SILK Web -- Articles and Documentation
From INTERFACE 200 - March 31, 1997
Get Your Own Customized Server--"As Quick As You Can Say SILK Web"
The
S ecure Internet-LinKed (SILK) Web technologies' second major facility will be available on June second1. At that time, you will be able to create and manage your own customized SILK Web server ¾ all that you will need is a Web browser, an e-mail address, and DCRT account/initials (as in aaaaiii). You will have complete control of your customized SILK server's content and scope of access. DCRT will deal with the complex, time-consuming, and expensive issues of hardware/software purchases, up-grades, and maintenance, physical server security, connectivity, performance monitoring and tuning, power interruptions, and continuing compatibility with the Web's ever changing technologies. Best of all, you can easily create and run your own customized SILK Web server without needing to study documentation or attend training courses, or ask a "Web guru" to change your server or its contents.On the first Monday in June, the SILK homepage http://silk.nih.gov/ will have a link to the new customized SILK server facility's webpage. From there, choosing "Customized Servers" will take you to the webpage that allows you to choose the appropriate activity¾ Create Server, Manage Server or Manage Pages.
I. Creating Your Server
First Things First
Before you can create a server, you should understand your agency's Web policies. When you click on the button that indicates you have read and understood the NIH (or other agency) policies, you will then be able to proceed with creation of your customized server. You should also be aware that using this facility will cause charges to accrue to the specified DCRT account. It is your responsibility to obtain any policy or financial approvals required by your organization.
Information You Need to Provide
On the Create Server webpage, you must provide the information necessary for setting up your customized server: a name for the server, a brief description, an optional "group password," and the account to be charged. A tip: if you own multiple account/initial combinations, sign on with the one that you wish to "own" the server. Remember on initial entry to the SILK Web facility, you already gave your DCRT account/initials and associated password¾ this account will be charged the costs of using your server. This account/initial combination will have special authorities that are only available to the owner.
- Server Name
The name that you give your server is very important, so you should give a lot of thought to your choice. First, the name must be "unique" ¾ that is, not already used for another customized server (consult the SILK Web registry for a listing of all server names that are public). The name can have a maximum of 15 alphanumeric characters ¾ and no blanks or slashes.
The best reasons for taking care in selecting the name: it will be a key part of your SILK server's address on the Web (or webpage) and it should reflect the primary purpose of your server. For example, if you choose the name "myserver," then the
Web address used to access your server's webpage would be either of the following:
http://silk.nih.gov/silk/myserver/
http://silk.nih.gov/silk/myserver/homepage
These two Web addresses are equivalent. The first address simply defaults to the server’s webpage, while the second specifies it.
- Server Description
A short description of your server will appear with your server name if you decide to have it publicized in the SILK Server Registry (see below). This description gives you the opportunity to give more information about your server's purpose than is possible in the server name.
- Access Security Level
You may choose from three levels of access security level¾ "unrestricted," "registered users," or "designated users"¾ as well as an optional "group password" for your customized SILK Web server. Your choice will become the default access security for all pages within your server, although you may override this default for individual pages via SILK's Manage Pages facility.
Three Levels of Access
Unrestricted
This indicates that anyone may access your server ¾ either using the server's Web address or a link from another webpage.
Registered Users
This provides a higher level of access security for your server. This level requires that only registered DCRT users will have access¾ they will be asked to supply their DCRT account/ initials before being permitted entry. Although this is not a rigorous level of security for your server, it does keep out the general public and it does not require significant administrative overhead on your part.
Designated Users
This provides the highest level of access security for your server. For this level of security, you must list the specific DCRT account/initials of those individuals who will have access. This level indicates that individuals must not only have DCRT account/initials to access to your server¾ but also it must be one of the userids you have designated. Anyone with other account/initials will be barred from accessing your server. While this level permits you to control access to a very fine degree, a fairly high level of ad-ministrative effort is needed to keep your server's access list current ¾ especially if the list is large.
Group Password
You may also choose to apply a "group password" to your server¾ available to all three levels of access (above). This indicates that people who attempt to access your server will not only have to meet the requirements for your chosen level of access¾ they will also be asked to enter the "group" password you have assigned to your server. You have full
control over this password¾ you may set or change the password to any value you choose ¾ and you may divulge it only to the people you choose. This will also require some administrative overhead on your part.
Registry of SILK Customized Servers
SILK maintains a registry of servers. If you opt to use this facility, your server's name and description will be listed in the registry. Allowing your server to be added to this list will publicize it to a broader audience.
Co-Owner(s)
Once your server has been created, you may authorize others to help you manage your server¾ in fact we recommend doing this. (Almost certainly the only time a devastating "typo" will be found on your homepage is during your vacation in the Caribbean.)
Use the Manage Server facility to designate co-owners for your server, by specifying their DCRT account/initials (e.g., aaaaiii). A co-owner can perform any function that you can except terminating¾ that is, removing¾ your customized server.
II. Managing Your Server
After your customized SILK Web server has been created and running, you may use SILK's Manage Server facility to maintain or update information on your server or learn about its usage.
Changes in Server Characteristics
You may wish to make some changes to the current configuration¾ or to the information you gave when you created the server. Go to the Manage Server webpage to add or remove co-owners, reset your server's access security level, change the "group password," modify your server's description, add or remove your server from the SILK registry¾ and more.
Page Access Information
The Manage Server facility can provide information about your server's use. You can examine the number of "hits" for each page and view detailed usage information on who ¾ that is, what IP addresses¾ accessed each page and when.
III. Managing Your Pages
SILK's Manage Pages facility is especially important, because a server's primary value lies in what it contains¾ its files (or webpages). This facility allows you to add, remove, and work with pages on your server. The three main functions provided are up-loading files, downloading files, and setting expiration dates for your webpages.
Uploading and Downloading Files
SILK Web provides an easy-to-use upload and download facility for readily moving webpages between your personal computer and your customized SILK Web server. SILK allows you to locate a file on any drive on your personal computer, and upload it directly into your server. You can then use other Manage Pages functions to control access to the uploaded file.
The upload and download functions¾ in fact all functions of SILK servers¾ are performed via a Web browser. (SILK Web technology does not include an ability to create or modify webpages, a function already available on many desktop computer products and text editors.)
Please note: The uploads can only be done with a Netscape browser at present. Other browsers do not contain the software capable of performing this function.
Expiration Dates
If you decide to use your customized SILK Web server to announce upcoming events (or for other date-dependent information), you may wish to designate an expiration date for the page that contains the announcement. SILK handles this function for you¾ simply specify an expiration date for a webpage, and SILK will automatically remove the page at the end of the day indicated.
IV. Costs for Using Your Server
A one-time fee of $50 dollars for setting up your customized server will take effect on September 8¾ we are waiving this fee for servers set up before that date. Your monthly fees are determined by the actual level of service provided to your server¾ the fees are a combination of the amount of data stored on your server plus the amount of data your server sends to browsers. These rates for SILK servers are competitive, based on our evaluation of the rate structures of similar, commercial providers of Web servers.
Three levels of service will be available ¾ basic, intermediate, and advanced. The table below details the charges for each level of service:
|
|
Costs of Your Customized Server
|
|||
|
|
Levels of Use |
Monthly Fees |
||
|
|
Storage |
Traffic |
Server Security2 |
|
|
Basic |
10 MB |
500 MB1 |
$60 |
$10 |
|
Intermediate |
25 MB |
1000 MB1 |
$110 |
$15 |
|
Advanced |
50 MB |
2000 MB1 |
$200 |
$20 |
|
1 Above the maximum for each level of service, there will be an additional $1 for each (or any portion of) 1 MB of data stored and $1 for each (or any portion of) 10 MB of data sent. (See an example of the costs of "basic service" below.)
|
||||
|
2 This charge is assessed if the server uses either the "designated users" security feature or the "group" password facility¾ both require monitoring. There will be no monthly security fee for servers created with "unrestricted" or "registered users" security.
|
||||
What Does Basic Service Really Cost?
When you create a server, you will incur a one-time $50 setup fee (assuming you do this after September 8). Your monthly fees for a server with "basic" level of service will come to $60. If your server becomes very popular one month¾ for example, users are sent 515 MB of data during that month ¾ the charge for that month will be $60 plus $2 for the additional 15 MB of data transferred, resulting in a total of $62. You should be able to save money by carefully choosing the level of service appropriate for your needs.
Benefits Available to All Servers at No Additional Cost
The NIH Computer Center provides a wide range of support services for all Web servers, including:
- nightly backups for all data
- fully-secured environment for all data and servers
- high-speed data connections
- server management services
- comprehensive file uploading facilities
- 24 hours/day access
Stay Tuned . . . .
We will announce further enhancements in SILK Web technology as they become available. Enhancements for customized Web servers will include more capabilities for servers¾ such as the ability to upload directories¾and more information for owners.
SILK is an extraordinary Web-based technology that--when fully implemented--will provide easy ways for customers to develop secure intranets and build Web-based client/server applications.
1The first major facility was announced in INTERFACE 198. See "A New Web Service--Smooth as SILK" and "Guidelines for Using the New SILK Web Facility." Other SILK Documentation
SILK Web Puts Customer Information at Your Fingertips
The new SILK Web technology gives you an easy way to get information about other NIH Computer Center customers. In this new SILK application, you can find in one place names, addresses, initials, telephone numbers, and e-mail addresses--with links to the NIH telephone and e-mail directories, and the DHHS employee directory.
Just point to the webpage
http://silk.nih.gov/locator
and--with the click of your mouse--you will quickly have a huge repository of information at your fingertips.
Let Your Fingertips Do the Walking
At your fingertips is the page, "NIH Computer Center Customer Information," which provides customer information, as well as links to the three directories.
If you wish information on a customer, you will asked to enter your username (that is, aaaaiii, for account and initials), as well as your MVS password. You have several ways to search for information. When you request by:
Name
- initials, full name, address, and phone number for any person(s) matching the request
- link to NIH e-mail directory for each person
Initials (three characters), the display shows:
- name, address, and phone number for the individual
- link to NIH e-mail directory
DCRT Account (four characters), t he display shows:
- name, initials, and phone number for the
- deregistration official (and alternate)
What Do You Need to Do This?
All you need are a personal computer or workstation, a Web browser (e.g., Netscape or Microsoft), a link to NIHnet, and a DCRT account. It's as easy as "One, two, three . . . click."
SILK Web Server¾ Controlling Access to Data Sets
The announcement of the new SILK Web facility 4 mentioned that--in order to take advantage of the capabilities of the "secure" server--the owner of an MVS data set must provide the appropriate RACF protection. RACF is a valuable facility and well worth the few minutes taken to master and use it for protecting important data.
The following directions should guide users unacquainted with RACF--and perhaps those already knowledgeable--through the steps needed to protect MVS data sets accessed through the a secure SILK Web server. At this time, CFB supports only one method of providing this protection--the WYLBUR ENTER RACF command--although a Web-based method is currently under development.
Creating a RACF Group and Generic Profile
CFB recommends the use of RACF "groups" with the use of RACF "generic profiles," since this results in simpler maintenance. The directions that follow will show you how to:
- create a RACF group, which contains the list of users who will be allowed access to a data set
- create a generic RACF profile, which specifies the data sets to have restricted access
- create a link between the RACF group and the generic RACF profile, and
- add users to the RACF group, so they will be able to access the data sets indicated by the generic RACF profile.
Step by Step Directions
When you logon to WYLBUR or TSO you must provide an account (that is, aaaa) and initials (that is, iii). In these directions, the term RACFid refers to iii. Once you are in WYLBUR, type the ENTER RACF command.
From the main RACF menu, select the GP (group processing) option, and then enter C (create).
When prompted, enter a group name. The name must be unique, have up to eight characters, and be made up of three elements. In a group named "@iiigrp," the three elements are:
iii CFB recommends that the next three characters be a RACFid (probably the one used to sign on to the system)--to keep the name unique.
grp this element can have up to four alphanumeric characters--usually to indicate the purpose of the group.
Note: ENTER RACF will check the RACF data base to verify that the name entered is unique before continuing. ENTER RACF submits batch jobs to perform each request. These jobs usually take only a few seconds to complete.
The owner is the person who has the authority to specify restrictions on access (e.g., read, none) and to grant access to other individuals.
When prompted, enter the initials of the group's owner--usually the RACFid of the person entering these commands. To return to the main RACF menu--at the "MORE?" prompt, enter NO.
From the main ENTER RACF menu, enter P GENERIC (for protect generic).
Generic profile names may be defined with a "wild card" character to indicate that all files with a given prefix are to be protected. If all your data sets for the "secure" SILK server begin with
@WWW.MYDATA.**
as the generic profile name.
Caution: If you choose "
@WWW.**" as the profile name, you will protect a very large number of data sets--and all SILK Web server data sets will be RACF protected. You will not be able to use any public server data sets, including those that you have already established or will create in the future. Therefore we recommend that you use a more specific profile (e.g., @WWW.MYDATA.**) to identify only the secure data sets you wish to protect.When prompted for the owner--that is, the person having authority to protect data sets--most users will probably enter their own RACFid.
Choose NONE for Universal Access to prevent unauthorized access to Web data files.
3. Create a link between the RACF group and the generic RACF profile.
Indicate that the data sets protected by the generic profile are to be accessible to users in the RACF group.
From the main ENTER RACF menu, enter M GENERIC (for modify generic) to modify the generic profile just created. That is, specify that the group created in step 1 may read the files created in step 2.
Enter
When prompted for the RACFids to have access, enter the group name @IIIGRP created in step 1.
4. Add users to a RACF group.
From the main ENTER RACF menu, enter GP (for group processing) and then enter CN (for connect).
Enter the group name--such as "@iiigrp" above--and the owner's RACFid. Connect users to this group by entering their RACFids. These additional users will then have READ access to the
Users can be added or removed from the access group by repeating step 4 at a later time. Use CN (for connect) to add users, and REMOVE to subtract users.
Protection--Retroactive in Some Cases
After this any files created beginning with
@WWW.MYDATA. will automatically be protected. If files--with the same prefix--existed prior to this, they will be protected as well.If you have any questions about protecting SILK Web files, please call TASC.
4 See "A new Web Service--Smooth as SILK" (INTERFACE 198). Other SILK Documentation
SILK Web Server ¾Support for Data Sets with Carriage Control
MVS data sets can now be displayed as webpages via Web browsers and the SILK server facility. Any data set beginning with "@www." following the user's account/initials¾ for example, "aaaaiii.@www.homepage.html"¾ may be displayed via the Web.
The last qualifier in the name determines the type of file that will be displayed on the webpage. In the example (above), ".html" or ".htm" means that the file is in html format. Other possible qualifiers at the end of data set names are ".jpeg" and ".gif."
New Qualifier for Data Set Names
You may now specify ".dsncc" as the last qualifier in a "@www." data set name¾ to save the file as a text file with carriage control. This qualifier means that certain codes for carriage control will be converted to html commands on the webpage.
Many batch jobs create output with the first column position representing printer carriage control. For example,
| In first column | Means (to MVS system) | Becomes (in HTML) | |
| 1 | skip to head of form (i.e., next page) | <hr> | horizontal rule |
| [blank] | single spacing | [ ] | |
| 0 | double spacing | <br> | break |
| - | triple spacing | <br><br>* | break break* |
* Please note: some browsers treat <br><br> as a single <br>.
Other SILK Documentation
Updated 4/22/99 Please send comments to SILKMASTER |
||
Center for Information Technology |
||