20135205 Information Security System Design Foundation 13th Week Study Summary

The 11th Chapter Network programming

Web applications rely on many of the concepts that have been learned in system research, such as processes, signals, byte-map mappings, and dynamic storage allocations, all of which play an important role. There are some new concepts to master. We need to understand the basic client-server programming model and how to write client-server programs that use the services provided by the Internet. Finally, we will combine all these concepts to develop a small but fully functional Web server that provides both static and dynamic text and graphics content for real-world web browsers.

11.1 Client-Server programming model

Everyone's network applications are based on the client-server model. To accompany you through this model, an application consists of a server process and one or more client processes.

The server manages a resource and provides some kind of service to its clients by manipulating that resource.

The underlying operation in the client-server model is a transaction. A client-server transaction consists of four steps:

1) When a client needs a service, it sends a request to the server to initiate a transaction.

2) After the server receives the request, it interprets it and operates its resources in the appropriate manner.

3) The server sends a response to the client and waits for the next request.

4) The client receives a response and processes it.

11.2 Network

Clients and servers typically run on different hosts and communicate through the computer's hardware and software resources.

For a host, the network is just another I/O device, as a data source and data receiver.

An Ethernet segment, including cables and hubs, each with the same maximum bit bandwidth, and the hub does not differentiate each bit received on one port to all other ports. Therefore, each host can see each bit.

Each Ethernet adapter has a globally unique 48-bit address, which is stored on the non-volatile memory of this adapter. This frame is visible to each host adapter, but only the destination host actually reads it.

Bridging Ethernet connects multiple Ethernet segments by cables and bridges, resulting in a larger LAN. The cable transfer rates for connecting bridges can vary (e.g. 1gb/s between bridges and bridges, 100mb/s between bridges and hubs).

Bridge function: Connect different network segments. When a to B transmits data in the same network segment, the frame arrives at the bridge input port, and the bridge discards it and does not forward it. A when transferring data to C in another network segment, the bridge copies the frame to the port connected to the corresponding network segment. Thus saving the bandwidth of the network segment

At the higher level of the hierarchy, multiple incompatible LANs can be connected by a special computer called a router to form an Internet.

Each router has an adapter (port) For each network it is connected to.

11.3 Global IP Internet

Each Internet host runs software that implements the TCP/IP protocol, which is supported by almost every modern computer system. The Internet's client-server hybrid socket function is typically implemented as a system call that will fall into the kernel and invoke various kernel-mode TCP/IP functions.

An IP address is a 32-bit unsigned integer.

The network program stores the IP address in the IP address structure shown.

Because Internet hosts can have different host byte orders, TCP/IP defines a uniform network byte order (big endian byte order) for any integer data item, such as an IP address, which is carried across the network in the packet header. The addresses stored in the IP address structure are always stored in the (big-endian) network byte order, even if the host byte order is a small-end method.

An IP address is used when the Internet client and server communicate with each other. However, large integers are hard to remember for people, so the internet also defines a more user-friendly domain name and a mechanism for mapping domain names to IP addresses. A domain name is a string of words separated by a period (letters, numbers, and dashes).

The Domain name collection forms a hierarchical structure in which each domain name encodes its position in this hierarchy. With an example you will easily understand this. Part of the domain name hierarchy is shown below. Hierarchies can be represented as a tree. The node of the tree represents the city name, and the path to the root forms the domain name. A subtree is called a subdomain. The first layer in the hierarchy is an unnamed root node. The next layer is a group of first-level domain names defined by non-profit organizations (the Internet Wine Name Number Association). Common first-tier domain names include com, edu, gov, org, net, which are assigned by ICANN's various authorized agents on a first-come-first-served basis. Once an organization has a two-level domain name, it can create any new domain name in the subdomain.

11.4 Socket Interface

A socket interface is a set of functions that are combined with UNIX I/O functions to create a network

12th Chapter Concurrent Programming

One, process-based concurrent programming

The simplest way to construct a concurrency process is to use a process that uses functions such as fork,exec and Waitpid.

Example: A natural way to construct a concurrent server is to accept client connection requests in the parent process and then create a new child process to service each new client.

1, usually the server is running for a long time, so we must include a SIGCHLD handler to reclaim the resources of the dead child process.

2. The next parent process must close their respective CONNFD copies.

3. Finally, the connection to the client terminates because the reference count in the File table option of the socket is closed until the connfd of the parent-child process is turned off.

Second, the concurrent process based on I/O multiplexing

The basic idea is to use the Select function, which requires the kernel to suspend the process and return control to the application only after one or more I/O events have occurred.

The Select function handles a collection of type Fd_set, also known as a descriptor collection. Logically, we consider a descriptor set as a bit vector of size n

I/O multiplexing can be used as the basis for concurrent event drivers, in which the flow progresses because of some sort of event. The general concept is to convert the logical flow model to a state machine.

State machine: A set of states, input events, and transitions.

Third, thread-based concurrent programming

A thread is a logical flow that runs in the context of a process.

The multithreaded execution model is similar in some ways to a multi-process execution model.

Each process starts its life cycle as a single thread, which is the main thread. At some point, the main thread creates a peer thread, starting at this point in time, and two threads are running concurrently with each other.

A POSIX thread is a standard interface for processing threads in a C program.

To terminate a process:

1. When the thread routine of the when top layer returns, the line Cheng terminates

2. By calling the Pthread_exit function, the thread will terminate in the display.

3. A peer thread calls the UNIX Exit function, which terminates the process and all threads associated with the process

4. Another peer thread terminates the current thread by calling the Pthread_cancle function with the current thread ID as a parameter

Iv. shared variables in multi-threaded programs

A set of concurrent threads runs in the context of a process. Each thread has its own separate thread context, including thread ID, stack, stack pointer, program counter, condition code, and general purpose register value. Each process shares the remainder of the thread context with other processes.

To map a variable to storage:

Variables in threaded C programs are mapped to virtual storage based on their storage type: Global variables, local automatic variables, and local static variables.

----------------------------------------------------------------------------------

Resources:

In-depth understanding of computer systems

20135205 Information Security System Design Foundation 13th Week Study Summary