Agenda
- Problem statement
- Client and server-side challenges and workarounds
- HTTP Mailbox messaging - a complete solution
- Implementation and applications
- Benchmarking and evaluation
- Attacks and prevention
Problem: TODO List
ID |
Description |
Priority |
Status |
1 |
Write a paper. |
HIGH |
Pending |
2 |
Go on vacation. |
LOW |
Pending |
- Alice maintains her task list on example.org domain
- Keeps a copy on various third-party task manager services
Problem: Synchronization
- Alice has changed the status of the first task on example.org page
- She wants to synchronize the changes on all task servers
- Makes an HTTP PATCH request to all task managers
- She may not succeed
Problem: X-Origin
- Page from example.org can not talk to example.com
Problem: Unavailable Server
- Task Manager 2 server was down
Problem: Unsupported Method
- Task Manager 3 server does not support HTTP PATCH method
Problem: Multicast
- HTTP does not support multicast
Linda
- Tuplespace - shared memory for distributed process
- Tuple - data or request objects
- Methods for CRUD (Create, Read, Update, and Delete) operations
- in() - a destructive read
- rd() - a non-destructive read
- out() - producing a tuple
- eval() - evaluating a tuple and producing a result tuple if
applicable
- Time and space uncoupling
- Simple but limited to shared memory machines
- Pre-Web distributed computing model
REST
- Architecture for large-scale distributed systems
- Media types to handle the response
Content-Type: text/html
Relation types to discover future actions
Link: <http://example.com/tasks/3>; rel="next"
No out-of-band information required
HTTP methods for CRUD operations
- GET - Read
- POST - Create
- PATCH - Update
- DELETE - Delete
REST vs. RPC
- REST utilises HTTP methods for resource actions
- Only nouns no verbs in the path/URI
- Hides implementation details
GET http://example.com/list_all_tasks.php
GET http://example.com/tasks
GET http://example.com/show_task_details.php?id=3
GET http://example.com/tasks/3
POST http://example.com/create_new_task.php
POST http://example.com/tasks
POST http://example.com/update_task_status.php
PATCH http://example.com/tasks/3
GET http://example.com/delete_task.php?id=3
DELETE http://example.com/tasks/3
Issues and Challenges
-
Cross-domain communication
Object from a domain communicates with other domain
-
Client-side issues
Browser, HTML, and JavaScript related
-
Server-side challenges
HTTP method and header related
-
Indirect communication
Store-and-forward and multicasting
Cross-domain Communication
- Page from domain A loaded in a browser, communicate with domain B server
- Embedded resources (like image, CSS, JavaScript) are generally allowed
- HTML Forms are generally allowed
- Ajax requests are restricted by default
- Legitimate usage
- Content Distribution Network (CDN)
- Third-party APIs
- Mis-use
- Consuming third-party resources without permission
- Security and privacy attack
Client: X-Domain Restriction
Server: Lack of REST
- Not utilizing HTTP methods for CRUD
OPTIONS http://www.cs.odu.edu/
HTTP/1.1 200 OK
Allow: GET,HEAD,POST,OPTIONS
Date: Thu, 11 Jul 2013 02:17:13 GMT
- Non-RESTful URIs
GET http://example.com/delete_task.php?id=3
- Lack of link relations in the response
Link: <http://example.com/tasks/3>; rel="next"
Server: Lack of CORS
- Lack of Cross-Origin Resource Sharing (CORS)
- Requires additional Access-Control-* headers
Access-Control-Allow-Origin: example.org
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Link, Date
- CORS support is not enabled by default
Indirect Communication
- HTTP does no allow indirect communication
- Time-uncoupling
- Communicate without meeting in time
- Requires store-and-forward mechanism
mailto:salam@cs.odu.edu
- Space-uncoupling
- Communicate without knowing each others' identities
- Enables group communication (multicast)
mailto:grad@cs.odu.edu
Relay HTTP
- Relay server on origin domain
- Acts like a proxy server
- Removes JavaScript's cross-origin restriction
- Utilizes media types message/http and application/http
- Support summary
- CORS: Yes
- Time-uncoupling: No
- HTTP methods: Full
- Group communication: No
Ajax
var req = new XMLHttpRequest();
req.open('PATCH', 'http://example.com/tasks/1', true);
req.setRequestHeader('Content-type', 'text/task-patch');
req.send('Status=Done');
- Communicating from a web server asynchronously
- Requires Access-Control headers for CORS
- Support summary
- CORS: Server dependent
- Time-uncoupling: No
- HTTP methods: Full
- Group communication: No
EMS
- Supports various communication paradigms
- Pub-sub, point-to-point, peer-to-peer, and group messaging
- XML based communication
- Not friendly for browser based HTTP communication
- Examples: Advanced Message Queuing Protocol (AMQP)
and Java Message Service (JMS)
- Support summary
- CORS: Not browser friendly
- Time-uncoupling: Yes
- HTTP methods: No
- Group communication: Yes
Bleeps
- Compact messages in predefined formats
from=alice to=http://example.com/tasks/1 change status #done @bob $task
Suitable for push style messaging
- Recipients are responsible to capture push notifications
- Missed messages are lost
Support summary
- CORS: Yes
- Time-uncoupling: No
- HTTP methods: Full
- Group communication: Yes
Bleeper
- Push messages using Bleeps format
- Channels for web object communication, news feed, and DBpedia Live
- Built using Faye pub-sub messaging system
HTTP Mailbox Messaging
-
HTTP Message
Message format for the HTTP Mailbox
-
Message encapsulation
HTTP message as an entity for the other HTTP message
-
System overview
Schematic diagram of the system
-
Lifecycle
Flow of messages in the HTTP Mailbox system
-
API
Important bits of HTTP Mailbox communication
HTTP Message
PATCH /tasks/1 HTTP/1.1
Host: example.com
Content-Type: text/task-patch
Content-Length: 11
Status=Done
HTTP/1.1 501 Not Implemented
Content-Type: text/plain
Content-Length: 72
PATCH methos is not implemented. Please consider using the HTTP Mailbox.
- Types of HTTP Message
- Parts of HTTP Message
- Request/status line
- Headers (optional)
- Body (optional)
Message Encapsulation
POST /hm/http://example.com/tasks/1 HTTP/1.1
Host: example.net
Content-Type: message/http
Content-Length: 103
PATCH /tasks/1 HTTP/1.1
Host: example.com
Content-Type: text/task-patch
Content-Length: 11
Status=Done
- HTTP Message is encapsulated in another HTTP Message as entity
- Media type message/http
System Overview
- A web page from domain A is loaded in the client (browser)
- Client sends encapsulated messages for domain B to the HTTP Mailbox
- Domain B retrieves the encapsulated messages from the HTTP Mailbox
- Domain B opens the envelope to discover actual HTTP message
Lifecycle
Lifecycle: Send-Request
Lifecycle: Send-Response
Lifecycle: Retrieve-Request
Lifecycle: Retrieve-Response
API: Request
- Recipient
GET /hm/http://example.com/tasks/1 HTTP/1.1
Host: example.net
- Time-based access
GET /hm/20130221173518/http://example.com/tasks/1 HTTP/1.1
Host: example.net
- Pagination
GET /hm/3-11/http://example.com/tasks/1 HTTP/1.1
Host: example.net
- Time-based access and pagination are only available in GET requests
API: Message Chain
- Link header allows traversal of the message chain
HTTP/1.1 200 OK
Link: <http://example.net/hm/id/1>; rel="first",
<http://example.net/hm/id/4>; rel="last self",
<http://example.net/hm/id/3>; rel="previous",
<http://example.net/hm/http://example.com/tasks>;
rel="current"
Content-Type: message/http
Content-Length: 42
DELETE /tasks/2 HTTP/1.1
Host: example.com
API: Accessibility
- HTTP Mailbox must support CORS
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Link, Via,
Date, Memento-Datetime
Content-Type: message/http
Content-Length: 42
DELETE /tasks/2 HTTP/1.1
Host: example.com
Utilization
-
Implementation
A reference implementation of the HTTP Mailbox »
-
Preserve Me!
A human assisted Web preservation application (Research work of Charles Cartledge)
-
Preserve Me! Viz
A tool to vizualize network of web objects »
Implementation
- Source code available on GitHub »
-
Our Reference Implementation uses
- Ruby (programming language)
- Sinatra (web framework)
- Thin (web server)
- Fluidinfo (third-party data storage service)
Preserve Me!
- An application to enable human assisted distributed web preservation
- Adds Preserve Me! Icon on each splash page
- Links machine friendly ResourceMap with the human friendly splash page
- Clicking on Preserve Me! icon opens Preserve Me! Window
- Preserve Me! Window allows interactions with the linked ResourceMap
- Web objects communicate and form a network to preserve each other
- All the communications are performed using the HTTP Mailbox
Preserve Me!: Flickr
Preserve Me!: Radialab
Preserve Me!: ResourceMap
Preserve Me!: arXiv
Preserve Me! Window
Preserve Me! Mailbox
Preserve Me! Viz
- An application to visualize network
- Nodes
- Connections
- Communication and data flow
- Animates the network as it changes
- Utilized to visualize the Preserve Me! testbed in realtime
- Event log is communicated through the HTTP Mailbox
- Interactive graph and animation player
- Various player controls allow changing speed, seek, and replay
Preserve Me! Viz Window
Evaluation
-
Benchmarking: ApacheBench
Stress-test analysis for GET and POST requests
-
Benchmarking: Pagination
Response-time analysis for pagination
-
Segment analysis
Measuring the time spent in various segments
-
Feature comparison
Comparing HTTP Mailbox features with other messaging systems
Benchmarking: GET
- Mean Time Per Request (MTPR) roughly same for payloads below 100 KB
- 0.014% (12/83,300) transient HTTP failures
Benchmarking: POST
- MTPR in POST is slightly higher than GET
- Trend is same as GET
Benchmarking: Pagination
- Response pagination reduces retrieval time significantly
- Data size per page increases with page size
Segment Analysis
- 96.78% time is used in Fluidinfo communication
- Little optimization of our implementation will reduce 4/5 Fluidinfo cycles to 2
Feature Comparison
Feature |
Linda |
HTTP |
Relay HTTP |
EMS |
Bleeps |
HTTP Mailbox |
Multicast |
Yes |
No |
No |
Yes |
Yes |
Yes |
Non-Blocking |
Yes |
No |
No |
Yes |
Yes |
Yes |
Reliability |
Yes |
Yes |
Yes |
Yes |
No |
Yes |
Message Size |
Any |
Any |
Any |
Any |
Short |
Any |
Browser Support |
No |
Limited |
Full |
No |
Full |
Full |
Transport |
Shared memory |
Web |
Web |
Web |
Web |
Web |
Attacks and Prevention
Attack |
Victim |
Prevention |
DoS |
HTTP Mailbox |
Limiting access |
Spam |
Recipient |
Spam filtering |
Impersonation |
Sender |
Signing |
Fake Authorization |
Sender |
OAuth or access token |
Integrity |
Message |
Hash digest |
Privacy |
Sender and Recipient |
Encryption |
Security |
Sender and Recipient |
Authentication |
Man-in-the-middle |
Sender and Recipient |
HTTPS |
Message Signing
POST /hm/http://example.com/bob HTTP/1.1
Host: example.net
HM-Sender: http://example.org/alice
Content-Type: message/http
HM-Forward-Encoding: rsa-sign
certificate=http://example.org/alice.pub
Content-Length: 19
SIGNEDMESSAGESTREAM
- Alice sends a message to Bob
- Alice signs the message using her private-key
Signing and Encryption
POST /hm/http://example.com/bob HTTP/1.1
Host: example.net
HM-Sender: http://example.org/alice
Content-Type: message/http
HM-Forward-Encoding: rsa-sign
certificate=http://example.org/alice.pub
rsa-encrypt certificate=http://example.com/bob.pub
Content-Length: 48
NOTMEANINGFULLYREADABLESIGNEDANDENCRYPTEDMESSAGE
- Alice also encrypts the message using Bob's public-key
- Anyone can GET /hm/http://example.com/bob but it only makes sense to Bob
Future Work
- Implementing destructive-read and logging features
- Implementing attack prevention measures in the HTTP Mailbox
- Evaluate various message storage options
- How multiple mailboxes work together?
- Shared message store
- Peer-to-peer message store
- Hybrid storage system
Conclusions
- Removed various client-side and server-side barriers and enabled
- Full CORS support
- Full REST support
- Time-uncoupling
- Group communication (multicast)
- Implemented and benchmarked the implementation
- Utilized the implementation in real applications
- Available at https://github.com/ibnesayeed/HTTPMailbox
←
→
/
#