Title: ECommerce Infrastructure
1E-CommerceInfrastructure Security
- Lecture 2
- Protocols and Markup Languages
- Multi-Tiered Client-Server Architectures
2The Shatterer of Worlds
- Imagine a time without computers, the Internet,
or E-Commerce - How did we get here, and whats changed?
3The Internet Effect
- Communication
- Media
- How we work
- How we play
- A distributed world view
4Something Wicked This Way Comes
- Mainframe computing
- Desktop computing environment
- Ubiquitous/mobile computing
5The Circle of Life
Centralized computing
Desktop computing
Networked/distributed computing
ASPs(vive la dumb-terminal!)
6Agenda
- Internet History
- Protocols
- Markup Languages
- Multi-Tiered Architectures
- Security Overview
7Internet History
- Mid 60s
- State of the art was 110bps(2 words per second)
networks - 56kbps (550 times faster!)network of 12
universities/organizations - Sharing processors was the motivation
8Packet Switching
- Underlying technology of ARPAnet
- Cheaper than circuit switching networks
- Within the packets
- Address information
- Error control information
- Sequencing information
- No longer centrally controlled
- Designed for faults/attacks
9Reality Hits ARPAnet
- E-mail the first Net killer ap
- Communication is king!
- Others want in
10Letting Everyone In the Game
- TCP Transmission Control Protocol
- Used to route data correctly
- Others were developing networks as well
- How do you bring them all together?
- IP Internetworking protocol
- Creates a network of networks
- Thus, TCP/IP
11Then What?
- Businesses seize the golden goose
- There becomes an insatiable desire for
- Increased processor speed
- Increased bandwidth
- Network service providers
- Software
12Enter the PC
- Pioneered by Apple in 1977
- IBM (jumped in later in 1981)
- Creates the desktop mode
- Opens the door for the consumer
13What Was Necessary?
- What elements had to exist before the Web could
explode as it has done in the last decade?
14What Was Necessary?
- Cheap computing
- Reliable, cheap network technology
- Service Providers
- Delphi, CompuServe, Prodigy, AOL, etc.
- Content
- Easy-to-use software!
15Why Now?
- Computing power is cheap
- People are increasingly mobile
- Browsers have come a long way
- Service providers make it easier
- Huge amounts of content
- Consumer bandwidth is increasing
16Protocols
- You should have had exposure to these in previous
classes - You need to know the following terminology so you
can effectively build E-commerce web sites
17Protocol Terminology
- HTTP - Hypertext Transfer Protocol used for Web
transmissions - Client sends request
- Server responds with page/file
- Client closes session
- One request/response/close cycle for each file
requested
18Protocol Terminology
- SMTP/POP/IMAP
- Used for E-mail transmissions
- FTP
- Used to control the transfer of files from one
computer to another
19Protocol Application
- Why are protocols needed?
- Why standardize?
- Why have multiple protocols?
20Clearing a Display
- You need to write a network-based, terminal
program that will run on any platform - MAC, Unix, Windows, SunOS, etc.
- How can you clear the terminal?
21Clearing the Screen
- CLS in Basic/Dos
- PrintLn() x 25 (or 50) times in Pascal
- clear in UNIX
- Etc.
22Everything In Its Place
- Why should the author/programmer worry about
implementation? - Why not let each client machine worry about how
to accomplish the desired task? - Improves portability, reuse, etc.
23Enter Markup Languages
- Purpose is to mark documents with tags
- Tags are
- Device-independent
- Language-independent
- Represent properties/attributes of objects within
a document
24HTML
- This should be review for you if youve taken the
pre-reqs for these courses(and remember what you
learned!)
25Hypertext Markup Language
- Subset of SGML (Standard General Markup
Language) - Utility of SGML
- Without some of the little-needed features
26Benefits of the HTML Approach
- Separates the content from the implementation
- For example, ltEMgt for emphasis (replacing the
deprecated ltigt tag)
27Benefits of HTML (cont.)
- Language-independent
- Machine-independent
- Client-side processing
28HTML In ITSK3413/3423
- You should be able to quickly understand HTML
when viewed native - Use any authoring tool youd like
- Our goal is results, not specifics
29HTML You Should Know
- Alignment
- Text Formatting
- Graphics ( image maps)
- Links (internal external)
- Tables
- Forms
- Frames
30Our HTML Standard
- Well standardize on HTML 4.01 (the latest)
- All assignments must work in IE 5 or later
- Worry about browser conflicts and
incompatibilities on the job, not here!
31Enough on HTML Just Do It!
32Multi-Tiered Architecture
- Two approaches well concern ourselves with in
this course - Two-Tiered
- Three-Tiered
33How does Web Communication Work?
- DNS Lookup first (distributed lookup)
- Handshake
- SYN from client
- SYN/ACK from server
- ACK from client
- Packets of info until request fulfilled
34The Two-Tiered Approach
TCP/IP
35HTTP Example Client Side
- Client requests page
- Client formats an HTTP request
- The request consists of
- Request line
- Request header
- Optional entity body
36Request Details
- Command (typically GET)
- Filename (requested)
- Protocol being used (client informs)
- Request header additional info as needed
- Entity body used to upload content
37HTTP Example Server Side
- Server responds
- Finds requested file
- Formulates response and sends to client
- Header
- Fields (informs client)
- Body (content)
38The Three-Tiered Approach
TCP/IP
39Additions in Three-Tiered Approach
- Client/Server interactions remain the same
- Additional backend needed
- Fulfill complex client requests
- Business logic
- Data storage
- ERP Enterprise Resource Planning
- Introduces a new interaction
40Server-Backend Communication
- Server analyzes client request
- Realizes it needs the backend
- Server requests a DB transaction with backend
- Backend formulates response and sends to server
- Server formats information into HTML
- Server sends information to client
41Thin Clients
- One approach is to rely upon the client as little
as possible - Assume only minimal processor/memory
- Assume minimal browser capability
- What might justify this decision?
- Why might you go a different route?
42Next Week
- Look at various Web servers
- Examine .NET architecture
- Security issues on client server
- Business models hosting options
- Cryptography
43Have a Great Weekend!
FIN