CLIENT–SERVER COMPUTING 215CLIENT–SERVER COMPUTING A client–server environment may use a variety of operating systems and hardware from multiple ven- For articles on related subjects see DISTRIBUTED SYSTEMS; dors; standard network protocols like TCP/IP provide ELECTRONIC COMMERCE; OPERATING SYSTEMS: compatibility. Vendor independence and freedom of CONTEMPORARY ISSUES; and TCP/IP. choice are further advantages of the model. Inexpen- sive PC equipment can be interconnected with main-Introduction frame servers, for example.Client–server computing is a distributed computing Client–server systems can be scaled up in size moremodel in which client applications request services readily than centralized solutions since server functionsfrom server processes. Clients and servers typically run can be distributed across more and more serveron diﬀerent computers interconnected by a computer computers as the number of clients increases. Servernetwork. Any use of the Internet (q.v.), such as infor- processes can thus run in parallel, each process servingmation retrieval (q.v.) from the World Wide Web (q.v.), its own set of clients. However, when there are multipleis an example of client–server computing. However, servers that update information, there must be somethe term is generally applied to systems in which an coordination mechanism to avoid inconsistencies.organization runs programs with multiple componentsdistributed among computers in a network. The con- The drawbacks of the client–server model are thatcept is frequently associated with enterprise comput- security is more diﬃcult to ensure in a distributeding, which makes the computing resources of an environment than it is in a centralized one, that theorganization available to every part of its operation. administration of distributed equipment can be much more expensive than the maintenance of a centralizedA client application is a process or program that sends system, that data distributed across servers needs tomessages to a server via the network. Those messages be kept consistent, and that the failure of one serverrequest the server to perform a speciﬁc task, such as can render a large client–server system unavailable. Iflooking up a customer record in a database or return- a server fails, none of its clients can make further prog-ing a portion of a ﬁle on the server’s hard disk. The ress, unless the system is designed to be fault-tolerantclient manages local resources such as a display, key- (see FAULT-TOLERANT COMPUTING).board, local disks, and other peripherals. The computer network can also become a perform-The server process or program listens for client ance or reliability bottleneck: if the network fails, allrequests that are transmitted via the network. Servers servers become unreachable. If one client producesreceive those requests and perform actions such as high network traﬃc then all clients may suﬀer fromdatabase queries and reading ﬁles. Server processes long response times.typically run on powerful PCs, workstations (q.v.), ormainframe (q.v.) computers. Design ConsiderationsAn example of a client–server system is a banking An important design consideration for large client–application that allows a clerk to access account infor- server systems is whether a client talks directly to themation on a central database server. All access is done server, or whether an intermediary process is intro-via a PC client that provides a graphical user interface duced between the client and the server. The former(GUI). An account number can be entered into the GUI is a two-tier architecture, the latter is a three-tieralong with how much money is to be withdrawn or architecture.deposited, respectively. The PC client validates the dataprovided by the clerk, transmits the data to the data- The two-tier architecture is easier to implement andbase server, and displays the results that are returned is typically used in small environments (one or twoby the server. servers with one or two dozens of clients). However, a two-tier architecture is less scalable than a three-tierThe client–server model is an extension of the object- architecture.based (or modular) programming model, where largepieces of software are structured into smaller compo- In the three-tier architecture, the intermediate processnents that have well deﬁned interfaces. This decen- is used for decoupling clients and servers. The inter-tralized approach helps to make complex programs mediary can cache frequently used server data tomaintainable and extensible. Components interact by ensure better performance and scalability (see CACHEexchanging messages or by Remote Procedure Calling MEMORY). Performance can be further increased by(RPC —see DISTRIBUTED SYSTEMS). The calling com- having the intermediate process distribute client re-ponent becomes the client and the called component quests to several servers so that requests execute inthe server. parallel.
216 CLIENT–SERVER COMPUTINGThe intermediary can also act as a translation service is lost or corrupted when a failure occurs (consis-by converting requests and replies from one format to tency). For the sake of high availability, criticalanother or as a security service that grants server servers can be replicated, which means they areaccess only to trusted clients. provided redundantly on multiple computers. If one replica fails then the other replicas still remainOther important design considerations are: accessible by the clients. To ensure consistent• Fat vs. thin client: A client may implement any- modiﬁcation of database records stored on multiple thing from a simple data entry form to a complex servers, a transaction processing (TP—q.v.) monitor business application. An important design consid- can be installed. TP monitors are intermediate eration is how to partition application logic into processes that specialize in managing client requests client and server components. This has an impact across multiple servers. The TP monitor ensures that on the scalability and maintainability of a client– such requests happen in an ‘‘all-or-nothing’’ fashion server system. A ‘‘thin’’ client receives information and that all servers involved in such requests are left in its ﬁnal form from the server and does little or no in a consistent state, in spite of failures. data processing. A ‘‘fat’’ client does more process- ing, thereby lightening the load on the server. Distributed Object Computing• Stateful vs. stateless: Another design considera- Distributed object computing (DOC) is a generalization tion is whether a server should be stateful or state- of the client–server model. Object-oriented modeling less. A stateless server retains no information about and programming are applied to the development of the data that clients are using. Client requests are client–server systems. Objects are pieces of software fully self-contained and do not depend on the inter- that encapsulate an internal state and make it acces- nal state of the server. The advantage of the state- sible through a well-deﬁned interface. In DOC, the less model is that it is easier to implement and that interface consists of object operations and attributes the failure of a server or client is easier to handle, that are remotely accessible. Client applications may as no state information about active clients is main- connect to a remote instance of the interface with the tained. However, applications where clients need help of a naming service. Finally, the clients invoke the to acquire and release locks on the records stored operations on the remote object. The remote object at a database server usually require a stateful thus acts as a server. model, because locking information is maintained This use of objects naturally accommodates hetero- by the server for each individual client (see DATA- geneity and autonomy. It supports heterogeneity since BASE CONCURRENCY CONTROL). requests sent to server objects depend only on their• Authentication: For security purposes servers interfaces and not on their internals. It permits auton- must also address the problem of authentication omy because object implementations can change (q.v.). In a networked environment, an unauthor- transparently, provided they maintain their interfaces. ized client may attempt to access sensitive data If complex client–server systems are to be assembled stored on a server. Authentication of clients is out of objects, then objects must be compatible. handled by using cryptographic techniques such as Client–server objects have to interact with each other public key encryption (see CRYPTOGRAPHY, COMPUT- even if they are written in diﬀerent programming ERS IN) or special authentication (q.v.) servers such languages and run on diﬀerent hardware and operat- as in the OSF DCE system described below. ing system platforms. In public key encryption, the client application Standards are required for objects to interoperate ‘‘signs’’ requests with its private cryptographic key in heterogeneous environments. One of the widely (see DIGITAL SIGNATURE), and encrypts the data in adopted vendor-independent DOC standards is the the request with a secret session key known only to OMG (Object Management Group) CORBA (Common the server and to the client. On receipt of the request, Object Request Broker Architecture) speciﬁcation. the server validates the signature of the client and CORBA consists of the following building blocks: decrypts the request only if the client is authorized to access the server. • Interface Deﬁnition Language: Object interfaces• Fault tolerance: Applications such as ﬂight-reserva- are described in a language called IDL (Interface tion systems and real-time market data feeds must Deﬁnition Language). IDL is a purely declarative be fault-tolerant. This means that important ser- language resembling Cþþ. It provides the notion vices remain available in spite of the failure of part of interfaces (similar to classes), of interface of the computer system on which the servers are inheritance, of operations with input and output running (high availability), and that no information arguments, and of data types (q.v.) that can be
CLIENT–SERVER COMPUTING 217 passed along with an operation. IDL serves for ware. CORBA implementations are an example of declaring remotely accessible server objects in a well-known client–server middleware. Other examples platform- and programming language-neutral man- are OSF DCE, DCOM, message-oriented middleware, ner, but not for implementing those objects. and transaction processing monitors. CORBA objects are implemented in widely used languages such as Cþþ, C, Java, and Smalltalk. • OSF DCE: The Open Software Foundation (OSF) Distributed Computing Environment (DCE) is a• Object Request Broker: The purpose of the ORB de facto standard for multivendor client–server (Object Request Broker) is to ﬁnd the server object systems. DCE is a collection of tools and services for a client request, to prepare the object to receive that help programmers in developing heteroge- the request, to transmit the request from the client neous client–server applications. DCE is a large to the server object, and to return output arguments and complex software package; it mainly includes back to the client application. The ORB mainly a remote procedure call facility, a naming service, provides an object-oriented RPC facility. a clock synchronization service, a client–server• Basic Object Adapter: The BOA (Basic Object security infrastructure, and a threads package (see Adapter) is the primary interface used by a server MULTITASKING). object to gain access to ORB functions. The BOA • DCOM: Distributed Component Object Model exports operations to create object references, to (DCOM) is Microsoft’s object protocol that enables register and activate server objects, and to authen- ActiveX components to communicate with each ticate requests. An object reference is a data other across a computer network. An ActiveX com- structure that denotes a server object in a network. ponent is a remote accessible object that has a well- A server installs its reference in a name server so deﬁned interface and is self-contained. ActiveX that a client application can retrieve the reference components can be embedded into Web docu- and invoke the server. The object reference pro- ments, so that they download to the client auto- vides the same interface as the server object that it matically to execute in the client’s Web browser represents. Details of the underlying communica- (see WORLD WIDE WEB). DCOM provides a remote tion infrastructure are hidden from the client. instantiation facility allowing clients to create remote server objects. It also provides a security• Dynamic Invocation Interface: The DII (Dynamic model to let programmers restrict who may create Invocation Interface) deﬁnes functions for creating a server object and who may invoke it. Finally, an request messages and for delivering them to server Interface Deﬁnition Language (IDL) is provided for objects. The DII is a low-level equivalent of the deﬁning remotely accessible object interfaces and communication stubs (message-passing interfaces) composing remote procedure calls. that are generated from an IDL declaration. • MOM: Message-Oriented Middleware (MOM)• Internet Inter-ORB Protocol: The Internet Inter- allows the components of a client–server system to ORB Protocol (IIOP) allows CORBA ORBs from interoperate by exchanging general purpose mes- diﬀerent vendors to interoperate via a TCP/IP con- sages. A client application communicates with a nection. IIOP is a simpliﬁed RPC protocol used to server by placing messages into a message queue. invoke server objects via the Internet in a portable The client is relieved of the tasks involved in trans- and eﬃcient manner. mitting the messages to the server reliably. After the• Interface and Implementation Repository: The client has placed a message into a message queue, it CORBA Interface Repository is a database contain- continues other work until the MOM informs the ing type information (interface names, interface client that the server’s reply has arrived. This kind operations, and argument types) for the interfaces of communication is called asynchronous messag- available in a CORBA system. This information is ing, since client and server are decoupled by mes- used for dynamic invocation via the DII, for revision sage queues. MOM functions much like electronic control, and so forth. The Implementation Reposi- mail, storing and forwarding messages on behalf tory provides information allowing an ORB to locate of client and server applications. Messages may be and launch server objects. submitted even when the receiver happens to be temporarily unavailable, and are thus inherently more ﬂexible and fault-tolerant than RPC. Exam-Client–Server Toolkits ples of MOM are IBM’s MQSeries product and theA wide range of software toolkits for building client– OMG Event Service. Web push technologies suchserver software is available on the market today. as Marimba’s Castanet also fall into the category ofClient–server toolkits are also referred to as middle- message-oriented middleware.
218 CLUSTER COMPUTING• Transaction Processing (TP) Monitors: Transac- used as a single computing resource. Clusters have tion processing (q.v.) monitors allow a client appli- been used from the dawn of electronic computing as a cation to perform a series of requests on multiple straightforward way to obtain greater capacity and remote servers while preserving consistency among higher reliability than a single computer can provide. the servers. Such a series of requests is called a Clusters can be an informal, if not anarchic, computer transaction. The TP monitor ensures that either all organization. Often they have not been built by com- requests that are part of a transaction succeed, or puter manufacturers but rather assembled by custom- that the servers are rolled back to the state they had ers on an ad hoc basis to solve a problem at hand. before the unsuccessful transaction was started. A transaction fails when one of the involved com- The ﬁrst cluster probably appeared in the late 1950s puters or applications goes down, or when any of or early 1960s when some company’s ﬁnance oﬃcer, the applications decides to abort the transaction. realizing that payroll checks wouldn’t get printed if the TP monitors are part of client–server products such computer broke down, purchased a spare. Software as Novell’s Tuxedo and Transarc’s Encina. tools for managing groups of computers and submit- ting batch jobs to them, such as IBM’s Remote Job A TP monitor can be used within a banking system Entry (RJE) System, became commercially available when funds are withdrawn from an account on one in the mid-1970s. By the late 1970s, Tandem Comput- database server and deposited in an account on ers began selling highly reliable systems that were another database server. The monitor makes sure clusters, with software to make them appear to access that the transaction occurs in an ‘‘all or nothing’’ a single database system. However, it was not until fashion. If any of the servers fails during the the early 1980s that DEC (Digital Equipment Cor- transfer then the transaction is rolled back such poration—q.v.) coined the term cluster for a collection that both accounts are in the state they were before of software and hardware that made several VAX transaction was started. minicomputers (q.v.) appear to be a single time- sharing (q.v.) system called the VAXcluster. Bibliography1995. Mowbray, T. J., and Zahavi, R. The Essential CORBA. With the appearance of very high performance per- New York: John Wiley. sonal workstations (q.v.) in the early 1990s, technical1996. Andrade, J. M. (ed.), Dwyer, T., Felts, S., and Carges, M. computer users began replacing expensive super- The Tuxedo System: Software for Constructing and Managing computers with clusters of those workstations which Distributed Business Applications. Reading, MA: Addison-Wesley. they assembled themselves. Computer manufacturers1997. Shan, Y.-P., Earle, R. H., and Lenzi, M. A. Enterprise responded with prepackaged workstation clusters, Computing With Objects: From Client/Server Environments which became the standard form of supercomputers to the Internet. Reading, MA: Addison-Wesley. by the mid-1990s; a system of this type with special-1998. Orfali, R., and Harkey, D. Client/Server Programming with Java and CORBA, 2nd Ed. New York: John Wiley. purpose added hardware achieved the milestone of defeating the reigning human chess champion, Garry Websites Kasparov (see COMPUTER CHESS). By 1998, even thoseClient–server frequently asked questions URLs: http://www. systems were being challenged by user-constructed abs.net/lloyd/csfaq.txt. clusters of increasingly powerful personal computers.OMG CORBA documentation URL: http://www.omg.org. A very large, highly diﬀuse and informal cluster—OSF DCE documentation URL: http://www.rdg. using spare time on approximately 22,000 personal opengroup.org/public/pubs/catalog/dz.htm.Microsoft ActiveX and related technology URL: http://www. computers owned by volunteers, connected only microsoft.com/com. occasionally though the Internet—succeeded in Feb- Silvano Maﬀeis ruary 1998 in decoding a ‘‘challenge’’ message en- crypted using the Data Encryption Standard system with a 56-bit key (see CRYPTOGRAPHY, COMPUTERS IN).CLUSTER COMPUTING The answer was found by simply trying one after another of the 63 quadrillion possible keys; success For articles on related subjects see CLIENT–SERVER came after taking only 39 days to examine 85% of the COMPUTING; COOPERATIVE COMPUTING; DATABASE MANAGEMENT SYSTEM; DISTRIBUTED SYSTEMS; keys. Appropriately, the decoded message read ‘‘Many MULTIPROCESSING; NETWORKS, COMPUTER; PARALLEL hands make light work.’’ PROCESSING; and SUPERCOMPUTERS. Individual spectacular feats such as this are not, however, the reason that computer industry analystsIntroduction estimated that half of all high performance server com-A cluster of computers, or simply a cluster, is a collec- puter systems would be clusters by the turn of the cen-tion of computers that are connected together and tury. Clusters provide a practical means of increasing