4.3.2. Multi-Tier Architecture

The architecture of modern information systems consists of three layers, as shown in Fig. 4.10. Web-based applications, such as electronic business, can also be framed in a three-tier architecture. The first layer, also called the presentation layer, embodies the user interface with the Web services. Via interpretation of HTML or XML by a browser, Web users enter data, edit data, and receive information. New interfaces are available for accessing Web services from mobile devices, such as cellular phones and Personal Digital Assistants (PDAs). The business logic layer, also known as application layer, encapsulates a collection of rules to implement the application logic. The separation of the business logic from the presentation layer and the data services gives a new level of autonomy to applications and makes them more robust [12]. In the case of Web-based applications, this middle tier also contains components displayed by the browser, such as Java applets and ActiveX controls. The data service layer consists of persistent data that are managed by mechanisms that guarantee reliability, stability, and availability. Database servers and mainframes are example of components of the data layer.

In distributed systems, middleware is seen as the software that facilitates the integration between clients and servers. Examples of middleware in the Internet are HTTP, SSL, and CORBA.

Web sites basically implement the application and data layers of a system architecture. Figure 4.11 shows a three-tier e-business site, composed of a load balancer, Web servers in layer 1, application servers in layer 2, and data servers in layer 3. These various elements are interconnected through various Local Area Networks (LANs), routers, and firewalls. A firewall is a special type of router that can be configured to block flow of packets from one network to another. This is important to shield important internal servers from external attacks. The flow of a request in Fig. 4.11 would be as follows. Requests arrive at the load balancer through the router that connects the site to the Internet. The load balancer then decides which Web server should receive the request. The next section discusses load balancing in more detail. A firewall (firewall 1) isolates LAN 1 from the internal part of the site. The zone that is accessible to the outside world is called the demilitarized zone (DMZ). Firewall 1 ensures that any of the Web servers in layer 1 only receive requests from the load balancer and not from the outside world. Web servers send requests to application servers. Firewall 2 ensures that application servers are only contacted by Web servers. Finally, if an application server needs data from a database server, the request has to flow through firewall 3.

Multi-tier architectures aim at obtaining the following benefits: scalability, availability, security, and integration with legacy data that reside on mainframes. Security can be improved by the use of firewalls that restrict access to application servers and database servers to Web servers only as explained above. Security to users can also be provided by the use of authentication protocols such as SSL and TLS discussed in Chapter 5. Scalability and availability are obtained by using multiple servers at each layer. Also, load balancing mechanisms can be used to improve overall performance.