What is Web Server? | How Does a Web Server Work? - Server Watch

What is Web Server? | How Does a Web Server Work? - Server Watch

What is Web Server? | How Does a Web Server Work? - Server Watch

Posted: 14 Mar 2021 05:00 PM PDT

Why is it important to understand the answer to the question, how does a web server work? The success of a website doesn't just depend on its content and functionality but also the efficiency of the web server used to power it. This requires an understanding of a web server's capabilities and limitations. When discussing how a Web server works, it is not enough to simply outline a diagram of how low-level network packets go in and out of a Web server.

Years ago, when Web servers were first prototyped, they served simple HTML documents and images. Today, as we shall go into later in this tutorial, they are frequently used for much more.

The first step is to view the Web server as a black box and ask the questions: How does it work; what can it achieve? It's a safe assumption that most Internet users believe a Web site's success or failure is due to its content and functionality rather than the server used to power it. However, the choice of the correct server, and understanding its capabilities and limitations is an important step on the road to success.

What Does a Web Server Do?

So what does a web server do? It's software or hardware (or both together) that stores and delivers content to a web browser at a basic level. The servers communicate with browsers using Hypertext Transfer Protocol (HTTP). Web servers can also support SMTP (Simple Mail Transfer Protocol) and FTP (File Transfer Protocol). 

Web servers are also used for hosting websites and data for web applications. They can host single websites and multiple websites using virtualization.

How Does a Web Server Work Internally?

When the web server receives a request for content for a web page, such as


and maps that Uniform Resource Locator (URL)to a local file on the host server.

In this case, the file


is somewhere on the host file system. The server then loads this file from disk and serves it out across the network to the user's Web browser. This entire exchange is mediated by the browser and server talking to each other using HTTP. This workflow is shown in the figure below.

That's all there is to it. But if it's that simple, then why such an in-depth tutorial?

Because this simple arrangement, which allows the serving of static content such as HyperText Markup Language (HTML) and image files to a Web browser was the initial concept behind what we now call the World Wide Web. The beauty of its simplicity is that it has led to much more complex information exchanges being possible between browsers and Web servers.

Perhaps the most important expansion on this was the concept of dynamic content (i.e., Web pages created in response to a user's input, whether directly or indirectly). The oldest and most used standard for doing this is Common Gateway Interface (CGI). This is a pretty meaningless name, but it basically defines how a Web server should run programs locally and transmit their output through the Web server to the user's Web browser that is requesting the dynamic content.

For all intents and purposes the user's Web browser never really has to know that the content is dynamic because CGI is basically a Web server extension protocol. The figure below shows what happens when a browser requests a page dynamically generated from a CGI program.

The second important advance, and the one that makes e-commerce possible, was the introduction of HyperText Transmission Protocol, Secure (HTTPS). This protocol allows secure communication to go on between the browser and Web server.

In a nutshell, this means that it is safe for user and server to transmit sensitive data to each another across what might be considered an insecure network. What happens when the data arrives at either end is another matter, however, and should not be ignored. We will discuss this a bit later.

The simplicity of the above arrangements is deceptive, and underestimating its complexities often leads to bad decisions being made about the design of a Web-hosting infrastructure. It is too easy to focus on the design of the Web pages themselves and the technologies used to create dynamic content, such as Java, Javascript, Perl, C/C++, and ASP, and to subsequently miss the fact that each of these technologies can be aided, or hindered, by the platform on which they are to be run — the Web server itself.

In other words, explaining how a Web server works involve discussing more than just how a Web server serves documents. We will go over the following topics in our quest to finding out what and how a modern Web server goes about doing its activities.

We will start by explaining the low-level details underlying what a Web server must do. Then, we will discuss the issues surrounding the use of a Web server and how it fits within the scope of other infrastructural elements of the Internet. We will then close with a discussion of the relationship that applications have with Web servers.

Upskill and tell the story of the data - Federal News Network

Posted: 18 Mar 2021 03:19 PM PDT

A mastery of data literacy could mean a workforce that generates better planning and better decisions. One CDO said in order to make that happen, she gives her employees the ability to make data-driven decisions.

"What we're trying to do is teach them about analytics and teach them to be able to tell the story of the data," said Teresa Smith, Chief Data Officer at the Defense Logistics Agency, on Federal Monthly Insights — Analytics in Government.

Smith said one of the challenges growing up an analyst in the DLA data world is understanding the question that someone is trying to answer.

"So as we are developing our data strategy and making these the tools and the data accessible to our employees, we want to make sure that we're giving them the right data to help them answer the right questions," Smith said on the Federal Drive with Tom Temin.

The right training is key, Smith said, to "upskill the workforce" is allowing people to get the knowledge they need to do their jobs effectively.

"We've defined the data-related roles and responsibilities, identified authoritative data sources. But within the data and analytics community, specifically, we in my office are hosting communities of practice, where we cover topics like how to foster data literacy, the critical parts around data quality, sharing information and being collaborative, so that it really is a community that's joined, and they're learning from one another," Smith said.

DLA is big, very big. To paraphrase just part of how DLA's website defines its raison d'etre: DLA is America's combat logistics support agency, which manages the global supply chain from raw materials to end user to disposition, for the all branches of the military, 11 combatant commands and other federal agencies.

"We have some analysts that focus on specific areas, but in large part, they need to understand the holistic business, because it's very rare that you don't need to understand the planning aspect on the procurement aspect or the procurement aspects on the distribution aspect," Smith said.

The job of analytics in government, Smith said, is more than just presenting data in a report. It is important to "call out the pertinent facts."

"We can say 'hey, here is an example of where we need to change course, or see that this group of items is impacting metrics in such a way.' What we're really trying to do around some of our analytics is not only give that diagnostic view, but that predictive and prescriptive view, so that we can pull that information out and really direct the appropriate behavior, instead of just laying data out there in sight and have at it. We need to not only know what happened in the past, but looked at what's going to happen in the future with our data," Smith said

Virginia’s New Law Continues America’s Patchwork Approach To Data Privacy Regulation - JD Supra

Posted: 18 Mar 2021 11:47 AM PDT

With the California Consumer Privacy Act in 2018 (CCPA), and the California Privacy Rights Act of 2020 (CPRA), California has dared Congress, twice, to pass sorely needed federal privacy legislation. Now Virginia is in on the act. Earlier this month, Governor Northam signed into law the Consumer Data Protection Act (CDPA), making Virginia the second state to pass a comprehensive consumer privacy regulation. The CDPA, has plenty in common with the CCPA (as amended by the CPRA). Slated to begin on January 1, 2023, the same day that the CPRA's changes take effect in California, the CDPA will be enforced by the Virginia Attorney General. We'll be posting much more about both laws between now and then, but for now, businesses should understand that Virginia's CDPA also differs from California's CCPA in some important ways. Some of the key differences are:

No gross revenue threshold

The CCPA covers, among other types of companies, any for-profit company that does business in California and has annual gross revenues of at least $25 million. The CDPA by contrast, has no revenue threshold. It applies to any company that does business in Virginia and (i) annually collects the personal information of at least 100,000 consumers (Virginia residents), or (ii) annually collects the personal information of at least 25,000 consumers and derives a majority of revenues from sales of personal information.

A narrower definition of "consumer"

The CCPA protects "consumers," which it defines as "a natural person who is a California resident." But Virginia defines a "consumer" as a resident "acting only in an individual or household context," which, critically, "does not include a natural person "acting in a commercial or employment context." (The CCPA currently includes indirect and partial exemptions for employee data and personal information collected through business-to-business interactions, but those exemptions are due to expire on January 1, 2023.)

A clearer definition of "sale" of personal information

One of the most vexing compliance questions under the CCPA has been determining whether a business "sells" personal information. That's because of the CCPA's broad definition of sale, which includes making a consumer's personal information available to a third party "for monetary or other valuable consideration." Debate continues over whether use of third party analytics and digital advertising tools provided by Facebook, Google and others amounts to a "sale" of website visitors' personal information to those providers under this definition, which would require the business to offer an opt-out for cookies and online trackers related to those tools.

Virginia sticks to a more traditional concept of "sale," defining it as "the exchange of personal data for monetary consideration." The CDPA regulates "targeted advertising" separately, defining it as "displaying advertisements to a consumer where the advertisement is selected based on personal data obtained from a consumer's activities over time and across nonaffiliated websites or online applications to predict such consumer's preferences or interests." The opt-out right covers both "sales" and "targeted advertising."

Clearer exemptions for certain types of businesses

The CCPA has been criticized for not including unequivocal exemptions for healthcare providers and financial institutions, which are already subject to industry-specific federal privacy laws. By contrast, the CDPA makes clear that it does not apply to "financial institutions" subject to the Gramm-Leach-Bliley Act or a "covered entity or business associate" governed by HIPAA.

No exceptions to the right of deletion

Unlike the CCPA, the CDPA does not provide any exceptions to a consumer's right to deletion of their personal information. Barring an amendment, this deletion requirement threatens operational headaches for covered businesses and their service providers who receive deletion requests for data that they have an independent legal obligation or business need to retain.

More states are lining up

What is abundantly clear is that the impending wave of state privacy laws and regulations has both traction and momentum, and may ultimately serve as the basis for federal law at some point in the future. We can expect even more legislation to come as additional states set forth their own, "more improved," versions.

In fact, more than 15 states have either introduced a data privacy and consumer protection bill or currently have one in committee, including Alabama, Florida, Illinois, Iowa, Kentucky, Minnesota, Mississippi, Nebraska, New Mexico, New York, North Dakota, Oklahoma, Pennsylvania, South Carolina, Utah, Washington state and Wisconsin. As a result, no one version of this legislation can possibly represent the "privacy law panacea" for the foreseeable future.

It is imperative that businesses continuously strive to remain at the forefront of understanding the newest changes, nuances and distinctions in these privacy laws and those to come. Equally important, however, is developing a privacy program rooted in thorough data mapping, a culture of data minimization in product development and service delivery, and a commitment to user-friendly transparency, which will serve as a necessary foundation for complying with the privacy laws of today and tomorrow.


Popular posts from this blog

10 Best New Age Business Ideas - CT Post

COVID-19: New business ideas emerge as people work from home - The Jakarta Post - Jakarta Post

$10,000 up for grabs during annual Citadel competition for business ideas - ABC NEWS 4