NOVL's chief scientist: 'proxylets"

Date view Thread view Subject view Author view

From: Rohit Khare (
Date: Sat Nov 04 2000 - 13:16:08 PPET

Amazing stuff throughout this issue: --RK

About the author:
Drew Major is Novell's chief scientist and vice president of advanced
development. His team's recent activities include bringing Java into
NetWare. He was one of the original developers of NetWare, and
continues to play an integral role in designing and developing every
NetWare release.

Proxy Servers: The Next Internet Hotbed
With proxy servers, location is everything.

Proxy servers are poised to become the next great Internet platform
for application development. That's the view of a wide range of
companies, from Akamai and Digital Island, to CacheFlow, Sun
Microsystems, and Novell. The industry has already seen smarter, more
capable browsers, Web servers, and routers. In the next stage of
Internet development, proxy servers will offer an invaluable array of
services that are either impossible or impractical to implement at
either the browser or Web server. Novell's Internet Caching System
(ICS)-based Web acceleration products and services provide a new
foundation for true Net services to drive the next generation of
Internet innovation.

For most of their existence, proxy servers have been synonymous with
Web caching. The machines intercept user requests en route to the
origin server, look to their own directories for the desired URLs,
and if possible, deliver the goods. As any florist will tell you:
Local delivery is faster.

But proxy servers have other potential applications. Their place in
the network between the user's browser and the Web server make them
ideal for a wide range of extensible services that go beyond faster
throughput. A proposed framework for these services is being
considered by the Internet Engineering Task Force (IETF) at This document proposes a standardized, open, extensible
architecture for caching proxies "that mediate, modify, and monitor
object requests and responses."

Some nonstandard extensible proxy services are already at work on the
Web-assembling advertising content, for example. But that's just the
beginning. One promising area of development is identity management:
the ability of users to move from computer to computer while still
maintaining and controlling their online identity.

Today, identity management is in a rudimentary state, relying
exclusively on cookies. Cookies work fine on a single machine, but
log on from your laptop or your brother-in-law's PC, and you're
suddenly a stranger on the Internet. Proxy server applications will
make it possible to log on from any computer with your identity
intact. You'll be able to fill in online forms with a few clicks of a
mouse, impose personal content filtering, and perform other functions
dependent on personal preferences, no matter where you access the
Internet. Conversely, identity management services can also make you
anonymous, so that a "nosy" Web site can't record your personal
information against your wishes.

The key to Internet-wide identity management is to store personal
information on the Net itself-not on a personal computer. Residing
between the client and origin server, proxy servers are the obvious
platform. In modern business parlance, proxy servers will act as
"infomediaries"-trusted agents that represent your interests to the
wider Internet. Infomediaries work on your behalf, meaning you
control what personal information is stored and who gets access to it.

Providing a structure for these and other proxy services has a few
broad requirements. Good network performance must be maintained,
while still allowing flexible definition of new services. And the
environment must be ubiquitous, available on all hardware platforms
and operating systems, and it must support proxy cache services from
multiple vendors. As a neutral third party, IETF will help make all
this possible.

Extensible Proxy Services
Under the proposed architecture, you can deploy extensible proxy
services in two ways: universally and individually. The proxy owner
can install a service, making it available to everyone. And
individuals can request that specified services be deployed
dynamically on their behalf, much as they would download and install
plug-ins for the browsers on their local machines.

These proxy plug-ins are small pieces of code, called "proxylettes,"
that control the "valves" of data flow-monitoring data, and, when
appropriate, requesting services from the Web server, perhaps using
the Internet Content Adaptation Protocol (ICAP). These requests
include everything from a new browser screen to a database retrieval.
The server itself does the computation, returning the results to the
proxylette, which injects them back into the stream.

For obvious reasons, proxy programming environments will be highly
secure and tightly sandboxed. Services will be closely coupled to the
proxy's functions-not general-purpose applications. Proxylettes will
"know" who the user is and the data's nature. Moreover, the
architecture allows for mobile users. When users identify themselves,
a directory routes their preferences to the nearest proxy.

The proposed architecture opens the door for many commercial
applications. Consider, for example, a comparative shopping engine
that offers its services through a "watermark" button permanently
anchored at the browser screen's corner. Online shoppers about to
purchase a portable MP3 player can first click on the button, which
brings up competitive prices on that item from other electronic

A proxylette working with a shopping engine server could deliver this
convenient method of comparison shopping. The proxylette places the
watermark button, communicates the page you're on to the shopping
server, and inserts the search results as a frame on the user's
browser screen. While you could implement this kind of service with a
browser plug-in, proxylettes greatly simplify deployment. As with
Java applets, you write proxylettes once, and they run anywhere. As
with browser and Web server plug-ins, proxylettes will require a new
set of programming skills-primarily with XML and Java.

In many ways, proposing the proxy as a new Internet development
platform is an audacious act, and we don't do so lightly. Some
developers disagree, arguing that intelligence should reside only at
the end points. But the more you consider the benefits, the more you
realize the worth of a smart proxy architecture. As the framework
moves through the comment stage and new, sometimes revolutionary
applications emerge, proxy services will take their place as the next
great leap in Internet development.

Date view Thread view Subject view Author view

This archive was generated by hypermail 2b29 : Sat Nov 04 2000 - 13:20:55 PPET