introduction to web technologies sudeshna dey copyright © : sudeshna dey -- 2012 - till date. all...

Introduction to Web Technologies

Sudeshna Dey

Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 1

Topics

• History and Growth of Web Technologies• Web Protocols• Web Applications• Web Security Aspects• Computational Aspects of the Internet• Websites Creation – Individual and Corporate• Introduction to Cyber Laws


History of Web Technologies

• Web technology – a technical gateway to the Internet

• Age-old– Started in 1950’s– Started with point-to-point communications– Mainframe computers and terminals– Relied on packet switching networks, and

internally relies upon packet switching till date


History of Web Technologies (cont’d)

• ARPANET and Telenet emerged in 1960’s and 1970’s• Relies on TCP/IP protocol today– TCP/IP Was standardized over 1981 (ARPANET) and 1982

• TCP: Transmission Control Protocol– At the logical layer

• IP: Internet Protocol– At the physical layer

– After standardization, ISP services started emerging in late 1980’s in the USA

• Matured over 1990’s


Growth of the Internet

• The Internet grew exponentially from 1990s– Still growing rapidly

• 35% of the global population connected to the Internet in 2011– http://en.wikipedia.org/wiki/List_of_countries_by_number_of_Intern

et_users– This makes around 250-crore Internet users worldwide

• Internet penetrating in social lives• Used for different purposes


http://en.wikipedia.org/wiki/List_of_countries_by_number_of_Internet_users

http://en.wikipedia.org/wiki/List_of_countries_by_number_of_Internet_users

Growth of the Internet (cont’d)

• Internet usage purposes– Emails for personal and corporate communications– Instant messengers (chat) for instant communications– VOIP for phone calls– Social networks for connections in social circles– Professional networks– Blogs for personal and corporate communications– Forums for CRM and cross-user discussions– Web 2.0 for interactive browsing, such as videos, photo sharing, music

albums etc.


Web Protocols

• Protocols: Data transfer policies to ensure correct, fast and efficient transfer of data with appropriate security and privacy standards

• Different protocols for different types of data processing

• Each protocol specifically designed to satisfy a well-defined set of requirements

• Internet Engineering Task Force (IETF) manages the Internet protocols such as TCP/IP


Web Protocols (cont’d)

• OSI (Open Systems Interconnection) protocol is the classic network protocol– 7 layers– Physical layer: Electrical specifications of signals to carry data in form

of raw bits– Data link layer: Converts raw bits from physical layer into frames and

back– Network layer: Deals with data transfer across systems using physical

network addresses via routers and switches



• OSI layers (cont’d)– Transport layer: Transfers data across source and destination

processes at a logical level, providing interface to the lower physical level

– Session layer: Creates and maintains session-level dialogues across local and remote computers

– Presentation layer: Defines and encrypts/decrypts data types from application layer• Example: GIF and MPEG formats

– Application layer: Keeps track of running and managing communications across applications at the highest level



• Internet protocol suite– Also known as the TCP/IP protocol– The TCP and IP driven design encapsulates the functions of the 7

classic OSI layers in only 4 layers– Link layer (Ethernet): Communicates for the local network– Internet layer (IP): Connects local networks, establishing

internetworking– Transport layer (TCP): Handles host-to-host communication– Application layer (ex: HTTP): Contains protocols for all protocol-

specific data communication services at a process-to-process level




• Image source: http://en.wikipedia.org/wiki/Internet_Protocol_Suite

• Two Internet hosts connected via two routers and the corresponding layers used at each hop

http://en.wikipedia.org/wiki/Internet_Protocol_Suite



Web Protocols (cont’d)• Other web/application protocols

– FTP: File transfer protocol – protocol for file transfer across systems– SFTP: Secure FTP – protocol to run FTP securely– SSH: Secure shell protocol – establishes a secure peer-to-peer

connection across computers– SMTP: Simple mail transfer protocol – protocol for email exchange– HTTP: Hypertext transfer protocol – application protocol for web site

and web service level data exchange– HTTPS: Secure HTTP – protocol to run HTTP securely– SSL: Secure socket layer – establishes a secure socket connection

across computers– Telnet: Telephone network protocol – used in early days of

networking to connect across computers


Web Applications

• Applications that run on the web• Structures using three primary tiers– Front tier considers design and presentation aspects to

users– Middle tier contains business intelligence and carries out

the requisite processing– Back end database tier is responsible for storing and

managing data

• Can be interactive


Web Applications (cont’d)

• Benefits– Browser-based, hence no complex deployment process at clients

• Application is expected to work as long as the client has a web browser and can connect to application portal

– Require little to no disk space on client machine– Integrates easily into server-side processing, such as email and search– Application rollout does not involve touching clients as the full update

happens at servers– Compatible across platforms such as Linux, Windows and Mac, since

these are browser driven– HTML5 allows web developers to create interactive applications using

native browsers– Thin clients


Web Applications (cont’d)

• Limitations– Usability less flexible compared to thick clients since the usage is

browser based• Modern hybrid applications emerging to mix thick and thin clients

– Requires compatible web browsers• Applications may contain browser-specific bugs

– Requires web server to be up and running – so creates a dependency– Requires Internet connection to be up and running– Open to privacy issues since user actions can be tracked by web

application provider– Users forced to use newer versions of applications as the development

company rolls them out, giving user lesser choice of versions• REST applications have improved version control capabilities using which clients can

potentially use older application versions


Web Security Aspects

• Security essential for web applications• Security breach can happen in many ways

– Confidential information such as login information– Sensitive financial information such as bank account or credit card

details– Theft of identity– Scams

• Lack of trust in security among users can lead to drastic reduction in e-commerce volumes


Web Security Aspects (cont’d)

• Technical breach of security– Virus attacks: Third-party self-replicating executable codes placed on a

computer causing different kinds of damages– Spoofing attacks: One person masquerades as another by presenting

false data– Phishing attacks: Attempt to acquire information such as username,

password and credit card details by masquerading as trustworthy entity• Often carried out by email spoofing

– Man-in-the-middle attacks: Eavesdropping on networks to listen for incoming and outgoing packets and use the acquired information for masquerading as false client to the server

– Manual hacking: Hackers hacking into websites through manual efforts




• Spoofing attack• Src: http://www.technicalinfo.net/papers/Pharming2.html

http://www.technicalinfo.net/papers/Pharming2.html



• Phishing attacks via email• Source: http://help.yo.co.zw/index.php?action=artikel&cat=11&id=1&artlang=en


• Protection of security– Cryptography

• Encryption: Transforms plain-text data into a human-unreadable format• Decryption: Transforms encrypted data into plain text

– RSA protocol (Rivest Shamir Adleman)• Asymmetric key based cryptography: Encryption and decryption keys are

different– Public key: Made public, and used to encrypt data to send to the owner of the

public key– Private key: Never distributed, and used to decrypt data encrypted by the

corresponding public key– Asymmetric function because the same key cannot do both encryption and

decryption

– Symmetric key based cryptography: Same key used to encrypt and decrypt


Computational Aspects of the Internet

• First generation: Web 1• Second generation: Web 2.0– Dynamic page generation• Need to pull data from backend database

– Pages capture user context on the fly– Session-based computations– Web services• Application programs running as services• Example: Bill payment portals


Introduction to Website Creation• Acquire domain name

– TLD (top level domains): com, org, net, me, mobi, info, biz, tv, edu, gov, in, us, uk, de, jp, cn, it

– ICANN – the international body running the Internet registry – levies a fixed annual fee per domain

• Acquire hosting space• Need to create front, middle and back end• Front end uses presentation technology

– Ex: HTML

• Middle tier requires programming– Ex: JSP/Java, PHP, ASP/C#

• Backend requires database– Ex: MySQL, Oracle, DB2, MS-SQL

• Can use Content Management System (CMS) such as WordpressCopyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 22

Individual Websites

• Individual websites for persons– Individual blogs– Personal photos and videos– Social media/network such as Facebook and Twitter– Often with the .me TLD, but can be other TLDs– Used for individual identity management– Successful people use it for personal brand management

• Ex: RogerFederer.com


Corporate Websites

• Owned and maintained by corporates• Large, medium and small businesses• Large corporates host web portals in-house

– Massive corporations have data centers across world rather than hosting on single computer• Ex: Google, Facebook, Microsoft

• Medium businesses go for single, dual or quad core dedicated servers

• Small businesses can possibly use shared web hosting services


Corporate Websites (cont’d)

• Corporate websites may be– Informational

• Information distributed online, sales conducted from physical stores offline

– Commercial• More prevalent nowadays• Direct sales from online portals• Delivery can be online (for digital products or subscriptions) or

offline (for physical goods)

– Forums and blogs for enhanced PR and CRM


Introduction to Cyber Laws

• Identity protection• Copyright protection– Digital Millennium Copyright Act (DMCA) in the USA

• Protects intellectual property and copyrights using Digital Rights Management (DRM)

• Address copyrights of technology, services and software products• 5 titles

– WIPO Copyright and Performances and Phonograms Treaties Implementation Act

– Online Copyright Infringement Liability Limitation Act– Computer Maintenance Competition Assurance Act– Miscellaneous Provisions– Vessel Hull Design Protection Act


introduction to web technologies sudeshna dey copyright © : sudeshna dey -- 2012 - till date. all...

Documents

internet protocols

internet protocolat

web protocolsprotocols

internetthe internet

efficient transfer of

data transfer policies

data transfer ac

backnetwork layer