Web Services

A service is an application that is hosted in the

backend ready to serve data to whatever client
requests it.
Web services framework is an XML-based
distributed object/service/component system.
Intended to support machine-to-machine
interactions over the network.
A web service is any piece of software that makes
it available over the internet and uses a
standardized XML messaging system.
 Web Services
Components of Web Services:
The basic Web services platform is XML + HTTP. All
the standard Web Services works using following
components
1. SOAP (Simple Object Access Protocol)
2. WSDL (Web Services Description Language)
3. UDDI (Universal Description, Discovery and
Integration)
 Web Services
SOAP(Simple Object Access Protocol)

•SOAP is an XML-based messaging protocol for exchanging information

between computers.
•SOAP is platform & language independent.

A SOAP message is an ordinary XML document containing the following

elements.
• Envelope: ( Mandatory ) :
Defines the start and the end of the message.
•Header:(Optional):
Contains any optional attributes of the message used in processing the
message, either at an intermediary point or at the ultimate end point.
•Body: ( Mandatory )
Contains the XML data comprising the message being sent.
•Fault:(Optional)
An optional Fault element that provides information about errors that
occurred while processing the message
 Web Services
A SOAP Message Structure
<?xml version="1.0"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://www.w3.org/2001/12/soap-
envelope"
SOAP-
ENV:encodingStyle="http://www.w3.org/2001/12/soap-
encoding">
<SOAP-ENV:Header>
...</SOAP-ENV:Header>
<SOAP-ENV:Body>
... <SOAP-ENV:Fault>
... </SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP_ENV:Envelope>
 Web Services
For example:
<?xml version="1.0"?>
<SOAP-ENV:Envelope
........<SOAP-ENV:Body>
<m:GetQuotation
xmlns:m="http://www.tp.com/Quotation">
<m:Item>Computers</m:Item>
</m:GetQuotation>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

The example above requests the quotation of computer sets.

Note that the m:GetQuotation and the Item elements above
are application-specific elements. They are not a part of the
SOAP standard.
 Web Services
The response of above query:
<?xml version="1.0"?>
<SOAP-ENV:Envelope
........<SOAP-ENV:Body>
<m:GetQuotationResponse
xmlns:m="http://www.tp.com/Quotation">
<m:Quotation>This is Quotation</m:Quotation>
</m:GetQuotationResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
 Web Services
 WSDL (Web Services Description Language)
•WSDL is an XML-based language for describing
Web services and how to access them.
•WSDL is an XML based protocol for information
exchange in decentralized and distributed
environments.
•WSDL definition describes how to access a web
service and what operations it will perform.
•WSDL is an integral part of UDDI, an XML-based
worldwide business registry.
•WSDL was developed jointly by Microsoft and
IBM.
 Web Services
WSDL (Web Services Description Language)

Three major elements of WSDL that can be defined

separately and they are:
1. Types
2. Operations
3. Binding
 Web Services
WSDL (Web Services Description Language)

The WSDL Document Structure

A WSDL document describes a web service using these
major elements:
Element Description
<types> A container for data type definitions used
by the web service
<message> A typed definition of the data being
communicated
<portType> A set of operations supported by one or
more endpoints
<binding> A protocol and data format specification
for a particular port type
 Web Services
WSDL (Web Services Description Language)

The WSDL Document Structure

A WSDL document describes a web service using these
major elements:
Element Description
<types> A container for data type definitions used
by the web service
<message> A typed definition of the data being
communicated
<portType> A set of operations supported by one or
more endpoints
<binding> A protocol and data format specification
for a particular port type
 Web Services
WSDL (Web Services Description Language)
The main structure of a WSDL document looks like this:
<definitions>
<types>
data type definitions........
</types>
<message>
definition of the data being communicated....
</message>

<portType>
set of operations......
</portType>

<binding>
protocol and data format specification....
</binding>

</definitions>
 Web Services
UDDI (Universal Description, Discovery and
Integration)
•UDDI is an XML-based standard for describing,
publishing, and finding Web services.
•UDDI is a specification for a distributed registry of
Web services.
• UDDI is platform independent, open framework.
Web Services
 RESTFUL Services
•REST stands for Representational State Transfer.
•First introduced in 2000 by Roy Fielding at the
University of California.
•REST uses HTTP methods explicitly i.e. the
interaction between the client and services will
happen through HTTP protocol. Expose directory
structure like URI’s.
•Transfer XML, Java Script Object Notation (JSON)
or both.
 RESTFUL Services
@Stateless
@Path("com.seller.vishal.seller")
public class SellerFacadeREST {
public SellerFacadeREST() {
super(Seller.class);
}
@POST
@Override
@Consumes({"application/xml", "application/json"})
public void create(Seller entity) {
super.create(entity);
}
@PUT
@Path("{id}")
@Consumes({"application/xml", "application/json"})
 RESTFUL Services
public void edit(@PathParam("id") Long id, Seller entity) {
super.edit(entity); }
@DELETE
@Path("{id}")
public void remove(@PathParam("id") Long id) {
super.remove(super.find(id));
}
@GET
@Path("{from}/{to}")
@Produces({"application/xml", "application/json"})
public List<Seller> findRange(@PathParam("from") Integer
from, @PathParam("to") Integer to) {
return super.findRange(new int[]{from, to});
}
 RESTFUL Services
Identifies the URL path that a java class will respond
to.
@path annotation can route to a class or route to a
specific method.
@GET: most used, read-only and public access
method.
@POST: used to insert/add data. With HTTPs you
can protect the data.
@PUT: used mainly for updating data but can be
used for inserting/adding data
@DELETE: used to delete data
@HEAD: used to return meta-data of the resource
 RESTFUL Services
@produces specifies the media type that a method
will produce and send back to the client. When you
@produces at the class level, its treated as a
default. When used with methods, it becomes a
require to access that method. You can also define
more than one for a specific method. It does do
some encoding but nothing extensive.
@consumes : Basically tells your application to
expect data to be sent in the body of the HTTP
message. You will need to define what type of data
sent up. Again this another way to limit what HTTP
message can access specific methods. You can
define your own or used the predefine Media Type.
 REST Websrvices
•Representational state transfer is a software
architectural style that defines a set of constraints to be
used for creating Web services.
•Web services that conform to the REST architectural
style, called RESTful Web services, provide
interoperability between computer systems on the
internet.
SOAP vs REST
 Virtualization
•Virtualization, in computing, refers to the act of
creating a virtual (rather than actual) version of
something, including but not limited to a virtual
computer hardware platform, operating system (OS),
storage device, or computer network resources.
•Virtualization technologies have gained a renewed
interested recently due to confluence of different
phenomena.
a) Increased Performance and Computing capacity.
b) Underutilized Hardware and Software Resources.
c) Lack of space.
d) Greening Initiatives.
e) Rise of Administrative costs.
 Virtualization
Characteristics of Virtualization:
•Increased Security: The ability to control the execution of a
guest in a completely transparent manner opens new
possibilities for delivering a secure, controlled execution
environment.
•Managed Execution.
•Sharing: Virtualization allows the creation of a separate computing
environment within the same host.
•Aggregation: A group of separate hosts can be tied together and
represent to guest as a single virtual host.
•Emulation: This allows for controlling and tuning the environment that
exposed to guests.
•Isolation: It allows multiple guests to run on the same host without
each of them interfering with the other and also separation between
host and guests.
•Portability: It allows having your own system always with you
and ready to use, given that the required virtual machine
manager is available.
 Virtualization
Taxonomy of Virtualization Techniques:
 Virtualization
Taxonomy of Virtualization Techniques:
Virtualization is mainly used to emulate execution environment ,
storage and networks.

Execution Environment classified into two :-

Process-level – implemented on top of an existing operating

system, which has full control of the hardware.

System-level – Implemented directly on hardware and do not

require or require a minimum support from an existing
operating system
 Machine Reference Model

● It defines the interfaces between the

levels of abstractions, which hide
implementation details.
● Virtualization techniques actually replace
one of the layers and intercept the calls
that are directed towards it.
 Machine Reference Model (cont..)

● Hardware is expressed in terms of the Instruction Set Architecture (ISA).

– ISA for processor, registers, memory and the interrupt management.
● Application Binary Interface (ABI) separates the OS layer from the
application and libraries which are managed by the OS.
– System Calls defined
– Allows portabilities of applications and libraries across OS.
Machine Reference Model (cont..)

● API – it interfaces applications to libraries

and/or the underlying OS.
● Layered approach simplifies the
development and implementation of
computing system.
● ISA has been divided into two security
classes:-
– Privileged Instructions
– Nonprivileged Instructions
 ISA: Security Classes

● Nonprivileged instructions
– That can be used without interfering with other
tasks because they do not access shared
resources. Ex. Arithmetic , floating & fixed point.
● Privileged instructions
– That are executed under specific restrictions
and are mostly used for sensitive operations,
which expose (behavior-sensitive) or modify
(control-sensitive) the privileged state.
● Behavior-sensitive – operate on the I/O
● Control-sensitive – alter the state of the CPU
register.
 Privileged Hierarchy:
Security Ring
● Ring-0 is in most privileged level
, used by the kernel.
● Ring-1 & 2 used by the OS-level
services
● and , R3 in the least privileged
level , used by the user.
● Recent system support two
levels :-
– Ring 0 – supervisor mode
– Ring 3 – user mode
 Hardware-level virtualization

● It is a virtualization technique that

provides an abstract execution
environment in terms of computer
hardware on top of which a guest OS
can be run.
● It is also called as system virtualization.
Hardware-level virtualization
 Hypervisor
● Hypervisor runs above the supervisor mode.
● It runs in supervisor mode.
● It recreates a h/w environment.
● It is a piece of s/w that enables us to run one
or more VMs on a physical server(host).
● Two major types of hypervisor
– Type -I
– Type-II
 Type-I Hypervisor

● It runs directly on top of the hardware.

● Takes place of OS.
● Directly interact with the ISA exposed by the
underlying hardware.

● Also known as native virtual machine.

 Type-II Hypervisor
● It require the support of an
operating system to provide
virtualization services.
● Programs managed by the
OS.
● Emulate the ISA of virtual
h/w.
● Also called hosted virtual
machine.
 Virtual Machine Manager (VMM)
● Main Modules :-
– Dispatcher
● Entry Point of VMM
● Reroutes the instructions issued by VM instance.
– Allocator
● Deciding the system resources to be provided to the
VM.
● Invoked by dispatcher
– Interpreter
● Consists of interpreter routines
● Executed whenever a VM executes a privileged
instruction.
● Trap is triggered and the corresponding routine is
executed.
Virtual Machine Manager (VMM)
 Criteria of VMM

● Equivalence – same behaviour as when it is

executed directly on the physical host.
● Resource control – it should be in
complete control of virtualized resources.
● Efficiency – a statistically dominant fraction
of the machine instructions should be
executed without intervention from the
VMM
 Hardware virtualization Techniques

● CPU installed on the host is only one set,

but each VM that runs on the host
requires their own CPU.
● It means CPU needs to virtualized, done
by hypervisor.
 Hardware virtualization Techniques

● Full virtualization
– Ability to run program (OS) directly on top of a
virtual machine and without any modification.
– VMM require complete emulation of the entire
underneath h/w
– Advantages
● Complete isolation
● Enhanced security
● Ease of emulation of different architectures and
coexistence
– Key challenge is interception of privileged
instructions
 Hardware virtualization Techniques

Full Virtualization (cont..)

● Hypervisor has Ring 0 authority
● and , guest OS has Ring 1 authority
● ISA of guest OS are converted into ISA of host using
binary translation process.
● Privileged instructions are traped.
 Hardware virtualization Techniques

● Hardware-assisted virtualization
– In this hardware provides architectural
support for building a VMM able to run a
guest OS in complete isolation.
– Intel VT and AMD V extensions.
– Early products were using binary translation
to trap some sensitive instructions and
provide an emulated version
 Hardware virtualization Techniques
Hardware-assisted virtualization
● Additional Ring -1
● No binary translation of
privileged instructions
● Commands are are
executed directly to h/w via
the hypervisor
 Hardware virtualization Techniques

● Paravirtualization
– Not-transparent virtualization
– Thin VMM
– Expose software interface to the virtual machine
that is slightly modified from the host.
– Guest OS need to be modified.
– Simply transfer the execution of instructions
which were hard to virtualized, directly to the
host.
 Hardware virtualization Techniques

Paravirtualization
● Privileged instructions of
guest OS is delivered to
the hyperviso0r by using
hypercalls
● Hypercalls handles these
instructions and accesses
the h/w and return the
result.
● Guest has authority to
directly control of
resources.
 Hardware virtualization Techniques

● Partial virtualization
– Partial emulation of the underlying hardware
– Not allow complete isolation to guest OS.
– Address space virtualization is a common
feature of comtemporary operating systems.
– Address space virtualization used in time-
sharing system.
 Operating system-level
virtualization
● It offers the opportunity to create different
and separated execution environments for
applications that are managed concurrently.
● No VMM or hypervisor
● Virtualization is in single OS
● OS kernel allows for multiple isolated user
space instances
● Good for server consolidation.
● Ex. chroot , Jails, OpenVZ etc.
 Programming language-level virtualization

● It is mostly used to achieve ease of deployment of

application, managed execution and portability
across different platform and OS.
● It consists of a virtual machine executing the byte
code of a program, which is the result of the
compilation process.
● Produce a binary format representing the machine
code for an abstract architecture.
● Example
– Java platform – Java virtual machine (JVM)
– .NET provides Common Language Infrastructure (CLI)
● They are stack-based virtual machines
 Advantage of programming/process-
level VM

● Provide uniform execution environment

across different platforms.
● This simplifies the development and
deployment efforts.
● Allow more control over the execution of
programs.
● Security; by filtering the I/O operations
● Easy support for sandboxing
 Application-level virtualization
● It is a technique allowing applications to
run in runtime environments that do not
natively support all the features required
by such applications.
● In this, applications are not installed in the
expected runtime environment.
● This technique is most concerned with :-
– Partial file system
– Libraries
– Operating System component emulation
 Strategies for Implementation
Application-Level Virtualization
● Two techniques:-
– Interpretation -
● In this every source instruction is interpreted by an
emulator for executing native ISA instructions,
● Minimal start up cost but huge overhead.
– Binary translation -
● In this every source insruction is converted to native
instructions with equivalent functions.
● Block of instructions translated , cached and reused.
● Large overhead cost , but over time it is subject to
better performance.
 Different from H/w Virtualization
● In h/w virtualization , it allows the execution
of a program compiled against a different
h/w.
● In Application level emulation , complete h/w
environment.
● Ex:-
– Wine
– CrossOver
– and , many more
 Storage Virtualization

● It allows decoupling the physical

organization of the h/w from its logical
representation.
● Using Network based virtualization known
as storage area network (SAN).
● SAN – Self Study
 Network Virtualization

● It combines h/w appliances and specific

software for the creation and management
of a virtual n/w.
● It can aggregate different physical
networks into a single logical network.
● VLAN – Self Study
 Virtualization and cloud computing

● Plays an important role in cloud computing.

● Primarily used to offer configurable
computing environments and storage.
● H/w virtualization enabling solution in IaaS
● Programming language virtualization in
PaaS.
● Virtualization provides :-
– Consolidating
– Isolation
– Controlled environments
 Pros & Cons of Virtualization

● Disadvantages
– Performance degradation -
● As it interposes and abstraction layer between guest &
host.
– Inefficiency and degraded user experience -
● Some of specific features of the host is unexposed.
– Security holes and new threats
● Case 1 – emulating a host in a completely transparent
manner.
● Case 2 - H/w virtualization , malicious programs can
preload themselves before the OS and act as a thin
VMM.