Web Technology and DBMSs - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Web Technology and DBMSs

Description:

The increasing accessibility of databases on the Internet and ... Scripting Languages (JavaScript and VBScript). Microsoft Active Platform: ASP and ADO. ... – PowerPoint PPT presentation

Number of Views:133
Avg rating:3.0/5.0
Slides: 24
Provided by: thomas718
Category:

less

Transcript and Presenter's Notes

Title: Web Technology and DBMSs


1
Chapter 24
  • Web Technology and DBMSs
  • Transparencies

2
Questions you should be able to answer from this
chapter
  • What would you consider to be the most important
    advantages and disadvantages of the World-Wide
    Web as a distributed information system (web-dbms
    approach)?
  • The World Wide Web is a distributed information
    system based on hypertext. Discuss how the
    two-tier client-server architecture may not be
    entirely suitable for this environment and
    describe and alternative architecture
  • The increasing accessibility of databases on the
    Internet and Intranets requires a reanalysis and
    extension of the normal approaches to security.
    Discuss some of the issues associated with
    database system security in these environments.

4
3
Introduction
  • Many Web sites today are file-based where each
    Web document is stored in separate file.
  • For large sites, this can lead to significant
    management problems.
  • Also many Web sites now contain more dynamic
    information, such as product and pricing data.
  • Maintaining such data in both a database and in
    separate HTML files is problematic.
  • Accessing database directly from Web would be a
    better approach.
  • Worldwide collection of interconnected networks.
  • Began in late 60s in ARPANET, a US DOD project,
    investigating how to build networks that could
    withstand partial outages.
  • Starting with a few nodes, Internet estimated to
    have over 100 million users in 1997, and over 270
    million users in over 100 countries in 1998, with
    one million new users joining each month.
  • May be 199 million users of Web by year 2000.

5
4
Intranet and Extranet
  • Intranet - A Web site or group of sites belonging
    to an organization, accessible only by the
    members of an organization.
  • Extranet - An intranet that is partially
    accessible to authorized outsiders.
  • Whereas intranet resides behind firewall and is
    accessible only to people who are members of same
    organization, extranet provides various levels of
    accessibility to outsiders.
  • Hypermedia-based system that provides a simple
    point and click means of browsing information
    on the Internet using hyperlinks.
  • Information presented on Web pages, which can
    contain text, graphics, pictures, sound, and
    video.
  • Can also contain hyperlinks to other Web pages,
    which allow users to navigate in a non-sequential
    way through information.
  • Web documents written using HTML.

7
5
The Web
  • Web consists of network of computers that can act
    in two roles
  • as servers, providing information
  • as clients (browsers), requesting information.
  • Protocol that governs exchange of information
    between Web server and browser is HTTP and
    locations within documents identified as a URL.
  • Much of Webs success is due to its simplicity
    and platform-independence.

9
6
HyperText Transfer Protocol (HTTP)
  • Protocol used to transfer Web pages through
    Internet.
  • Based on request-response paradigm
  • Connection - Client establishes connection with
    Web server.
  • Request - Client sends request to Web server.
  • Response - Web server sends response (HTML
    document) to client.
  • Close - Connection closed by Web server.
  • HTTP/1.0 is stateless protocol - each connection
    closed once server provides response.
  • difficult to support concept of a session that is
    essential to basic DBMS transactions.

Static and Dynamic Web Pages
  • HTML document stored in file is static Web page.
  • Content of dynamic Web page is generated each
    time it is accessed.
  • Thus, dynamic Web page can
  • respond to user input from browser.
  • be customized by and for each user.
  • Requires hypertext to be generated by servers.
  • Need scripts that perform conversions from diff
    data formats into HTML on-the-fly.

11
7
HyperText Markup Language (HTML) / URLS
  • Document formatting language used to design most
    Web pages.
  • HTML is an application of Standardized
    Generalized Markup Language (SGML), a system for
    defining structured document types and markup
    languages to represent instances of those
    document types.
  • URLS
  • String of alphanumeric characters that
    represents location or address of a resource on
    Internet and how that resource should be
    accessed. Defines uniquely where documents
    (resources) can be found.
  • Uniform Resource Identifiers (URIs) - generic set
    of all Internet resource names/addresses.
  • Uniform Resource Names (URNs) - persistent,
    location-independent name. Relies on name lookup
    services.
  • URL consists of three basic parts
  • protocol used for the connection - Host name -
    path name on host where resource stored.
  • Can optionally specify
  • port through which connection to host should be
    made - query string.

13
8
Requirements for Web-DBMS Integration
  • Ability to access valuable corporate data in a
    secure manner.
  • Data and vendor independent connectivity to allow
    freedom of choice in DBMS selection.
  • Ability to interface to database independent of
    any proprietary browser or Web server.
  • Connectivity solution that takes advantage of all
    the features of an organizations DBMS.
  • Open-architecture to allow interoperability with
    a variety of systems and technologies. For
    example
  • different Web servers Microsoft's (Distributed)
    Common Object Model (DCOM/COM) CORBA/IIOP
    (Internet Inter-ORB protocol) Java RMI
  • Cost-effective solution that allows for
    scalability, growth, and changes in strategic
    directions, and helps reduce applications
    development costs.
  • Support for transactions that span multiple HTTP
    requests.
  • Support for session- and application-based
    authentication.
  • Acceptable performance.
  • Minimal administration overhead.
  • Set of high-level productivity tools to allow
    applications to be developed, maintained, and
    deployed with relative ease and speed.

19
9
File-server
  • File-server is connected to several workstations
    across a network.
  • Database resides on file-server.
  • DBMS and applications run on each workstation.
  • Disadvantages include
  • Significant network traffic.
  • Copy of DBMS on each workstation.
  • Concurrency, recovery and integrity
  • control more complex

10
Client-server
  • Server holds the database and the DBMS.
  • Client manages the user interface and runs
    applications.
  • Advantages include
  • Wider access to existing databases.
  • Increased performance.
  • Possible reduction in hardware costs.
  • Reduction in communication costs.
  • Increased consistency.

38
11
Three-Tier Client-Server Architecture
  • Client side presented two problems preventing
    true scalability
  • Fat client, requiring considerable resources on
    clients computer to run effectively.
  • Significant client side administration overhead.
  • By 1995, three layers proposed, each potentially
    running on a different platform.
  • Advantages
  • Thin client, requiring less expensive hardware.
  • Application maintenance centralized.
  • Easier to modify or replace one tier without
    affecting others.
  • Separating business logic from database functions
    makes it easier to implement load balancing.
  • Maps quite naturally to Web environment.

24
12
Web-DBMS Approach
Advantages
Disadvantages
  • DBMS advantages
  • Simplicity
  • Platform independence
  • Graphical User Interface
  • Standardization
  • Cross-platform support
  • Transparent network access
  • Scalable deployment
  • Innovation
  • Reliability
  • Security
  • Cost
  • Scalability
  • Limited functionality of HTML
  • Statelessness
  • Bandwidth
  • Performance
  • Immaturity of development tools

27
13
Approaches to Integrating Web and DBMSs
  • Common Gateway Interface (CGI).
  • Server-Side Includes.
  • HTTP Cookies.
  • Extending the Web Server.
  • Java and JDBC, JSQL and JRB.
  • Scripting Languages (JavaScript and VBScript).
  • Microsoft Active Platform ASP and ADO.
  • Oracle Network Computing Architecture.

29
14
JDBC
  • Modeled after ODBC, JDBC API supports basic SQL
    functionality.
  • With JDBC, Java can be used as host language for
    writing database applications.
  • On top of JDBC, higher-level APIs can be built.
  • Currently, two types of higher-level APIs
  • An embedded SQL for Java.
  • A direct mapping of relational database tables to
    Java classes.
  • JDBC API consists of two main interfaces an API
    for application writers, and a lower-level driver
    API for driver writers.
  • Applications and applets can access databases
    using
  • JDBC API with pure Java JDBC drivers,
  • ODBC drivers and existing database client
    libraries.
  • Advantages/Disadvantages
  • Advantage of using ODBC drivers is that they are
    a de facto standard for PC database access, and
    are available for many DBMSs, for very low price.
  • Disadvantages with this approach
  • Non-pure JDBC driver will not necessarily work
    with a Web browser.
  • Downloaded applet can connect only to database
    located on host machine.
  • Deployment costs increase.

48
15
Security
  • All Internet traffic travels in the clear and
    anyone who monitors traffic can read it.
  • Need to ensure with communication that
  • It is inaccessible to anyone but sender and
    receiver (privacy).
  • It has not been changed during transmission
    (integrity).
  • Receiver can be sure it came from sender
    (authenticity).
  • Sender can be sure receiver is genuine
    (non-fabrication).
  • Sender cannot deny he or she sent it
    (non-repudiation).
  • Must also protect information once it has reached
    Web server. Download may have executable content,
    which can perform following malicious actions
  • Corrupt data or execution state of programs.
  • Reformat complete disks.
  • Perform a total system shutdown.
  • Collect and download confidential data.
  • Usurp identity and impersonate user.
  • Lock up resources.
  • Cause non-fatal but unwelcome effects.
  • Look at
  • Proxy Servers.
  • Firewalls
  • Message Digest
  • - Digital Certificates.
  • Kerberos.
  • SSL and S-HTTP.
  • SET and SST.
  • Java Security.
  • ActiveX Security.

70
16
Proxy Servers
  • Proxy server is computer that sits between
    browser and Web server.
  • It intercepts all requests to Web server to try
    to fulfil requests itself.
  • Has two main purposes
  • improve performance
  • filter requests.

Firewalls
  • Designed to prevent unauthorized access to/from a
    private network.
  • Can be implemented in both hardware and software,
    or a combination of both.
  • Several types of firewall techniques
  • Packet filter.
  • Application gateway.
  • Circuit-level gateway.
  • Proxy server.

74
17
Message Digest Algorithms
  • Message digest algorithm takes an arbitrary-sized
    string (message) and generates fixed-length
    string (digest or hash).
  • A digest has following characteristics
  • It should be computationally infeasible to find
    another message that will generate same digest.
  • Digest does not reveal anything about message.

Digital Signatures
  • Digital signature consists of two parts
  • string of bits computed from data being signed
  • private key of individual or organization wishing
    the signature.
  • Can be used to verify data comes from this
    individual or organization. Digital signature has
    many useful properties
  • Authenticity can be verified, using public key.
  • Cannot be forged (assuming private key is kept
    secret).
  • Data signed and cannot be claimed to be signature
    for any other data.
  • Signed data cannot be changed or signature will
    no longer verify data

76
18
Digital Certificates
  • Attachment to electronic message used for
    security purposes (e.g. verify user sending
    message), and provide receiver with means to
    encode reply.
  • Sender applies for certificate from Certificate
    Authority (CA).
  • CA issues encrypted certificate containing
    applicants public key and other identification
    information.
  • CA makes its own public key readily available.
  • Recipient uses CAs public key to decode
    certificate attached to message, verifies it as
    issued by CA, and obtains senders public key and
    identification information held within
    certificate.
  • With this information, recipient can send an
    encrypted reply.
  • CAs role is critical, acting as go-between in
    relationship between two parties.

79
19
Kerberos
  • A server of secured user names and passwords.
  • Provides one centralized security server for all
    data and resources on network.
  • Database access, login, authorization control,
    and other security features are centralized on
    trusted Kerberos servers.
  • Has similar function to that of Certificate
    server to identify and validate a user.

Secure Sockets Layer (SSL)
  • Encryption protocol for transmitting private
    documents
  • Designed to prevent eavesdropping, tampering, and
    message forgery.
  • Works by using private key to encrypt data that
    is transferred over SSL connection.
  • Layered between application-level protocols such
    as HTTP and TCP/IP transport-level protocol.
  • Thus, may be used for other application-level
    protocols such as FTP and NNTP.

81
20
Secure-HTTP (S-HTTP)
  • Protocol for securely transmitting individual
    messages over Web.
  • Both SSL and S-HTTP use techniques such as
    encryption, and digital signatures, and
  • Allow browsers and servers to authenticate each
    other.
  • Allow controlled access to Web site.
  • Ensure data exchanged between browser and server
    is secure and reliable.

Secure Electronic Transactions
  • Open, interoperable standard for processing
    credit card transactions over Internet, in simple
    and secure way.
  • Transaction is split in such a way that merchant
    has access to information about
  • what is being purchased,
  • how much it costs,
  • whether payment is approved,
  • but no information on what payment method
    customer is using.

83
21
Secure Transaction Technology (SST)
  • Protocol designed to handle secure bank payments
    over Internet.
  • Uses DES encryption of information, RSA
    encryption of bankcard information, and strong
    authentication of all parties involved in
    transaction.

Java Security
  • Sandbox ensures untrusted application cannot gain
    access to system resources.
  • Involves three components
  • class loader,
  • bytecode verifier,
  • security manager.
  • Safety features provided by language and JVM, and
    enforced by compiler and runtime system.
  • Security is a policy built on top of safety layer.

87
22
ActiveX Security
  • ActiveX security model places no restrictions on
    what a control can do.
  • Instead, each ActiveX control can be digitally
    signed by its author using system called
    Authenticode.
  • Digital signatures are then certified by CA.
  • This security model places responsibility for the
    computers security on the user.

HTTP/1.1
  • Number of new features added. Look at two
  • Persistent connections become default behavior.
    While open, client can send synchronous or
    asynchronous messages, and server can respond to
    them in order.
  • Digest authentication provided as replacement for
    basic authentication. Password remains secret
    between client and server. Client and server
    compute digest value using the MD5 and digest is
    sent across network.

93
23
XML (eXtensible Markup Language)
  • XML is new standard that could preserve general
    application independence that makes HTML portable
    and powerful.
  • Pared-down version of SGML, designed especially
    for Web documents.
  • Designers can create their own customized tags to
    provide functionality not available with HTML.
  • SGML allows document to be logically separated
    into two
  • Document Type Definition (DTD)
  • other containing the text itself.
  • Useful features include
  • Database Schema Definition.
  • Linking to relative objects or elements.
  • Support for bi-directional links.
  • Simplicity may be lost with move to XML.

95
Write a Comment
User Comments (0)
About PowerShow.com