Wikipedia

Client–server model

(Redirected fromClient-server model)

Theclient–server modelis adistributed applicationstructure that partitions tasks or workloads between the providers of a resource or service, calledservers,and service requesters, calledclients.[1]Often clients and servers communicate over acomputer networkon separate hardware, but both client and server may be on the same device. A serverhostruns one or more server programs, which share their resources with clients. A client usually does not share any of its resources, but it requests content or service from a server. Clients, therefore, initiate communication sessions with servers, which await incoming requests. Examples of computer applications that use the client–server model areemail,network printing, and theWorld Wide Web.

A computer network diagram of clients communicating with a server via the Internet

Client and server role

edit

The server component provides a function or service to one or many clients, which initiate requests for such services. Servers are classified by the services they provide. For example, aweb serverservesweb pagesand afile serverservescomputer files.Ashared resourcemay be any of the server computer's software and electronic components, fromprogramsanddatatoprocessorsandstorage devices.The sharing of resources of a server constitutes aservice.

Whether a computer is a client, a server, or both, is determined by the nature of the application that requires the service functions. For example, a single computer can run a web server and file server software at the same time to serve different data to clients making different kinds of requests. The client software can also communicate with server software within the same computer.[2]Communication between servers, such as to synchronize data, is sometimes calledinter-serverorserver-to-servercommunication.

Client and server communication

edit

Generally, a service is anabstractionof computer resources and a client does not have to beconcernedwith how the server performs while fulfilling the request and delivering the response. The client only has to understand the response based on the relevantapplication protocol,i.e. the content and the formatting of the data for the requested service.

Clients and servers exchange messages in arequest–responsemessaging pattern.The client sends a request, and the server returns a response. This exchange of messages is an example ofinter-process communication.To communicate, the computers must have a common language, and they must follow rules so that both the client and the server know what to expect. The language and rules of communication are defined in acommunications protocol.All protocols operate in theapplication layer.The application layer protocol defines the basic patterns of the dialogue. To formalize the data exchange even further, the server may implement anapplication programming interface(API).[3]The API is anabstraction layerfor accessing a service. By restricting communication to a specificcontent format,it facilitatesparsing.By abstracting access, it facilitates cross-platform data exchange.[4]

A server may receive requests from many distinct clients in a short period. A computer can only perform a limited number oftasksat any moment, and relies on aschedulingsystem to prioritize incoming requests from clients to accommodate them. To prevent abuse and maximizeavailability,the server software may limit the availability to clients.Denial of service attacksare designed to exploit a server's obligation to process requests by overloading it with excessive request rates. Encryption should be applied if sensitive information is to be communicated between the client and the server.

Example

edit

When abankcustomer accessesonline bankingservices with aweb browser(the client), the client initiates a request to the bank's web server. The customer'slogincredentialsmay be stored in adatabase,and the webserver accesses thedatabase serveras a client. Anapplication serverinterprets the returned data by applying the bank'sbusiness logicand provides theoutputto the webserver. Finally, the webserver returns the result to the client web browser for display.

In each step of this sequence of client–server message exchanges, a computer processes a request and returns data. This is the request-response messaging pattern. When all the requests are met, the sequence is complete and the web browser presents the data to the customer.

This example illustrates adesign patternapplicable to the client–server model:separation of concerns.

Server-side

edit
See also:Backend (computing),Server-side scripting,andServer Side Includes (SSI)

Server-side refers to programs and operations that run on theserver.This is in contrast to client-side programs and operations which run on theclient.[5](See below)

General concepts

edit

"Server-side software" refers to acomputer application,such as aweb server,that runs on remoteserver hardware,reachable from auser's localcomputer,smartphone,or other device. Operations may be performed server-side because they require access to information or functionality that is not available on theclient,or because performing such operations on theclient sidewould be slow, unreliable, orinsecure.

Client and server programs may be commonly available ones such as free or commercialweb serversandweb browsers,communicating with each other using standardizedprotocols.Or,programmersmay write their own server, client, andcommunications protocolwhich can only be used with one another.

Server-side operations include both those that are carried out in response to client requests, and non-client-oriented operations such as maintenance tasks.[6][7]

Computer security

edit

In acomputer securitycontext, server-side vulnerabilities or attacks refer to those that occur on a server computer system, rather than on the client side, orin between the two.For example, an attacker might exploit anSQL injectionvulnerability in aweb applicationin order to maliciously change or gain unauthorized access to data in the server'sdatabase.Alternatively, an attacker might break into a server system using vulnerabilities in the underlyingoperating systemand then be able to access database and other files in the same manner as authorized administrators of the server.[8][9][10]

Examples

edit

In the case ofdistributed computingprojects such asSETI@homeand theGreat Internet Mersenne Prime Search,while the bulk of the operations occur on the client side, the servers are responsible for coordinating the clients, sending them data to analyze, receiving and storing results, providing reporting functionality to project administrators, etc. In the case of an Internet-dependent user application likeGoogle Earth,while querying and display of map data takes place on the client side, the server is responsible for permanent storage of map data, resolving user queries into map data to be returned to the client, etc.

In the context of theWorld Wide Web,commonly encountered server-side computer languages include:[5]

However, web applications andservicescan be implemented in almost any language, as long as they can return data to standards-based web browsers (possibly via intermediary programs) in formats which they can use.

Client side

edit
See also:Client-side prediction,Front-end (computing),andPagination § In web browsers

Client-side refers to operations that are performed by theclientin acomputer network.

General concepts

edit

Typically, a client is acomputer application,such as aweb browser,that runs on auser's localcomputer,smartphone,or other device, and connects to aserveras necessary. Operations may be performed client-side because they require access to information or functionality that is available on the client but not on the server, because the user needs to observe the operations or provide input, or because the server lacks the processing power to perform the operations in a timely manner for all of the clients it serves. Additionally, if operations can be performed by the client, without sending data over the network, they may take less time, use lessbandwidth,and incur a lessersecurityrisk.

When the server serves data in a commonly used manner, for example according to standardprotocolssuch asHTTPorFTP,users may have their choice of a number of client programs (e.g. most modern web browsers can request and receive data using both HTTP and FTP). In the case of more specialized applications,programmersmay write their own server, client, andcommunications protocolwhich can only be used with one another.

Programs that run on a user's local computer without ever sending or receiving data over a network are not considered clients, and so the operations of such programs would not be termed client-side operations.

Computer security

edit

In acomputer securitycontext, client-side vulnerabilities or attacks refer to those that occur on the client / user's computer system, rather than on theserver side,orin between the two.As an example, if a server contained anencryptedfile or message which could only be decrypted using akeyhoused on the user's computer system, a client-side attack would normally be an attacker's only opportunity to gain access to the decrypted contents. For instance, the attacker might causemalwareto be installed on the client system, allowing the attacker to view the user's screen, record the user's keystrokes, and steal copies of the user's encryption keys, etc. Alternatively, an attacker might employcross-site scriptingvulnerabilities to execute malicious code on the client's system without needing to install any permanently resident malware.[8][9][10]

Examples

edit

Distributed computingprojects such asSETI@homeand the Great Internet Mersenne Prime Search, as well as Internet-dependent applications likeGoogle Earth,rely primarily on client-side operations. They initiate a connection with the server (either in response to a user query, as with Google Earth, or in an automated fashion, as with SETI@home), and request some data. The server selects a data set (aserver-sideoperation) and sends it back to the client. The client then analyzes the data (a client-side operation), and, when the analysis is complete, displays it to the user (as with Google Earth) and/or transmits the results of calculations back to the server (as with SETI@home).

In the context of theWorld Wide Web,commonly encountered computer languages which are evaluated or run on the client side include:[5]

Early history

edit

An early form of client–server architecture isremote job entry,dating at least toOS/360(announced 1964), where the request was to run ajob,and the response was the output.

While formulating the client–server model in the 1960s and 1970s,computer scientistsbuildingARPANET(at theStanford Research Institute) used the termsserver-host(orserving host) anduser-host(orusing-host), and these appear in the early documents RFC 5[11]and RFC 4.[12]This usage was continued atXerox PARCin the mid-1970s.

One context in which researchers used these terms was in the design of acomputer network programminglanguage called Decode-Encode Language (DEL).[11]The purpose of this language was to accept commands from one computer (the user-host), which would return status reports to the user as it encoded the commands in network packets. Another DEL-capable computer, the server-host, received the packets, decoded them, and returned formatted data to the user-host. A DEL program on the user-host received the results to present to the user. This is a client–server transaction. Development of DEL was just beginning in 1969, the year that theUnited States Department of Defenseestablished ARPANET (predecessor ofInternet).

Client-host and server-host

edit

Client-hostandserver-hosthave subtly different meanings thanclientandserver.A host is any computer connected to a network. Whereas the wordsserverandclientmay refer either to a computer or to a computer program,server-hostandclient-hostalways refer to computers. The host is a versatile, multifunction computer;clientsandserversare just programs that run on a host. In the client–server model, a server is more likely to be devoted to the task of serving.

An early use of the wordclientoccurs in "Separating Data from Function in a Distributed File System", a 1978 paper by Xerox PARC computer scientists Howard Sturgis, James Mitchell, and Jay Israel. The authors are careful to define the term for readers, and explain that they use it to distinguish between the user and the user's network node (the client).[13]By 1992, the wordserverhad entered into general parlance.[14][15]

Centralized computing

edit
Further information:History of personal computers,Decentralized computing,andComputer cluster

The client-server model does not dictate that server-hosts must have more resources than client-hosts. Rather, it enables any general-purpose computer to extend its capabilities by using the shared resources of other hosts.Centralized computing,however, specifically allocates a large number of resources to a small number of computers. The more computation is offloaded from client-hosts to the central computers, the simpler the client-hosts can be.[16]It relies heavily on network resources (servers and infrastructure) for computation and storage. Adiskless nodeloads even itsoperating systemfrom the network, and acomputer terminalhas no operating system at all; it is only an input/output interface to the server. In contrast, arich client,such as apersonal computer,has many resources and does not rely on a server for essential functions.

Asmicrocomputersdecreased in price and increased in power from the 1980s to the late 1990s, many organizations transitioned computation from centralized servers, such asmainframesandminicomputers,to rich clients.[17]This afforded greater, more individualized dominion over computer resources, but complicatedinformation technology management.[16][18][19]During the 2000s,web applicationsmatured enough to rivalapplication softwaredeveloped for a specificmicroarchitecture.This maturation, more affordablemass storage,and the advent ofservice-oriented architecturewere among the factors that gave rise to thecloud computingtrend of the 2010s.[20][failed verification]

Comparison with peer-to-peer architecture

edit

In addition to the client-server model,distributed computingapplications often use thepeer-to-peer(P2P) application architecture.

In the client-server model, the server is often designed to operate as a centralized system that serves many clients. The computing power, memory and storage requirements of a server must be scaled appropriately to the expected workload.Load-balancingandfailoversystems are often employed to scale the server beyond a single physical machine.[21][22]

Load balancing is defined as the methodical and efficient distribution of network or application traffic across multiple servers in a server farm. Each load balancer sits between client devices and backend servers, receiving and then distributing incoming requests to any available server capable of fulfilling them.

In apeer-to-peernetwork, two or more computers (peers) pool their resources and communicate in adecentralized system.Peers are coequal, or equipotentnodesin a non-hierarchical network. Unlike clients in a client-server orclient-queue-clientnetwork, peers communicate with each other directly.[citation needed]In peer-to-peer networking, analgorithmin the peer-to-peer communications protocol balancesload,and even peers with modest resources can help to share the load.[citation needed]If a node becomes unavailable, its shared resources remain available as long as other peers offer it. Ideally, a peer does not need to achievehigh availabilitybecause other,redundantpeers make up for any resourcedowntime;as the availability and load capacity of peers change, the protocol reroutes requests.

Both client-server andmaster-slaveare regarded as sub-categories of distributed peer-to-peer systems.[23]

See also

edit

Notes

edit
  1. ^"Distributed Application Architecture"(PDF).Sun Microsystem. Archived fromthe original(PDF)on 6 April 2011.Retrieved2009-06-16.
  2. ^TheX Window Systemis one example.
  3. ^Benatallah, B.; Casati, F.; Toumani, F. (2004). "Web service conversation modeling: A cornerstone for e-business automation".IEEE Internet Computing.8:46–54.doi:10.1109/MIC.2004.1260703.S2CID8121624.
  4. ^Dustdar, S.; Schreiner, W. (2005)."A survey on web services composition"(PDF).International Journal of Web and Grid Services.1:1.CiteSeerX10.1.1.139.4827.doi:10.1504/IJWGS.2005.007545.
  5. ^abc"What are the differences between server-side and client-side programming?".softwareengineering.stackexchange.Retrieved2016-12-13.
  6. ^"Introduction to the server side - Learn web development | MDN".developer.mozilla.org.2023-11-05.Retrieved2023-11-13.
  7. ^"Server-side website programming - Learn web development | MDN".developer.mozilla.org.2023-06-30.Retrieved2023-11-13.
  8. ^abLehtinen, Rick; Russell, Deborah; Gangemi, G. T. (2006).Computer Security Basics(2nd ed.).O'Reilly Media.ISBN9780596006693.Retrieved2017-07-07.
  9. ^abJS (2015-10-15)."Week 4: Is There a Difference between Client Side and Server Side?".n3tweb.wordpress.Retrieved2017-07-07.
  10. ^abEspinosa, Christian (2016-04-23)."Decoding the Hack"(PDF).alpinesecurity.Retrieved2017-07-07.[permanent dead link]
  11. ^abRulifson, Jeff(June 1969).DEL.IETF.doi:10.17487/RFC0005.RFC5.Retrieved30 November2013.
  12. ^Shapiro, Elmer B. (March 1969).Network Timetable.IETF.doi:10.17487/RFC0004.RFC4.Retrieved30 November2013.
  13. ^Sturgis, Howard E.; Mitchell, James George; Israel, Jay E. (1978)."Separating Data from Function in a Distributed File System".Xerox PARC.
  14. ^Harper, Douglas."server".Online Etymology Dictionary.Retrieved30 November2013.
  15. ^"Separating data from function in a distributed file system".GetInfo.German National Library of Science and Technology.Archived fromthe originalon 2 December 2013.Retrieved29 November2013.
  16. ^abNieh, Jason; Yang, S. Jae; Novik, Naomi (2000)."A Comparison of Thin-Client Computing Architectures".Academic Commons.doi:10.7916/D8Z329VF.Retrieved28 November2018.
  17. ^d'Amore, M. J.; Oberst, D. J. (1983). "Microcomputers and mainframes".Proceedings of the 11th annual ACM SIGUCCS conference on User services - SIGUCCS '83.p. 7.doi:10.1145/800041.801417.ISBN978-0897911160.S2CID14248076.
  18. ^Tolia, Niraj; Andersen, David G.; Satyanarayanan, M. (March 2006)."Quantifying Interactive User Experience on Thin Clients"(PDF).Computer.39(3).IEEE Computer Society:46–52.doi:10.1109/mc.2006.101.S2CID8399655.
  19. ^Otey, Michael (22 March 2011)."Is the Cloud Really Just the Return of Mainframe Computing?".SQL Server Pro.Penton Media.Archived fromthe originalon 3 December 2013.Retrieved1 December2013.
  20. ^Barros, A. P.; Dumas, M. (2006). "The Rise of Web Service Ecosystems".IT Professional.8(5): 31.doi:10.1109/MITP.2006.123.S2CID206469224.
  21. ^Cardellini, V.; Colajanni, M.; Yu, P.S. (1999). "Dynamic load balancing on Web-server systems".IEEE Internet Computing.3(3). Institute of Electrical and Electronics Engineers (IEEE): 28–39.doi:10.1109/4236.769420.ISSN1089-7801.
  22. ^"What Is Load Balancing? How Load Balancers Work".NGINX.June 1, 2014.RetrievedJanuary 21,2020.
  23. ^ Varma, Vasudeva (2009)."1: Software Architecture Primer".Software Architecture: A Case Based Approach.Delhi: Pearson Education India. p. 29.ISBN9788131707494.Retrieved2017-07-04.Distributed Peer-to-Peer Systems [...] This is a generic style of which popular styles are the client-server and master-slave styles.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Client–server_model&oldid=1256136751"