As well known in the computer field, client-server computing architecture separates a client from a server and is generally implemented over a computer network, such as the Internet. Each client or server connected to a network is also referred to as a node. The basic type of client-servers architecture employs two types of nodes, which are clients and servers. It allows computing devices to share files and resources. Each instance of the client software can send data requests to one or more connected servers. In turn, the servers accept these requests, process them, and return the requested information to the client. These days clients are most often web browsers, although not always. Servers typically include web servers, database servers, and mail servers. The present disclosure applies to all these types of servers. The interaction between client and server is often described using sequence diagrams.
Client-servers architecture enables the roles and responsibilities of the computing system to be distributed among several independent computers that are coupled only through the network. Typically the data is stored on the servers, which generally have greater security controls then most clients. In general in the field, it is believed that servers can better control access and resources, so as to guarantee that only those clients with the appropriate permissions may access and change data. Since data storage is thereby centralized, updates to that data are easier to administer than would be the case under a peer-to-peer (non-client server) architecture.
In a typical case when a user is visiting an e-commerce website, the user's computer and web browser together are considered the client, while the computer platform and database application that make up the online store are considered the server. When the web browser requests specific information from the online store, the server finds all of the data in the database needed to satisfy the request from the browser, assembles that data into a web page, and transmits that web page back to the web browser for viewing. Typical types of clients therefore include web browsers, email clients, and chat clients.
However in general, it is known that the client-server architecture is subject to security deficiencies in terms of user data being obtainable illegitimately by hackers. Organizations operating servers and offering client-server architectures for users are therefore constantly in threat of security breaches. The security breaches, of course, tend to focus on the server, which typically stores large amounts of information pertaining not only to the databases, for instance for the online store, but also a good deal of user information, such as passwords, credit card numbers, user addresses, emails, etc. Hence typically the security weakness in a client-server architecture is the centrality of user information being held at the servers.