Topics in Modern Internet Application Development:
REST Continued, A Little Security, SaaS, Some DB
Dr. Donald F. Ferguson
Donald.Ferguson@software.dell.com
© Donald F. Ferguson, 2014. All rights reserved.
Agenda
2
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Agenda
We will likely end early
• Questions, discussions on assignments.
• Follow on topics from last week
–
–
–
–
•
I think I am presenting concepts
•
Faster than you can absorb/implement
•
I want to introduce concepts,
Security concepts
Replay attacks.
Security basics: Message hash, signature, keys.
Stateless and Sessions
• Future assignments
•
•
To show where we are going
•
Understand why we are doing things
•
Give you a chance to pre-read if you want
•
Follow-up with detail in subsequent lectures
Free up some time for ad hoc reviews/discussion
– Overview
– Next steps
• Publish/subscribe; notification
• Multi-tenancy introduction
• Two new database models and use.
3
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Questions
Discussion
on
Assignment?
4
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Follow Up
from
Last Week
5
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
One perspective on security topics
Alice is sending a message over a network to Bob. Eve is malicious and is
watching the communication channel. Mallory can see and inject messages.
Alice and Bob care about:
1.
Authentication of messages
2.
Integrity of messages
3.
Privacy of messages
Additionally, someone processing messages may care about
1.
Authorization
2.
Non-repudiation
3.
Audit
6
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
HTTP(S)/TLS Solve the Problem?
7
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Some Issues
• Eve can see the encrypted messages but cannot extract information,
e.g. user ID/PW, account numbers, …  Privacy
• Bob and Alice still need some form of shared secret, e.g. UID/password, API Keys,
for authentication
– Alice knows that UID and password
– Bob knows the UID and password hash.
• Eve can, however,
– Change and corrupt the message  no integrity.
– Capture and replay a message. The message could be the logon message.
Remember, securing the pipe HTTPS/TLS occurs
– Based on Bob’s certificate, which is public.
– Alice may not have a certificate.
– Eve resending a logon message allows Eve to become Alice. Alice may naturally move between IP
addresses, e.g. at home versus at work versus mobile phone.
8
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Some Additional Issues -- “Layered Systems”
• The HTTP(S) connection may not be fully end-to-end, e.g.
– Firewalls
– Proxies
• The messages may flow through a value added intermediary, e.g.
– Message queue
– Notification service
9
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Secure the Message
Header
Header
Hash
Data
•
Data
Alice
–
–
•
Header
Computes a message hash using a known algorithm, e.g. MD5
Encrypts the message hash with the shared secret, e.g. API secret key
Bob
–
–
–
–
10
Decrypts the transmitted message hash with the shared secret
Computes the overall message hash using the known algorithm
The hash comparison will fail if Eve changed the message  integrity
Bob and Alice agreed on what Alice would hash, and Alice encrypted the information with a secret Eve does
not know  authentication
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Danger
• Remember when I said in the 1st lecture, “Don’t Panic?”
• Well, now would be a good time to panic.
• This explanation
– Is a gross over simplification!
– And is not a valid security solution!
• The explanation clarifies some concepts that we discussed
– AWS API key pairs.
– Signing information in REST headers
– etc.
• Provides initial insight into why some of the stuff is there.
11
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Future
Assignments
12
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
We are going to build a composite app
Multi-Tenant
Commerce
Service
CRM
Service
SaaS
Account/
Billing API
Cloud Infrastructure APIs
•
S3
•
SQS
•
OpenID
•
……
• Evolve the simple CRM service
– Implementation using new functions, e.g. notification, workflow, rules/policy, new database types, reports, …
– “Portal” for on the glass integration of multiple sites.
• Use a SaaS, web callable product, price, billing, … API
• Build a very simple, multi-tenant web commerce application (catalog, cart, …)
13
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Representational State Transfer (REST)
• People confuse
– Various forms of RPC/messaging over HTTP
– With REST
• REST has six core tenets
–
–
–
–
–
–
14
Client/server
Stateless
Caching
Uniform Interface
Layered System
Code on Demand
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
REST Tenets
• Client/Server (Obvious)
• Stateless is a bit confusing
Motivation for the concepts of
explicit/implicit cursors and pagination.
– The server/service maintains resource state, e.g. Customer and Agent info.
– The conversation is stateless. The client provides all conversation state needed for an API
invocation. For example,
– customerCursor.next(10) requires the server to remember the client’s position in the iteration
through the set.
– A stateless call is customerCollection.next(“Bob”, 10). Basically, the client passes the cursor position
to the server.
• Caching
– The web has significant caching (in browser, CDNs, …)
– The resource provider must
– Consider caching policies in application design.
– Explicitly set control fields to tell clients and intermediaries what to cache/when.
15
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
I Lied
•
Think about the commerce application
–
–
–
–
–
•
There are going to be many, many message exchanges
Browse
Add to cart
Remove from cart
etc.
The commerce application needs to remember
–
–
What has gone into the cart during this commerce session
What I have searched for during this commerce session
–
–
–
•
Technically,
–
–
•
I could have the client store and provide all session information on every request
But, … this is fragile and complicated
So, the application
–
–
–
–
16
Don’t ask me, “Are you interested in metric wrenches?”
When I am shopping for textbooks.
Just because I looked for screwdrivers three years ago.
Generates a session key/ID
The client requests always contain the session key either in a cookie or URL (URL rewrite)
Maintains session state in a “database.”
Invalidates the session key/ID when the client logs out or the session times out.
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Session and URL Rewrite
17
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Class Implications
2. Parse and validate request
1. HTTP GET/POST/…
3. Retrieve session context/info
Request Handler
B
O
9. Send HTML response
4. Select “business object.verb
base on GET/POST data and
context info.
•
•
6. Application logic
Customer info creation, deletion, etc.
Searching for things in a database, just applied to new data (catalog entries)
Creating things in a database, just applied to new data (shopping cart)
Using headers in REST messages, just applied to session keys
But, you will apply some new concepts
–
–
–
18
5. Access/Update DB
through framework
We are going to start building a simple commerce application
This is a natural evolution/reapplication of what you have already done
–
–
–
–
•
DB
Creating/terminating sessions
Using session specific data to tailor application
Storing data not easily mapped to relational data models, e.g. product descriptions
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
New
Topics
19
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Publish/
Subscribe
and
Notification
20
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Amazon Web Services
21
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Google Cloud Pub/Sub
https://cloud.google.com/pubsub/overview
22
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Topic Trees
• Subscribe to /sales
• Will see e1 and e2
• If they match the filter
e1
e2
23
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
RabbitMQ
https://www.rabbitmq.com/getstarted.html
24
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
RabbitMQ
https://www.rabbitmq.com/tutorials/tutorial-five-python.html
25
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Class Implications
• Install and setup RabbitMQ (or something similar)
– On a private machine, e.g. your desktop development systems
– Or EC2, GCE or something similar
• Define a topic schema and configure Rabbit MQ, e.g.
– customer.name
– address.zipcode.
• Extend the CRM system
– Emit notifications (publish to RabbitMQ) for Create, Update, Delete of Customer
– Web pages allowing Agents to create subscriptions, e.g.
– “New customer in zipcode=12345”
– “Change in customer for agentID=“898”
– And specify how the agent wants to be notified, e.g. email, SMS
26
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Current Assignment
Controller may be on server
or in browser (e.g. Angular)
Web UI
Business Service
UI
CRM
Services
REST
Customer
Facade
Controller
API
Data Access
Service
Agent
Facade
V
CustomerDS
V
AgentDS
V
ContactDS
Standalone App
Amazon SQS
SQS Adaptor
Q
27
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
“Next Assignment”
• Install and configure RabbitMQ
Topics
–
Notify method
REST
CRM
Services
–
API
Notification
CustomerDS
V
AgentDS
V
ContactDS
Agent
• Modify CRM app to automatically
emit events for CUD of customer
Facade
• Listens for events on Rabbit MQ and uses AWS API
to notify agent using SNS or SES
Data Access Service
V
Customer
Facade
• Write a simple application that enables agents to
CRUD subscriptions, specifying
Business Service
Subscriptions
Service
“RabbitMQ”
28
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
SaaS
MultiTenancy
Introduction
29
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Some Terminology
• Software as a service (SaaS) is
– A software licensing and delivery model
– In which software is licensed on a subscription basis
– And is centrally hosted.
• Multitenancy refers to a principle in software architecture where
– A single instance of the software runs on a server, serving multiple tenants.
– A tenant is a group of users sharing the same view on a software they use.
– With a multitenant architecture, a software application is designed to provide every tenant
a dedicated, private instance including
–
–
–
–
–
Data
Configuration
User management
Tailored application logic
SLAs and non-functional properties.
– Multitenancy contrasts with multi-instance architectures where separate software instances
operate on behalf of different tenants.
30
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
A Perspective on SaaS and Multi-Tenancy
•
The application must have special functionality to enable tenant specific customization
–
–
–
–
–
•
Branding: allowing each organization to customize the look-and-feel of the application to match their corporate branding.
Workflow: Accommodating differences in workflow to be used by a wide range of potential customers.
Extensions to the data model: supporting an extensible data model to give customers the ability to customize the data
elements managed by the application to meet their specific needs.
Policies and rules
Access control: letting each client organization independently customize access rights and restrictions for each user.
Two special applications that “manage” the actual application
–
Business Support Service, e.g.
–
–
–
–
Editor enabling certain roles to
–
–
–
–
31
Sign-up
add user
add feature
Add fields to the database
Specify maximum number of allowed entries in a shopping cart
Add step to order approval workflows
etc.
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Step 1: Multi-Tenant Database
• A customer logon associates a tenant ID with each session, e.g.
– Logging on as dff9@Columbia.edu
– Associates tenantID=21 with the created session
• All data operations automatically “add” the tenant ID, e.g.
– Select * from customer where customerID=1234 is actually
– Select * from customer where customerID=1234 and tenantID=21
32
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Some New Data Models
33
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Query Results
{author, “Ferguson”}
{includes, {paper, {author, “Ferguson”}}}
{references, {book, {author, “Ferguson”}}}
34
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Data and Rendering
• Two different renderings
• Of the same underlying document
35
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Content Management System
Some Terminology
• A content management system (CMS) is a computer application that
– Allows publishing, editing and modifying content, organizing, deleting as well as
maintenance from a central interface.
– Such systems of content management provide procedures to manage workflow in a
collaborative environment.
• A web content management system is a bundled or stand-alone application
–
–
–
–
36
To create, deploy, manage and store content on Web pages.
Content includes text and embedded graphics, photos, video, audio, …
Content includes code that displays content in a specific way
A Web CMS may catalog and index content, select or assemble content at runtime,
or deliver content to specific visitors in a requested way, such as other languages.
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
CMS Data Model
37
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Why Don’t I Just Use …
• A relational database? RDBs do not handle
–
–
–
–
Dynamic taxonomies/folders particularly well.
Relatively free form tagging and query of items.
You can realize the model in relational, but you have to write a specific schema.
Your code is awkward and you write “framework,” which is a CMS.
• A file system?
– File systems do not handle arbitrary metadata well. I want to find documents with
author=“Ferguson” not containing the text “Ferguson.”
– I want to publish or rollback all changes made by Bob in the last 24 hours.
– Jim must approve all contributions of type “Press Release.”
• MongoDB?
– Handle hierarchical and dynamic tags well.
– Not great for images, audio, …
– Would still need some framework code.
38
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Apache Jackrabbit
39
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
The Simple Commerce Application
Needs a CMS
• Product classification, e.g.
– Classification I: Books, Magazines, Videos
– Classification II: Sports, Engineering, Business
• Relatively freeform, queryable information
– Artist Type = {Author, Editor, Contributor, Reviewer, …}.Name={…}
– Format = {eBook, paperback, audiobook, …}
• Fragments of a rendering, e.g.
–
–
–
–
Images
Reviews
Descriptive prose
TOC
• Various renderings, e.g.
– Summary in a search result
– Full information
40
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Project Implications
Your commerce application will implement a simple CMS using Amazon S3
– Bucket per tenant
– A set of base document object elements, e.g.
– Image
– Description
– Review
– A logical classification of products, e.g.
– Publication
– eBook
– Movie
– Compound product descriptions that contain a
set of base elements, e.g.
– Image
– Description
– Authors
41
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
Amazon S3
42
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.
The Assignment
• You do not need to write code (yet)
• You are doing a logical data model
–
–
–
–
–
–
What buckets do you have?
What is the folder structure in the buckets?
What are the base content types?
What are the composite content types?
What is the defined metadata type for each content type?
What are some sample renderings?
• Pilot and manually set up in S3
– With sample data
– Using the web UI.
43
Modern Internet App Development – Lecture 6:
REST Continued, A Little Security, SaaS, Some DB
© Donald F. Ferguson, 2014. All rights reserved.