what in the world is the web? section 1 introduction to the internet
TRANSCRIPT
What in the world is the Web?
Who in the World Are Firebird Services?
Ebusiness experts Strategy through to implementation Consultants, project managers and developers Java or Microsoft or CGI/Perl environments Experience with many web/app servers
Ebusiness Services Strategy workshops through to hosting Technical arch/infrastructure design Audits, reports are a speciality We also offer training
http://www.firebirdservices.com
What in the world is the Web?
History of the WebHistory of the Web
Internet Arpanet project Resilience to nuclear attack Ease of access – not secure TCP/IP protocol
Web Web browsers Web sites HTTP protocol
HTTP
TCP
IP
SMTPNNTPFTP
What in the world is the Web?
Web ArchitectureWeb Architecture
Web Server Machine
Browser
Internet/Intranet
WebServer
Html Files
Programs
DATA
HTTP
Browsers:Internet ExplorerNetscapeMosaic
Web Servers:Microsoft IISApacheLotus DominoMany others..
What in the world is the Web?
Web Object NamingWeb Object Naming
http://www.microsoft.com/seminar/1033/default.htm
the object, a html file
name of the web server(note, this could be replaced with the ip address – 207.46.230.219)
protocol used to access the object
directory in which object is stored
What in the world is the Web?
Web AddressesWeb Addresses
Domain Nameswww.microsoft.com = International companywww.microsoft.co.uk = UK companywww.microsoft.co.nz = New Zealand companywww.cit.ac.nz = Academic institution in NZwww.maf.govt.nz = Govt establishment in NZwww.internic.net = Net services companywww.savethechildren.org = Organisation (non profit)
What in the world is the Web?
Internet Vs IntranetInternet Vs Intranet
Browser
Firewall
Intranet
Internal web servers
Internet
What in the world is the Web?
Intranet Vs ExtranetIntranet Vs Extranet
Browser
Firewall
Intranet
Internal web servers
Internet
Firewall
Extranet
Extranet web servers
What in the world is the Web?
Convergence of TechnologyConvergence of Technology
WAP
Browser
Web TV
Internet
What in the world is the Web?
Web PublishingWeb Publishing
Web Server Machine
Browser
Internet/Intranet
WebServer
Html Files
Programs
DATA
FTP
Publishing tools:FTP command linePublishing WizardsFrontPage
Publishing languages:HyperText Markup Language (HTML)JavascriptActive Server Pages (ASP)JavaCGI/Perl
What in the world is the Web?
Web Publishing (2)Web Publishing (2)
Get an Internet Service Provider (ISP) or Web Host
Create web pages in HTML/ASP etc FTP them to web server Register a domain name
Domainz (www.domainz.net.nz) Network Solutions
(www.networksolutions.com)
Promote web site
What in the world is the Web?
Promoting Web SitesPromoting Web Sites
Traditional methods Newspapers TV Business cards/letter heads
Web methods Register with search engines/portals Advertising banners (reciprocal) Usenet groups/discussion forums Targetted emails (do not Spam!)
What in the world is the Web?
Searching The WebSearching The Web
Search Engines/Portals Yahoo Excite Altavista Lycos
Usenet groups/discussion forums Bots – compare prices, etc.
What in the world is the Web?
Marketing on the WebMarketing on the Web
Communities ‘Sticky’ sites, get users to come back Get users to provide content for you Users advise each other, self service
Customer/Partner Relationship Management (CRM/PRM) Online interaction with Customer
Services via chat/discussion groups Self service facilities Online documentation, support,
downloadable help files etc.
What in the world is the Web?
Personalisation Users choose content they are
interested in – more likely to return You can track their behaviour once they
have logged in
Targetted Marketing Offer personalised products, special
offers and promotions Associative marketing – suggest
customer might consider x if buy y
Push Technologies
Marketing on the WebMarketing on the Web
What in the world is the Web?
Problems on the InternetProblems on the Internet
No centralised infrastructure Huge global scale - millions of
potential users Initial conception was openness and
robustness - not security Organisations must provide a
window into their networks Many will look for
non public items A few will step through
and cause havoc
What in the world is the Web?
Bandits on the InternetBandits on the Internet
Must avoid Impostors Spies Vandals
Moving targets New and ingenious mechanisms
for attacks Technology rapidly increasing
Severe damage usually detected when it is too late!!
What in the world is the Web?
The Technical SolutionsThe Technical Solutions
Access controls Cryptography
Encryption Digital signatures/certificates Authentication
What in the world is the Web?
Symmetric CryptographySymmetric Cryptography
Clear-textinput
Clear-textoutputCipher-text
Same key is used for both Encryption and
Decryption
“One man went to mow, went to mow a meadow”
“One man went to mow, went to mow a meadow”
“jakhdjuSIJBJISIJSjiuhw678jHUSNipwlhip0twiwouwwg”
Encryption Decryption
What in the world is the Web?
Asymmetric CryptographyAsymmetric Cryptography
Clear-textinput
Clear-textoutputCipher-text
“One man went to mow, went to mow a meadow”
“One man went to mow, went to mow a meadow”
“jakhdjuSIJBJISIJSjiuhw678jHUSNipwlhip0twiwouwwg”
Encryption Decryption
Receivers public
key
Receivers private
key
What in the world is the Web?
Digital SignaturesDigital Signatures
Signed document
DocumentDigital
Signature
Document
Message
DigestHASH
Encrypt withPrivate Key
Digital
Signature
What in the world is the Web?
Secure Channels (SSL)Secure Channels (SSL)
Provides Client Authentication Server Authentication Encryption Message Authentication
Stops: Imposters Spies Vandals
What in the world is the Web?
Secure SocketsSecure Sockets
Security protocols e.g. Secure Sockets Layer (SSL) Encryption Authentication of messages Authentication of end-points i.e.client and server
TCP
IP
HTTP TelnetGopherFTP
SSL/PCT
TCP/IP - designed to operate in layers
Icon
What in the world is the Web?
Certificate AuthoritiesCertificate Authorities
Trusted third parties Certificate contents include:
Certificate Authority name Certificate serial number Identity of subject: name/organization/address Public key of subject
Validity timestamps Signed by Certificate Authority’s
private key X.509 defines the standards
What in the world is the Web?
Other TechnologiesOther Technologies
Firewalls Password authentication File/Directory access controls Web Server configuration Network configuration Audit logs
What in the world is the Web?
Management SolutionsManagement Solutions
Technologies on their own not enough
Must have procedures in place to back them up and be following them
Physical security of web servers and data is crucial
Procedures for what is done with credit card numbers after receipt must be defined and followed
Security Video
What in the world is the Web?
SummarySummary
Many facets Biggest danger is internal
Not implementing or fully understanding the available technologies
Risk assessment Suitable response
Process that must evolve
What in the world is the Web?
ResourcesResources
Websites Sign up to our Ebusiness group at our
site
Books Michelle’s book published soon