The introduction of NCSA's Mosaic browser ignited a fire of interest that is changing the face of the Internet, and the way we deal with networked information. The scramble for commercial success on the Internet has brought many technology vendors into the Web trade, resulting in the development of new tools and methods. As these advances define the role of commerce on the Internet, they will also change the way we conduct routine business on our networked campuses.
Private, personal information, including student and employee records, is integrated with the public, general information of the campus-wide information system. Freely distributed clients for DOS, Windows, MAC, Unix and timeshare users allow access to official, production data on both MVS and Unix platforms. The methods employed to achieve this success are simple, inexpensive and easily adapted.
While the administrative systems of the University can be characterized as closed, proprietary, controlled and secure, the student view of computing is open, pedestrian, public and wide- reaching. In keeping pace with trends toward a more student- centered campus, Delaware's administrative systems have been reworked to place an emphasis on self-service. Self-service technologies have been applied to deliver timely information directly to the customer. These technologies empower the customer and provide cost-effective, automated services that know no geographic bounds. Self-service technologies include interactive voice response dialogs, kiosk systems, debit-card transactions and World Wide Web applications.
It is impossible to grant the large, expanding customer base direct access to mainframe-based information systems. Faculty and research users of "academic" machines have little desire to log on to "administrative" machines and navigate through unfamiliar territory in search of needed information. Nor is it feasible to allow 22,000 students to log on to the administrative mainframe to review grades on the day they are posted. These closed, proprietary systems must be opened to allow such "pedestrian" use. Administrative information services must be adapted to behave more along the lines of publicly available Campus-Wide Information Systems (CWIS).
To meet these goals, Delaware chose to leverage existing
resources by merging
in order to
The key to successfully merging these technologies is "compromise". It is necessary to bring the security of the administrative environment to Internet tools, while opening the administrative systems to Internet protocols.
As Delaware first turned to the Web for administrative support, official institutional data was maintained using Software AG's ADABAS database system and processed by programs written in COBOL and NATURAL. On the other hand, CWIS information was collected, maintained and delivered on the World Wide Web. The use of Web browsers was widespread among campus customers, while existing Natural/ADABAS systems were robust and useful. These disparate resources were combined in a unique, but simple, way to deliver improved information service to students, staff and faculty.
This combination requires the transformation of the "host" of a host-terminal system into the "server" of a client-server system. The host and its associated applications becomes part of a client- server network enabling outreach and supporting diverse data types.
Such Web gateway servers may be built or bought. Several HTTP servers are available commercially at surprisingly low cost. Apple's Internet Server, Netscape's Commerce Server, and IBM's Internet Connection are examples of general-purpose HTTP servers that provide packaged sets of tools needed to develop Web applications. They are popular, inexpensive, vendor supported, and utilize economical hardware.
While commercial gateway servers provide the convenience of packaged toolsets, they may require additional hardware, new communications protocols, and unfamiliar programming languages. As an alternative, special-purpose HTTP servers can be developed in- house to perform these translations directly on existing hosts. Interpretive servers may be written on any networked platform, using any language supporting Internet communications interfaces.
This approach would, for example, allow COBOL programmers to open legacy systems to the Web using the tools, techniques and training of the legacy environment. While Web browsers expect information to be packaged using HTTP, they are not concerned with how that packaging is performed.
Whether built or bought, gateway servers use standard HTTP to communicate with Web browsers on the user side. On the application side, these servers employ Common Gateway Interfaces (CGI's) to communicate with external programs and databases. CGI's are programs or scripts and may be written in many languages, including C, Perl and AppleScript. CGI's allow Web servers to communicate with other servers, DBMS's, external programs, screen-scrapers, and a variety of network program interfaces.
CGI's may be used in conjunction with DBMS's and programming languages to build complete, new administrative applications or CGI's may play the role of transforming closed, proprietary administrative systems into compelling Web applications.
With many Delaware administrative systems residing on an MVS mainframe, interpretive servers were developed to run in this environment, accept Internet packets, recognize Web HTTP protocol, and call administrative application programs based on the content of these packets.
With interpretive servers speaking to administrative programs, existing tasks, such as transcript production, can be reused rather than re-developed. Upon request from a student client, the server simply invokes the existing COBOL transcript program. However, instead of printing or displaying the results, they are packaged in a Web packet and sent it out onto the network.
With an overall design goal of "using existing resources whenever possible", security schemes used for touch-tone registration were enlisted at Delaware to provide similar protection to the Internet clients. Student-ID and PIN (Personal Identification Number) authentication was already known and in use by students and staff. PIN-based authorization tables were already in place in existing administrative systems.
In order to protect the authentication information as well as the private records of students, faculty and staff, Netscape's Secure Socket Layer (SSL) encryption protocol was adopted. This protocol was selected because of the popularity and success of the Netscape's Web browser and because its socket-level encryption is ideal for supporting the re-use of existing authentication and authorization schemes.
SSL uses encryption to enhance user privacy by providing a communications channel that is secure against eavesdropping. When an SSL-aware browser connects to an SSL-secured server, all information passing between browser and server is fully encrypted. This secure data circuit allows existing authentication and authorization information to be safely exchanged on the network.
SSL is not the only security alternative available to those wanting to do business on the Web. Secure HTTP, Digest Access Authentication, Shen and DCE-Web security are several examples of current Web security efforts.
Students do not log on to the administrative system, there is no datacommunications overhead. A single task monitors an Internet port and responds to customer requests. This "stateless" client- server relationship allows many customers to effectively use administrative resources without becoming members of that environment.
Without the overhead of CICS or TSO sessions a mainframe server performs its simple tasks with little impact on the overall system.
Response is immediate, even for longer packages such as student transcripts. In addition, due to the nature of Web itself, the response time expectations of Web users are lower than those of interactive, transaction-based systems, so that if a delay is encountered it is unremarkable.
Such interpretive servers have the advantage of accessing production data directly. They need not rely on data extracts but instead return timely and accurate information from official, production records. As students perform touch-tone drop-add, they can immediately confirm schedule changes. As students pay bills, they can quickly print summaries of charges and payments. With many business transactions reaching databases in real time, it has become necessary to report these changes in real time. "Just-in- time" production of course schedules and transcripts calls for this level of timeliness. The stateless, Web server allows this to be accomplished easily and inexpensively.
At Delaware, servers have been deployed to run on MVS, Unix and MacOS platforms to allow information to be gleaned from various databases across campus and to take advantage of the relative merits of each operating system.
Client-side development costs are usually a large portion of a client-server budget. However, Web applications differ from the popular client-server model in that all Web development effort is on the server side. Since Web client tools are free and widespread, client-side costs were kept to a minimum.
Server-side development may be as simple as re-routing the formatted-text output of a COBOL report program to a routine to place the output in an HTTP packet. In many cases, there is no need to add HTML codes to a formatted text document and no need for application programmers to learn the details of HTML.
However, HTML syntax is easy to learn and enables application developers to transform simple, pre-formatted text reports into powerful hypertext documents supporting multimedia and user input.
In keeping with the goal of "self-service", Delaware's Internet client software is stored on a Web server and made available to anyone in the campus community across the network. A simple point-and-click causes the newest version of a program to be loaded, across the network, to the user's hard drive.
For Web applications themselves, the bulk of processing code remains on the "server-side" and version-control is centralized. HTTP mark-ups are, in effect, software code that is delivered and interpreted in real time insuring the most recent code changes are invoked by every user.
The Web's hypertext capabilities provide for easy access to associated documentation for all network-delivered software.
Vendor efforts, such as Sun Microsystems' Hot Java, demonstrate the ability to deliver secure program code as an integral part of a Web transaction. This capability will redefine distributed computing, allowing host servers to deliver machine-independent code to desktop clients for just-in-time processing.
The World Wide Web is emerging as a new model for administrative service on our campuses. With the application of emerging tools and technologies, existing resources can be re-used effectively to return immediate benefits against small investments. Each early adopter of these technologies will gain valuable experience and insight into the issues of delivering networked services and will establish a foundation for controlled growth and change.
Return to the top of this paper.