Web Server Technology - 1st Edition - ISBN: 9781558603769, 9780080520933

Web Server Technology

1st Edition

Authors: Nancy Yeager Robert McGrath
Paperback ISBN: 9781558603769
eBook ISBN: 9780080520933
Imprint: Morgan Kaufmann
Published Date: 1st March 1996
Page Count: 407
Tax/VAT will be calculated at check-out

Institutional Access


The success of the web depends not only on the creation of stimulating and valuable information, but also on the speed, efficiency and convenient delivery of this information to the Web consumer. This authoritative presentation of web server technology takes you beyond the basics to provide the underlying principles and technical details of how WWW servers really work. It explains current technology and suggests enhanced and expanded methods for disseminating information via the Web.

Key Features

  • Covers measurement of WWW component performance--the networks, server hardware, and operating systems--and suggests alternative Web server software designs for improving performance.
  • Explains the costs and benefits of mirroring and caching Web documents.
  • Surveys the web's current search tools and uses the library system as a model layout to illustrate indexing, searching, and retrieval techniques.
  • Assesses web security hazards and presents mechanisms for combating these vulnerabilities, including an in-depth discussion of firewalls.
  • Analyzes the risks and explains the technologies used in a variety of services available for making monetary transactions online.

Table of Contents

Web Server Technology

The Advanced Guide for World Wide Web Information Providers

Nancy J. Yeager, Robert E. McGrath


Chapter 1 Introduction

1.1 A Brief Plan of the Book

1.2 An Overview of The World Wide Web

1.3 The Documents

1.3.1 Digital Media

1.3.2 MIME Types

1.3.3. Hypertext

1.4 The Internet

1.5 The Web Server and Web Client Software

1.5.1 A Brief Survey of Web Server Software

Chapter 2 Web Server Technology

2.1 Overview

2.1.1 Web Server Components

2.1.2 The Hypertext Transfer Protocol (HTTP)

2.1.3 What a Web Server Does Not Know

2.2 The Information: Documents and the Document Tree

2.2.1 The Information to Be Served: The Web Documents

2.2.2 Organization of the Document Tree

2.3 The Hypertext Transfer Protocol (HTTP)

2.3.1 The Request (Client to Server)

2.3.2 The Response (Server to Client)

2.4 How It Works

2.4.1 Handling More than One Request at a Time

Close-up Serving a Web Document: A Step-by-Step Example

2.4.2 More Than One Web Service on the Same Server

2.4.3 A Two-Way Network Connection

2.4.4 Finding and Accessing Files

2.4.5 Inline Images

2.5 Access Control

2.6 Access to Other Protocols: FTP, Gopher, and WAIS

2.7 Non-UNIX Servers

2.8 Future Improvements to the HTTP Protocol and Web Servers

2.8.1 Addressing the Problems with HTTP

2.8.2 A New HTTP?

2.8.3 Publishing and Managing the Information

Chapter 3 Web Scripts, Gateways, and Forms

3.1 Overview

3.2 What is a Script?

3.2.1 What Files are Executable Scripts?

3.2.2 Making the Script Run: The Common Gateway Interface (CGI)

3.2.3 A User's View of a Script

3.2.4 A Web Server's View of Scripts

Close-up A Simple Example of a Script

3.2.5 Costs of Using Scripts

3.2.6 Using Perl and Shell Scripts

3.2.7 When Problem Occur

3.3 Scripts and Forms

3.3.1 How It Works: An Example of How Scripts and Forms Work Together

3.3.2 The HTML Form

3.3.3 How Arguments are Passed to Web Scripts

3.3.4 Executing the Request

3.3.5 Converting Input and Output

3.3.6 Costs of Using Forms and Gateways

3.3.7 Using a C Program Instead of a Shell Script

3.3.8 Calling the Server Twice

3.4 Dynamic Documents and Other Interactive Features

3.4.1 Imagemaps

3.4.2 Server-Side Includes

3.4.3. Netscape Push-Pull Documents

3.4.4 Annotations

3.4.5 Other Interactive Features

3.5 Security Concerns for Scripts and Forms

3.5.1 Parsing and Checking User Input

3.5.2 Programs Have Only the Power Required

3.5.3 Run-time and Dynamically Generated Programs

More about How Scripts and Forms Work Together

Phase 1: Get the Form from the Server

Phase 2: Intermezzo - the User Fills in the Form (At the Client)

Phase 3: The Filled-in Form is Sent to the Web Server, and the Search is Performed

Chapter 4 Architecture, Configuration, and Performance of Web Servers

4.1 Measuring the Performance of Web Servers

4.1.1 What to Measure

4.1.2 How to Measure a Web Server

4.1.3 In the Field: Measuring and Operational Web Server

4.1.4 In the Laboratory: Controlled Experiments

4.1.5 Software Instrumentation

4.2 Performance of the Web: Browsers and Networks

4.2.1 The Browser and the Client System

4.2.2 The Network

4.2.3 Network Protocols and the Web

4.3 Performance of Web Servers

4.3.1 Overview

4.3.2 Alternative Web Serve Architectures

4.4 Conclusion

More about the Experiments Reported in This Chapter

The Overall Setup

The Web Pinger

The Configuration of the Web Servers

The Data Collected

The Requests Used


Instrumented Web Servers


More about the Performance Results

More about a TCP Session

More about Passing Network Connections from Dispatcher to Helper

Chapter 5 Web Document Distribution and Caching

5.1 Organization of the Document Tree

5.2 Location-Independent Names

5.3 Caching Web Information

5.3.1 How Web Caching Works

5.3.2 The Effectiveness of Caching

5.3.3 Theory and Principles: the Costs

5.3.4 Practice: How Well Does it Work in Real Life?

5.3.6 Hierarchical Caching

5.3.7 Unresolved Problems for Web Caching

5.4 Conclusion

Chapter 6 Searching for Information on the Web

6.1 A Conventional Library

6.2 Library Services for the Web

6.3 Acquisitions

6.4 Cataloging and Creating an Index

6.5 The Web and Indexing

6.6 Searching an Index

6.7 Indexing and Searching with WAIS

6.7.1 The WAIS Indexer

6.7.2 The WAIS Search and Retrieval Functions

6.7.3 WAIS and the Web

6.8 Searching Traditional Databases on the Web

6.8.1 Forms, Databases, and Retrieval

6.8.2 Using Databases as Indexes to a Document Collection

6.8.3 Using Databases as Document Repositories

6.8.4 Gateways, Databases, and State

6.9 Searching a Set of Indexes

6.9.1 Achieving Transparency

6.9.2. Fast Access and Distributed Indexes

6.10 Conclusions

More about Using WAIS with Web Servers

Step 1: Create an Index

Step 2: Setting up the WAIS Server

Step 3: Searching the Index

Step 4: WAIS Retrieval

More about WAIS Gateways

Chapter 7 Secure Web Services

7.1 A Framework for Web Security

7.1.1 Step 1: Defining Assets

7.1.2 Step 2: Defining Risks

7.1.3 Step 3: Establishing a Security Policy for the Web Service

7.1.4 Step 4: Choosing the Right Security Mechanisms

7.1.5 How the Web Service Can Fail

7.2 Threats, Risks, and Security-Enhancing Mechanisms for Web Service Providers

7.2.1 Threats to Internet Hosts

7.2.2 Mechanisms for Securing an Internet Host

Close-up Internet Security

7.2.3 Web Server Software Vulnerabilities

7.2.4 Configurating the Web Server for Minimal Access

7.2.5 Authentication and Access Control Mechanisms

7.3 Threats, Risks, and Security-Enhancing Mechanisms for the Consumer of Services

7.3.1 Information Leakage

7.3.2 Content Negotiation

7.3.3 Executing Powerful Viewers

7.4 Firewalls and the Web

7.4.1 Accessing the Web through a Packet Filtering Router

7.4.2 Accessing the Web through a Circuit Gateway

7.4.3 Accessing the Web through an Application Gateway

7.5. Conclusion

More about Firewall Technology

Packet Filtering Routers

Circuit Gateways

Application Gateways

Chapter 8 Digital Commerce: Risks, Requirements, and Technologies

8.1 A Familiar Model for Commercial Transactions: Credit Cards

8.2 Identifying Yourself

8.2.1 Biometrics

8.3 The Web, Security, and the Internet

8.4 Interim Digital Commerce Services for the Web

8.5 Requirements for Digital Commerce

8.6 Technology to Meet These Requirements

8.6.1 Cryptography

8.6.2 Private Key Cryptography

8.6.3 Public Key Cryptography

8.6.4 Hashing Algorithms

8.6.5 Digital Signatures

8.6.6 Certificates, Certificate Authorization, and the Web

8.7 Integrating Cryptographic Algorithms and the Web

8.7.1 Selecting a Cryptographic Algorithm

8.7.2 Key Generation and Destruction

8.7.3 Key Storage and Use by the Application

8.7.4 Key Distribution across an Insecure Public Network

8.7.5 A Common Key Distribution Scheme

8.8 Operational Considerations for Digital Commerce Systems

8.8.1 Low-Tech Threats

8.8.2 Denial of Service

8.8.3 False Service Provider

8.9 Selecting a Secure Web Service

8.10 Secure HTTP (S-HTTP)

8.10.1 Creating the Secure Document

8.10.2 Completing the Secure Transaction

8.11 The Secure Socket Layer 8.12 Which is Better?

8.13 Electronic Payment Protocols and the Web

8.14 Private Anonymous Transactions and Digital Cash

8.15 Conclusion




No. of pages:
© Morgan Kaufmann 1996
Morgan Kaufmann
eBook ISBN:
Paperback ISBN:

About the Author

Nancy Yeager

Robert McGrath