1 / 28

Section 1 Introduction to the Internet

Section 1 Introduction to the Internet. WHAT IN THE WORLD IS THE WEB?. Who in the World Are Firebird Services?. Ebusiness experts Strategy through to implementation Consultants, project managers and developers Java or Microsoft or CGI/Perl environments Experience with many web/app servers

candice-austin
Télécharger la présentation

Section 1 Introduction to the Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Section 1Introduction to the Internet WHAT IN THE WORLD IS THE WEB?

  2. Who in the World Are Firebird Services? • Ebusiness experts • Strategy through to implementation • Consultants, project managers and developers • Java or Microsoft or CGI/Perl environments • Experience with many web/app servers • Ebusiness Services • Strategy workshops through to hosting • Technical arch/infrastructure design • Audits, reports are a speciality • We also offer training • http://www.firebirdservices.com

  3. History of the Web • Internet • Arpanet project • Resilience to nuclear attack • Ease of access – not secure • TCP/IP protocol • Web • Web browsers • Web sites • HTTP protocol HTTP FTP NNTP SMTP TCP IP

  4. DATA Html Files Programs Web Server Web Architecture Web Server Machine Browser HTTP Internet/ Intranet Browsers: Internet Explorer Netscape Mosaic Web Servers: Microsoft IIS Apache Lotus Domino Many others..

  5. Web Object Naming http://www.microsoft.com/seminar/1033/default.htm protocol used to access the object the object, a html file directory in which object is stored name of the web server (note, this could be replaced with the ip address – 207.46.230.219)

  6. Web Addresses Domain Names www.microsoft.com = International company www.microsoft.co.uk = UK company www.microsoft.co.nz = New Zealand company www.cit.ac.nz = Academic institution in NZ www.maf.govt.nz = Govt establishment in NZ www.internic.net = Net services company www.savethechildren.org = Organisation (non profit)

  7. Internet Vs Intranet Internal web servers Browser Intranet Firewall Internet

  8. Firewall Firewall Intranet Vs Extranet Browser Internal web servers Intranet Extranet Extranet web servers Internet

  9. Convergence of Technology Browser Internet Web TV WAP

  10. DATA Html Files Programs Web Server Web Publishing Web Server Machine Browser FTP Internet/ Intranet Publishing tools: FTP command line Publishing Wizards FrontPage Publishing languages: HyperText Markup Language (HTML) Javascript Active Server Pages (ASP) Java CGI/Perl

  11. Web Publishing (2) • Get an Internet Service Provider (ISP) or Web Host • Create web pages in HTML/ASP etc • FTP them to web server • Register a domain name • Domainz (www.domainz.net.nz) • Network Solutions (www.networksolutions.com) • Promote web site

  12. Promoting Web Sites • Traditional methods • Newspapers • TV • Business cards/letter heads • Web methods • Register with search engines/portals • Advertising banners (reciprocal) • Usenet groups/discussion forums • Targetted emails (do not Spam!)

  13. Searching The Web • Search Engines/Portals • Yahoo • Excite • Altavista • Lycos • Usenet groups/discussion forums • Bots – compare prices, etc.

  14. Marketing on the Web • Communities • ‘Sticky’ sites, get users to come back • Get users to provide content for you • Users advise each other, self service • Customer/Partner Relationship Management (CRM/PRM) • Online interaction with Customer Services via chat/discussion groups • Self service facilities • Online documentation, support, downloadable help files etc.

  15. Marketing on the Web • Personalisation • Users choose content they are interested in – more likely to return • You can track their behaviour once they have logged in • Targetted Marketing • Offer personalised products, special offers and promotions • Associative marketing – suggest customer might consider x if buy y • Push Technologies

  16. Problems on the Internet • No centralised infrastructure • Huge global scale - millions of potential users • Initial conception was openness and robustness - not security • Organisations must provide a window into their networks • Many will look for non public items • A few will step through and cause havoc

  17. Bandits on the Internet • Must avoid • Impostors • Spies • Vandals • Moving targets • New and ingenious mechanisms for attacks • Technology rapidly increasing • Severe damage usually detected when it is too late!!

  18. The Technical Solutions • Access controls • Cryptography • Encryption • Digital signatures/certificates • Authentication

  19. Clear-textinput Clear-textoutput Cipher-text “One man went to mow, went to mow a meadow” “jakhdjuSIJBJISIJSjiuhw678jHUSNipwlhip0twiwouwwg” “One man went to mow, went to mow a meadow” Encryption Decryption Same key is used for both Encryption and Decryption Symmetric Cryptography

  20. Clear-textinput Clear-textoutput Cipher-text “One man went to mow, went to mow a meadow” “jakhdjuSIJBJISIJSjiuhw678jHUSNipwlhip0twiwouwwg” “One man went to mow, went to mow a meadow” Encryption Decryption Receivers public key Receivers private key Asymmetric Cryptography

  21. Encrypt withPrivate Key DigitalSignature MessageDigest Document HASH DigitalSignature Document Signed document Digital Signatures

  22. Secure Channels (SSL) • Provides • Client Authentication • Server Authentication • Encryption • Message Authentication • Stops: • Imposters • Spies • Vandals

  23. HTTP FTP Gopher Telnet SSL/PCT TCP IP Icon Secure Sockets • TCP/IP - designed to operate in layers • Security protocols e.g. Secure Sockets Layer (SSL) • Encryption • Authentication of messages • Authentication of end-points i.e.client and server

  24. Certificate Authorities • Trusted third parties • Certificate contents include: • Certificate Authority name • Certificate serial number • Identity of subject: name/organization/address • Public key of subject • Validity timestamps • Signed by Certificate Authority’s private key • X.509 defines the standards

  25. Other Technologies • Firewalls • Password authentication • File/Directory access controls • Web Server configuration • Network configuration • Audit logs

  26. Management Solutions • Technologies on their own not enough • Must have procedures in place to back them up and be following them • Physical security of web servers and data is crucial • Procedures for what is done with credit card numbers after receipt must be defined and followed • Security Video

  27. Summary • Many facets • Biggest danger is internal • Not implementing or fully understanding the available technologies • Risk assessment • Suitable response • Process that must evolve

  28. Resources • Websites • Sign up to our Ebusiness group at our site • Books • Michelle’s book published soon • Us • Michelle.Johnston@firebirdservices.com

More Related