The document discusses the history and growth of web technologies, including protocols, applications, and security aspects, spanning from their inception in the 1950s to present-day influences. It highlights the role of various web protocols, their functionalities, and the evolution of web applications while addressing security challenges and cyber laws. Additionally, the document provides insights into the creation of websites for individuals and corporations, outlining essential steps and considerations.

1. Introduction to Web Technologies
Sudeshna Dey
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 1

2. Topics
• History and Growth of Web Technologies
• Web Protocols
• Web Applications
• Web Security Aspects
• Computational Aspects of the Internet
• Websites Creation – Individual and Corporate
• Introduction to Cyber Laws
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 2

3. History of Web Technologies
• Web technology – a technical gateway to the
Internet
• Age-old
– Started in 1950’s
– Started with point-to-point communications
– Mainframe computers and terminals
– Relied on packet switching networks, and
internally relies upon packet switching till date
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 3

4. History of Web Technologies (cont’d)
• ARPANET and Telenet emerged in 1960’s and 1970’s
• Relies on TCP/IP protocol today
– TCP/IP Was standardized over 1981 (ARPANET) and 1982
• TCP: Transmission Control Protocol
– At the logical layer
• IP: Internet Protocol
– At the physical layer
– After standardization, ISP services started emerging in late
1980’s in the USA
• Matured over 1990’s
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 4

5. Growth of the Internet
• The Internet grew exponentially from 1990s
– Still growing rapidly
• 35% of the global population connected to the Internet in
2011
– http://en.wikipedia.org/wiki/List_of_countries_by_number_of_Intern
et_users
– This makes around 250-crore Internet users worldwide
• Internet penetrating in social lives
• Used for different purposes
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 5

6. Growth of the Internet (cont’d)
• Internet usage purposes
– Emails for personal and corporate communications
– Instant messengers (chat) for instant communications
– VOIP for phone calls
– Social networks for connections in social circles
– Professional networks
– Blogs for personal and corporate communications
– Forums for CRM and cross-user discussions
– Web 2.0 for interactive browsing, such as videos, photo sharing, music
albums etc.
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 6

7. Web Protocols
• Protocols: Data transfer policies to ensure correct,
fast and efficient transfer of data with appropriate
security and privacy standards
• Different protocols for different types of data
processing
• Each protocol specifically designed to satisfy a well-
defined set of requirements
• Internet Engineering Task Force (IETF) manages the
Internet protocols such as TCP/IP
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 7

8. Web Protocols (cont’d)
• OSI (Open Systems Interconnection) protocol is the classic
network protocol
– 7 layers
– Physical layer: Electrical specifications of signals to carry data in form
of raw bits
– Data link layer: Converts raw bits from physical layer into frames and
back
– Network layer: Deals with data transfer across systems using physical
network addresses via routers and switches
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 8

9. Web Protocols (cont’d)
• OSI layers (cont’d)
– Transport layer: Transfers data across source and destination
processes at a logical level, providing interface to the lower physical
level
– Session layer: Creates and maintains session-level dialogues across
local and remote computers
– Presentation layer: Defines and encrypts/decrypts data types from
application layer
• Example: GIF and MPEG formats
– Application layer: Keeps track of running and managing
communications across applications at the highest level
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 9

10. Web Protocols (cont’d)
• Internet protocol suite
– Also known as the TCP/IP protocol
– The TCP and IP driven design encapsulates the functions of the 7
classic OSI layers in only 4 layers
– Link layer (Ethernet): Communicates for the local network
– Internet layer (IP): Connects local networks, establishing
internetworking
– Transport layer (TCP): Handles host-to-host communication
– Application layer (ex: HTTP): Contains protocols for all protocol-
specific data communication services at a process-to-process level
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 10

11. Web Protocols (cont’d)
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 11
• Image source:
http://en.wikiped
ia.org/wiki/Intern
et_Protocol_Suite
• Two Internet
hosts connected
via two routers
and the
corresponding
layers used at
each hop

12. Web Protocols (cont’d)
• Other web/application protocols
– FTP: File transfer protocol – protocol for file transfer across systems
– SFTP: Secure FTP – protocol to run FTP securely
– SSH: Secure shell protocol – establishes a secure peer-to-peer
connection across computers
– SMTP: Simple mail transfer protocol – protocol for email exchange
– HTTP: Hypertext transfer protocol – application protocol for web site
and web service level data exchange
– HTTPS: Secure HTTP – protocol to run HTTP securely
– SSL: Secure socket layer – establishes a secure socket connection
across computers
– Telnet: Telephone network protocol – used in early days of networking
to connect across computers
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 12

13. Web Applications
• Applications that run on the web
• Structures using three primary tiers
– Front tier considers design and presentation aspects to
users
– Middle tier contains business intelligence and carries out
the requisite processing
– Back end database tier is responsible for storing and
managing data
• Can be interactive
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 13

14. Web Applications (cont’d)
• Benefits
– Browser-based, hence no complex deployment process at clients
• Application is expected to work as long as the client has a web browser
and can connect to application portal
– Require little to no disk space on client machine
– Integrates easily into server-side processing, such as email and search
– Application rollout does not involve touching clients as the full update
happens at servers
– Compatible across platforms such as Linux, Windows and Mac, since
these are browser driven
– HTML5 allows web developers to create interactive applications using
native browsers
– Thin clients
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 14

15. Web Applications (cont’d)
• Limitations
– Usability less flexible compared to thick clients since the usage is
browser based
• Modern hybrid applications emerging to mix thick and thin clients
– Requires compatible web browsers
• Applications may contain browser-specific bugs
– Requires web server to be up and running – so creates a dependency
– Requires Internet connection to be up and running
– Open to privacy issues since user actions can be tracked by web
application provider
– Users forced to use newer versions of applications as the development
company rolls them out, giving user lesser choice of versions
• REST applications have improved version control capabilities using which clients can
potentially use older application versions
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 15

16. Web Security Aspects
• Security essential for web applications
• Security breach can happen in many ways
– Confidential information such as login information
– Sensitive financial information such as bank account or credit card
details
– Theft of identity
– Scams
• Lack of trust in security among users can lead to drastic
reduction in e-commerce volumes
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 16

17. Web Security Aspects (cont’d)
• Technical breach of security
– Virus attacks: Third-party self-replicating executable codes placed on a
computer causing different kinds of damages
– Spoofing attacks: One person masquerades as another by presenting
false data
– Phishing attacks: Attempt to acquire information such as username,
password and credit card details by masquerading as trustworthy
entity
• Often carried out by email spoofing
– Man-in-the-middle attacks: Eavesdropping on networks to listen for
incoming and outgoing packets and use the acquired information for
masquerading as false client to the server
– Manual hacking: Hackers hacking into websites through manual efforts
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 17

18. Web Security Aspects (cont’d)
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 18
• Spoofing attack
• Src: http://www.technicalinfo.net/papers/Pharming2.html

19. Web Security Aspects (cont’d)
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 19
• Phishing attacks via email
• Source: http://help.yo.co.zw/index.php?action=artikel&cat=11&id=1&artlang=en

20. Web Security Aspects (cont’d)
• Protection of security
– Cryptography
• Encryption: Transforms plain-text data into a human-unreadable format
• Decryption: Transforms encrypted data into plain text
– RSA protocol (Rivest Shamir Adleman)
• Asymmetric key based cryptography: Encryption and decryption keys are
different
– Public key: Made public, and used to encrypt data to send to the owner of the
public key
– Private key: Never distributed, and used to decrypt data encrypted by the
corresponding public key
– Asymmetric function because the same key cannot do both encryption and
decryption
– Symmetric key based cryptography: Same key used to encrypt and
decrypt
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 20

21. Computational Aspects of the Internet
• First generation: Web 1
• Second generation: Web 2.0
– Dynamic page generation
• Need to pull data from backend database
– Pages capture user context on the fly
– Session-based computations
– Web services
• Application programs running as services
• Example: Bill payment portals
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 21

22. Introduction to Website Creation
• Acquire domain name
– TLD (top level domains): com, org, net, me, mobi, info, biz, tv, edu, gov, in, us,
uk, de, jp, cn, it
– ICANN – the international body running the Internet registry – levies a fixed
annual fee per domain
• Acquire hosting space
• Need to create front, middle and back end
• Front end uses presentation technology
– Ex: HTML
• Middle tier requires programming
– Ex: JSP/Java, PHP, ASP/C#
• Backend requires database
– Ex: MySQL, Oracle, DB2, MS-SQL
• Can use Content Management System (CMS) such as Wordpress
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 22

23. Individual Websites
• Individual websites for persons
– Individual blogs
– Personal photos and videos
– Social media/network such as Facebook and Twitter
– Often with the .me TLD, but can be other TLDs
– Used for individual identity management
– Successful people use it for personal brand management
• Ex: RogerFederer.com
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 23

24. Corporate Websites
• Owned and maintained by corporates
• Large, medium and small businesses
• Large corporates host web portals in-house
– Massive corporations have data centers across world rather than
hosting on single computer
• Ex: Google, Facebook, Microsoft
• Medium businesses go for single, dual or quad core dedicated
servers
• Small businesses can possibly use shared web hosting services
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 24

25. Corporate Websites (cont’d)
• Corporate websites may be
– Informational
• Information distributed online, sales conducted from physical
stores offline
– Commercial
• More prevalent nowadays
• Direct sales from online portals
• Delivery can be online (for digital products or subscriptions) or
offline (for physical goods)
– Forums and blogs for enhanced PR and CRM
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 25

26. Introduction to Cyber Laws
• Identity protection
• Copyright protection
– Digital Millennium Copyright Act (DMCA) in the USA
• Protects intellectual property and copyrights using Digital Rights
Management (DRM)
• Address copyrights of technology, services and software products
• 5 titles
– WIPO Copyright and Performances and Phonograms Treaties Implementation
Act
– Online Copyright Infringement Liability Limitation Act
– Computer Maintenance Competition Assurance Act
– Miscellaneous Provisions
– Vessel Hull Design Protection Act
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 26