Presentation2 - University of Worcester
Download
Report
Transcript Presentation2 - University of Worcester
COMP2113
Introduction to
Electronic Commerce
Richard Henson
University of Worcester
February 2008
Week 2: IT infrastructure for
e-commerce
Objectives:
identify basic IT components required for a
business e-commerce solution
classify computer networks according to size,
topology, and administration
describe what a communications protocol is and
explain why “open source” has become an issue
choose an appropriate method of access to the
Internet for a single computer and a network
Required Technologies for
E-Commerce
Networks & network security
Communication software
The Internet & the World Wide Web
Email clients and servers
Web Servers
Web Browsers
Web Pages
What is a Network?
Three main types of hardware components:
server computers (also known as hosts, or
fileservers)
transmission media, e.g. cable, wireless
one or more “intelligent” (i.e. with processing
ability) devices attached to the network
» e.g. printer, PC workstation (known as a “client”)
Network software to control the movement
of data between servers and other network
devices
Classification of Networks
Most commonly used criteria:
Size
» how far the cables have to travel
Administration
» Peer-peer
» Client-server
Topology
» how the computers are connected together
Classifying networks
by size
Local Area
Network (LAN)
Rarely larger than about 2 km
Metropolitan Area
Network (MAN)
Up to 50 km
Wide Area
Network (WAN)
Could cover whole planet!
Local Area Network (LAN)
Most organisational networks are LANs
Could have anything between one and many
thousands of users
Controlled within a single organisation
All cabling digital, fast, and internally owned
An organisation may have two or more LANs,
which may be interconnected for the
interchange of data
Wide Area Network (WAN)
Connections between organisations
Can use:
analogue telephone link
Digital telephone link
» ISDN
» ADSL
Dedicated digital line
» leased
» privately owned
The Internet is a worldwide WAN using
high bandwidth digital dedicated lines
Classifying networks by
administration
Peer-peer networks
administration on each
local machine
No “domain” or “subnet”
to logon to
Client-server networks
administration
centralised
Users log on to
“domain” or “subnet”
server
Peer-Peer (P2P) networks
All users have the following
responsibilities:
Security & network administration
access to services and resources
Generally OK if:
very network is very small
Users are trustworthy and know what they
are doing!
Complexity grows very rapidly with
increasing numbers of workstations
Client/Server Networks
Distributed computer systems that enable
many users to access information
Machine that contains the information
being accessed is called the server
User's computer is called the client
Network connection only made when
information needs to be accessed by a
user
therefore very efficient
Communications between
Client and Server
Communication
across the network
Client runs “client software”
Server runs “server software”
all computers use a common protocol
Internet managed as peer-peer, but most
Internet transactions based client-server
Internet host computers can play either
role…
» client or server
Request and responses
In the following diagram:
client software requests information;
server software processes the request and sends a
response back to the client.
CLIENT
Client
Program
SERVER
REQUEST
RESPONSE
Send Request
Read Results
Server
Program
Process Request
Send Back Results
Network characteristics
Electrical connections between computers
ESSENTIAL for the client-server interactions
to occur
Either use a physical conductor e.g.
optical fibre
coaxial copper
copper (twisted pair)
Or using electromagnetic waves
infra-red
radio waves
microwaves
What makes up the Internet?
275 million “host” computers!
Internet Server Computers
Very powerful
Managed 24 hours a day
Use a secure operating system
UNIX (e.g. LINUX)
Windows 2000, XP or 2003
If properly configured, very secure against
access by unauthorised users
It should therefore be impossible for such
persons to access private data
But… are there enough trustworthy UNIX and
WINDOWS SERVER experts to manage 275
million computers properly?
Communications Protocols
The sets of rules and procedures used by
computers when they communicate with one
another
Many protocols produced over the years by
manufacturers
HOWEVER… the most popular set of
protocols (TCP/IP) was produced by
academics
used in conjunction with packet-switching
developed for the military
» Perhaps surprisingly… inherently not secure!
Internet Protocols
A simplified model of network protocols
regards communication as taking place
through 4 software layers:
Application layer – FTP, HTTP and SMTP
» concerned with what actually appears on the screen
display
Transport or Host-Host - TCP protocol
Internet layer - IP protocol
Physical Network access layer – software held on
network card
Why choose TCP/IP?
Reasons partly historical:
evolved as an Internet protocol & got influential
Internet community seal of approval)
Partly academic:
fitted well with the OSI “open source” software model
Partly technical:
highly robust, and reliable
designed to get messages through even in the event
of a nuclear attack
How does TCP/IP work?
Communications software
arranged into a series of
layers…
When any file (e-mail
message, HTML file, GIF file,
URL request, and so forth) is
sent from one place to another
on the Internet:
the higher level protocol
identifies & labels the formatting
the TCP protocol divides the
remaining data into "packets” of
an efficient size for being routed
to/from Internet servers
data
packets
How does data get sent
across a network?
Each communications protocol uses a
defined packet size
TCP/IP size typically 768 bytes
Packets:
converted into binary (0/1)
binary becomes high/low electrical signals
signals sent across the network…
Data transmission Rates
Amount of data that can be simultaneously
sent/received along communications
channels is known as bandwidth
low bandwidth channels - transfer rate
measured in Kilobits/sec
medium/high bandwidth - measured in
Megabits/sec
Data transmission Rates
Fastest on LANs - up to 1000 Mbits/sec
Bandwidth between Internet computers
is usually high - 2 Mbits/sec upwards
Because the Internet is so popular even
high bandwidth channels become
congested
Pressure to keep increasing bandwidth
between Internet computers
Connecting to the Internet
From a single computer:
Analogue dial-up to an ISP via modem
(max 50 Kbits/sec)
ISDN line to an ISP (128 Kb/sec or more)
ADSL line to an ISP (2-8 Mb/sec or more)
Through a network
may need to connect a number of
computers to the Internet
more bandwidth required
further options available…
Alternatives for linking the
local network with the Internet
Use a standard telephone link (not digital)
cost (minimal) – usually a local call plus rental
speed – always relatively slow, because data has to be converted
from/to digital during sending. Even slower on a network!
Use a digital (ISDN) telephone link
cost – VERY expensive
speed – faster than analogue line
Use ADSL, ADSL business (fixed IP address)
Use a dedicated digital link
Cost – expensive, but usually a fixed fee
Speed – can be very fast, but at considerable extra cost…
IT infrastructure required to put
a company network “on-line”
A secure internal “client-server” computer
network
Typical networking server software
Windows NT/2000
Unix (most likely Linux)
A Firewall to separate the internal network from
the External (i.e. Internet) network
Ways to put a complete
Network Infrastructure on-line
Using a router
diverts data between the Internet and the
local network
will only work if the network will need to
be running an appropriate protocol
Using a gateway
Converts data into appropriate protocol
and diverts it between the Internet and the
local network
link networks running different protocols
Putting the network on-line
(continued)
Important to use a Firewall or Proxy
Server to make sure that:
internal users do not access unauthorised
sites
unauthorised remote Internet users do not
access the local network
Servers must be correctly configured for
security reasons
Putting the network on-line
(continued)
Secure connections can be made with credit
card authorisation and payment sites using
“Merchant Server” software
Regular monitoring of the network is
essential to ensure that unauthorised users
are not trying to gain access
A digital connection of some kind is needed
between the router/gateway and a computer
connected to the Internet
Choosing a partner – an ISP
(Internet Service Provider)
Only the largest corporate enterprises are
likely to be part of the Internet
Most businesses need to find a partner who
will provide the link between the connection
medium and the Internet
Many possibilities – pays to shop around
Important criteria:
Average rate of transfer of data between ISP
system and the main Internet backbone
ISP availability record (ideally 24 hours/day, 365
days/year)
Internet Communication Types
relevant to E-commerce
Data:
as/with web pages
as with data files
Messages
electronic equivalent of P2P letters
» Email…
» SMS…
» “Instant” messaging
Communicating Messages
Electronically via E-mail
E-mail: a brief overview
Allows you to send the electronic equivalent of
a letter to other people
anywhere in the world
very quickly
with very little expense
Can also be the most convenient way to leave
someone nearby a message
Can also send/receive messages in particular
formats (e.g. EDI format)
Also, text/graphics/sound/video attachments
can be included
LAN E-mail & Internet E-mail
Both use mailboxes for storing mail on
servers
LAN e-mail:
all mailboxes on one server
e-mail is simply uploaded to and downloaded
from the server
Internet e-mail
requires the transmission of messages between
mailboxes on servers in different networks
mechanism therefore much more complicated
Features of a Client-Server
E-mail system
Email client software required:
downloads mail from mailbox on the
server:
connects to a LAN server or Internet
Server
provides an environment for reading
and managing e-mail
allows sending of e-mail to a server
A LAN E-mail Service
PC sending
message
mailbox
PC receiving
message
Network server
A LAN E-mail Service
Requires a client-server network
Good example of a client-server
application:
The email client software (e.g. Pegasus)
runs on a client computer, and accessed
by the user
The email server software (e.g. Mercury)
provides user mailboxes, and controls
access to them
The server computer that holds the
mailboxes is known as a mail server
An Internet E-mail Service
To send and receive email, the mail server
needs to be connected to the Internet
Compared to LAN mail, and Internet server
will also therefore ADDITIONALLY need to
control:
the sending of email to remote servers
receipt of email from remote servers
putting received email messages into the right
mailbox
Internet Protocols used for
messaging
FTP (File Transfer Protocol)
early days of the Internet
SMTP (Simple Message Transfer Protocol)
Replaced FTP for Internet messages
POP3 (Post Office Protocol)
Used for downloading messages from the Internet
IMAP (Internet Messaging Access Protocol)
downloading messages from the Internet in a
more controlled way
Encryption/Decryption
of E-mail
Text messages contain a stream of ASCII codes
Easy for anyone intercepting the message to read
One easy form of encryption is to use a mathematical
operation to create an encrypted code before sending
Operation can be reversed on arrival (decryption) to
reproduce the original ASCII codes
However, anyone who knows how the data was
encrypted can easily decrypt it…
More sophisticated systems available e.g. public/private
key encryption
Public Key Encryption
can work in two ways:
• private key encryption, public key decryption
• public key encryption, private key decryption
Unencrypted data
Private key
on sender’s
computer
Encrypted data
Data sent through the Internet
Encrypted data
Received by
recipient’s computer
Public key
on recipient
computer
Decrypted data
That’s all Folks!