Powering the digital frontier with web technologies.

Introduction to Web Technologies
Sudeshna Dey
Copyright © : Sudeshna Dey -- 2012 - Till Date. All Rights Reserved. 1

Topics
• History and Growth of Web Technologies
• Web Protocols
• Web Applications
• Web Security Aspects
• Computational Aspects of the Internet
• Websites Creation – Individual and Corporate
• Introduction to Cyber Laws

History of Web Technologies
• Web technology – a technical gateway to the
Internet
• Age-old
– Started in 1950’s
– Started with point-to-point communications
– Mainframe computers and terminals
– Relied on packet switching networks, and
internally relies upon packet switching till date

History of Web Technologies (cont’d)
• ARPANET and Telenet emerged in 1960’s and 1970’s
• Relies on TCP/IP protocol today
– TCP/IP Was standardized over 1981 (ARPANET) and 1982
• TCP: Transmission Control Protocol
– At the logical layer
• IP: Internet Protocol
– At the physical layer
– After standardization, ISP services started emerging in late
1980’s in the USA
• Matured over 1990’s

Growth of the Internet
• The Internet grew exponentially from 1990s
– Still growing rapidly
• 35% of the global population connected to the Internet in
2011
– http://en.wikipedia.org/wiki/List_of_countries_by_number_of_Intern
et_users
– This makes around 250-crore Internet users worldwide
• Internet penetrating in social lives
• Used for different purposes

Growth of the Internet (cont’d)
• Internet usage purposes
– Emails for personal and corporate communications
– Instant messengers (chat) for instant communications
– VOIP for phone calls
– Social networks for connections in social circles
– Professional networks
– Blogs for personal and corporate communications
– Forums for CRM and cross-user discussions
– Web 2.0 for interactive browsing, such as videos, photo sharing, music
albums etc.

Web Protocols
• Protocols: Data transfer policies to ensure correct,
fast and efficient transfer of data with appropriate
security and privacy standards
• Different protocols for different types of data
processing
• Each protocol specifically designed to satisfy a well-
defined set of requirements
• Internet Engineering Task Force (IETF) manages the
Internet protocols such as TCP/IP

Web Protocols (cont’d)
• OSI (Open Systems Interconnection) protocol is the classic
network protocol
– 7 layers
– Physical layer: Electrical specifications of signals to carry data in form
of raw bits
– Data link layer: Converts raw bits from physical layer into frames and
back
– Network layer: Deals with data transfer across systems using physical
network addresses via routers and switches

• OSI layers (cont’d)
– Transport layer: Transfers data across source and destination
processes at a logical level, providing interface to the lower physical
level
– Session layer: Creates and maintains session-level dialogues across
local and remote computers
– Presentation layer: Defines and encrypts/decrypts data types from
application layer
• Example: GIF and MPEG formats
– Application layer: Keeps track of running and managing
communications across applications at the highest level

• Internet protocol suite
– Also known as the TCP/IP protocol
– The TCP and IP driven design encapsulates the functions of the 7
classic OSI layers in only 4 layers
– Link layer (Ethernet): Communicates for the local network
– Internet layer (IP): Connects local networks, establishing
internetworking
– Transport layer (TCP): Handles host-to-host communication
– Application layer (ex: HTTP): Contains protocols for all protocol-
specific data communication services at a process-to-process level

• Image source:
http://en.wikiped
ia.org/wiki/Intern
et_Protocol_Suite
• Two Internet
hosts connected
via two routers
and the
corresponding
layers used at
each hop

• Other web/application protocols
– FTP: File transfer protocol – protocol for file transfer across systems
– SFTP: Secure FTP – protocol to run FTP securely
– SSH: Secure shell protocol – establishes a secure peer-to-peer
connection across computers
– SMTP: Simple mail transfer protocol – protocol for email exchange
– HTTP: Hypertext transfer protocol – application protocol for web site
and web service level data exchange
– HTTPS: Secure HTTP – protocol to run HTTP securely
– SSL: Secure socket layer – establishes a secure socket connection
across computers
– Telnet: Telephone network protocol – used in early days of networking
to connect across computers

Web Applications
• Applications that run on the web
• Structures using three primary tiers
– Front tier considers design and presentation aspects to
users
– Middle tier contains business intelligence and carries out
the requisite processing
– Back end database tier is responsible for storing and
managing data
• Can be interactive

Web Applications (cont’d)
• Benefits
– Browser-based, hence no complex deployment process at clients
• Application is expected to work as long as the client has a web browser
and can connect to application portal
– Require little to no disk space on client machine
– Integrates easily into server-side processing, such as email and search
– Application rollout does not involve touching clients as the full update
happens at servers
– Compatible across platforms such as Linux, Windows and Mac, since
these are browser driven
– HTML5 allows web developers to create interactive applications using
native browsers
– Thin clients

Web Applications (cont’d)
• Limitations
– Usability less flexible compared to thick clients since the usage is
browser based
• Modern hybrid applications emerging to mix thick and thin clients
– Requires compatible web browsers
• Applications may contain browser-specific bugs
– Requires web server to be up and running – so creates a dependency
– Requires Internet connection to be up and running
– Open to privacy issues since user actions can be tracked by web
application provider
– Users forced to use newer versions of applications as the development
company rolls them out, giving user lesser choice of versions
• REST applications have improved version control capabilities using which clients can
potentially use older application versions

Web Security Aspects
• Security essential for web applications
• Security breach can happen in many ways
– Confidential information such as login information
– Sensitive financial information such as bank account or credit card
details
– Theft of identity
– Scams
• Lack of trust in security among users can lead to drastic
reduction in e-commerce volumes

Web Security Aspects (cont’d)
• Technical breach of security
– Virus attacks: Third-party self-replicating executable codes placed on a
computer causing different kinds of damages
– Spoofing attacks: One person masquerades as another by presenting
false data
– Phishing attacks: Attempt to acquire information such as username,
password and credit card details by masquerading as trustworthy
entity
• Often carried out by email spoofing
– Man-in-the-middle attacks: Eavesdropping on networks to listen for
incoming and outgoing packets and use the acquired information for
masquerading as false client to the server
– Manual hacking: Hackers hacking into websites through manual efforts

• Spoofing attack
• Src: http://www.technicalinfo.net/papers/Pharming2.html

• Phishing attacks via email
• Source: http://help.yo.co.zw/index.php?action=artikel&cat=11&id=1&artlang=en

• Protection of security
– Cryptography
• Encryption: Transforms plain-text data into a human-unreadable format
• Decryption: Transforms encrypted data into plain text
– RSA protocol (Rivest Shamir Adleman)
• Asymmetric key based cryptography: Encryption and decryption keys are
different
– Public key: Made public, and used to encrypt data to send to the owner of the
public key
– Private key: Never distributed, and used to decrypt data encrypted by the
corresponding public key
– Asymmetric function because the same key cannot do both encryption and
decryption
– Symmetric key based cryptography: Same key used to encrypt and
decrypt

Computational Aspects of the Internet
• First generation: Web 1
• Second generation: Web 2.0
– Dynamic page generation
• Need to pull data from backend database
– Pages capture user context on the fly
– Session-based computations
– Web services
• Application programs running as services
• Example: Bill payment portals

Introduction to Website Creation
• Acquire domain name
– TLD (top level domains): com, org, net, me, mobi, info, biz, tv, edu, gov, in, us,
uk, de, jp, cn, it
– ICANN – the international body running the Internet registry – levies a fixed
annual fee per domain
• Acquire hosting space
• Need to create front, middle and back end
• Front end uses presentation technology
– Ex: HTML
• Middle tier requires programming
– Ex: JSP/Java, PHP, ASP/C#
• Backend requires database
– Ex: MySQL, Oracle, DB2, MS-SQL
• Can use Content Management System (CMS) such as Wordpress

Individual Websites
• Individual websites for persons
– Individual blogs
– Personal photos and videos
– Social media/network such as Facebook and Twitter
– Often with the .me TLD, but can be other TLDs
– Used for individual identity management
– Successful people use it for personal brand management
• Ex: RogerFederer.com

Corporate Websites
• Owned and maintained by corporates
• Large, medium and small businesses
• Large corporates host web portals in-house
– Massive corporations have data centers across world rather than
hosting on single computer
• Ex: Google, Facebook, Microsoft
• Medium businesses go for single, dual or quad core dedicated
servers
• Small businesses can possibly use shared web hosting services

Corporate Websites (cont’d)
• Corporate websites may be
– Informational
• Information distributed online, sales conducted from physical
stores offline
– Commercial
• More prevalent nowadays
• Direct sales from online portals
• Delivery can be online (for digital products or subscriptions) or
offline (for physical goods)
– Forums and blogs for enhanced PR and CRM

Introduction to Cyber Laws
• Identity protection
• Copyright protection
– Digital Millennium Copyright Act (DMCA) in the USA
• Protects intellectual property and copyrights using Digital Rights
Management (DRM)
• Address copyrights of technology, services and software products
• 5 titles
– WIPO Copyright and Performances and Phonograms Treaties Implementation
Act
– Online Copyright Infringement Liability Limitation Act
– Computer Maintenance Competition Assurance Act
– Miscellaneous Provisions
– Vessel Hull Design Protection Act

Powering the digital frontier with web technologies.

Recommended

Recommended

More Related Content

Similar to Powering the digital frontier with web technologies.

Similar to Powering the digital frontier with web technologies. (20)

Recently uploaded

Recently uploaded (19)

Powering the digital frontier with web technologies.