, Pay)
1 2 n. . . .Client/Server Interactions
C/S Interaction
client web serverapplication
serverdatabase
server
C/S Interaction Diagram
• CSID is specified for each e-business function
• Represents all possible interactions for that function
• CSID structure– Nodes; represent visits to clients and/or servers
during execution• Square nodes; client nodes• Circle nodes; represent servers involved in the
implementation
– Arcs; represent probabilities and message types
CSID
C WS AS DB AS WS C
C
C
WS
1 2
3
4
5
6
7 8 9 10
[1,m1] [0.95,m3] [0.8,m6] [1,m7] [1,m8] [1,m9]
[0.05,m2][0.2,m4]
[1,m5]
C: clientAS: application serverDB: database serverWS: Web server
C/S Interactions
C WS
C
1 2
3
[1,m1]
[0.05,m2]
C WS AS DB AS WS C
1 2 4 7 8 9 10
[1,m1] [0.95,m3] [0.8,m6] [1,m7] [1,m8] [1,m9]
a. Interaction 1
b. Interaction 2
C WS AS
C
WS
1 2 4
5
6
[1,m1] [0.95,m3]
[0.2,m4]
[1,m5]
C/S Interactions
c. Interaction 3
Expanded CSID Notation
AS DB
[1.0,m9] [1.0,m10]
AS DB
[1.0,m11]
4 4.1 4.2 7
search
AS DB
WS
. . . . . .
4
7
5
[0.8,-] [1.0,m7]
[0.2,m5]
From CBMGs to CSIDs
• 1. Obtain the static CBMG• 2. From the static CBMG build a list of all
e-business functions• 3. For each business function, determine
the software servers (web server, app server, DB server, authentication server) involved in the execution– Document the relationship
From CBMGs to CSIDs
• 4. Determine the flow of messages between client and server and build a CSID for each business function
• 5. Estimate the message sizes for each of the messages in the CSID
• 6. Determine for each node of the CSID associated with an e-business function, the amount of resources of each type (processor, storage systems, etc) when the e-business function is executed
E-business function
Web Server
Trading Server
Authentication server
Application server
Database server
Login Register Search Select Browse Open account
Get quotes Get report View chart View indexes
Trade Create portfolio
Add to portfolio
Delete from portfolio
Asset planning
CBMG
Entry Home LoginAdd to
cartSelect
Browse
Search
Register
Pay
Search
CSID for E-Business function PAY
C AS PS TS C
C C
Resource usage for payment server- cpu time- number of I/Os