Transcript Internet as the Infrastructure for E

Internet as the
Infrastructure for
E-Commerce
CSI 5389
1
Outline
•
•
•
•
•
•
Development of the Internet
Design Principles of the Internet
Core Network Protocols
The World Wide Web
Intranets and Extranets
The Future of the Internet
CSI 5389
2
Introduction
• The first 3 lectures were primarily about
business issues for Internet commerce.
• From this lecture on we shall be discussing
the technologies of Internet commerce.
• The core principles underlying the technology
provide some guidance for making design
decisions.
• The current technology components provide
some understanding of how to put them to work,
and demonstrate how the core principles can be
applied.
CSI 5389
3
Development of the Internet
• The Internet grew out of a research
network.
• The development began in 1969 and was funded
by ARPA (Advanced Research Project Agency),
which is a major research arm of the US
Department of Defense.
• This network grew over time as
universities, agencies and companies
joined the network.
• It was used for applications beyond research
such as electronic mail.
• In the early 1980s, the core network
protocols, TCP and IP, were introduced.
• Shortly after, ARPA reduced its role in
supporting the network.
• The term Internet came as the name for the now
global network.
CSI 5389
4
Design Principles of the
Internet
• The Internet has been successful because
of some good fundamental design
decisions.
• These decisions are often invisible to the
end users, and even to the application
developers.
• Understanding them provides insight into
why the Internet is the way it is today.
• Such insight can help us in making choices
when we build new applications for
Internet commerce.
• Those applications that match the spirit of the
Internet are more likely to succeed than those
that do not.
• Let us look at some main design principles.
CSI 5389
5
Design Principles:
Interoperability
• Independent implementation of the
Internet protocols actually work together.
• It may seem obvious today, but it took
significant work in the early days of the Internet
to make that happen.
• Interoperability means that systems can
be assembled using computers and
software from different vendors.
• In the context of Internet commerce,
interoperability also means that buyers
and sellers do not have to buy and upgrade
software simultaneously from the same
vendor to conduct business.
CSI 5389
6
Design Principles:
Layering
• Internet protocols are
designed to work in layers.
• Each layer builds on the
facilities provided by lower
layers.
• TCP builds on IP to create
reliable byte streams.
• Application layers (e.g., email or those for the Web)
build on the capabilities of
TCP.
CSI 5389
Application Layer
(HTTP, SMTP)
Transport Layer
(TCP, UDP)
Network Layer
(IP)
Physical Layer
(e.g., Ethernet)
7
Design Principles:
Simplicity
• IP is very simple, providing only the
addressing, routing, and formatting of
packets.
• Below IP layer, there is the complexity of many
different kinds of network hardware and topologies
such as Ethernet, dialup connections etc.
• IP hides that complexity from applications.
• Above IP, the higher layer TCP offers
abstractions that are easy for programmers
to understand and use.
• Hence, both users and programmers are
insulated from the complexities of different
network devices and low-level network
protocols.
CSI 5389
8
Design Principles: Uniform
Naming and Addressing
• The IP layer offers a uniform addressing
structure that assigns a 32-bit address to each
computer connected to the network.
• These addresses are commonly written in dotted
quad form, e.g., 16.11.0.1
• Numeric addresses are hard for people to
remember, so the Domain Name System (DNS)
offers a uniform way to translate humanreadable names of computer (such as
www.serissa.com) to the numeric IP address
for that computer.
• The IP layer is also evolving: The newer
version IPv6 uses 128-bit addresses, enabling
many more systems and networks to be
interconnected.
CSI 5389
9
Design Principles:
End-to-End Protocols
• The Internet is designed around end-to-end
protocols:
• The interpretation of the data happens on the
sending and receiving systems.
• The network only looks at the destination address
and a few other control bits for delivering the
packet.
• This is similar to our mailing of a letter.
• Advantages of end-to-end protocols:
• Hiding the internal structure of the network from
users.
• Providing simple abstractions to programmers.
• Transferring to the end systems the responsibility
of error recovery, hence making the network much
simpler.
CSI 5389
10
Core Network Protocols
• We will look at
•
•
•
•
•
Physical layer
Domain Name System (DNS)
Internet Protocol (IP)
Unreliable Datagram Protocol (UDP)
Transmission Control Protocol (TCP)
CSI 5389
11
Physical Layer
• The Internet is a network of networks.
• Various parts of the Internet run over local area
networks (LANs) using different technologies:
Ethernet, token ring, fiber distributed data
interconnect (FDDI), asynchronous transfer mode
(ATM) etc.
• These technologies are used to transport and
route Internet traffic.
• Within each technology, routing is handled by
whatever means are built into that technology.
Sometimes, even the addressing is different from
the Internet addressing
• Ethernet uses 48-bit universal identifiers for addressing
and routing.
• When an IP network is built using Ethernet, the end
systems must use a special protocol known as the
Address Resolution Protocol (ARP), to translate 32-bit
IP addresses into 48-bit Ethernet addresses.
CSI 5389
12
Physical Layer (cont.)
• Internet routers are used to connect these
constituent networks.
• These routers forward packets from network to
network until they reach the network connected
to the destination system.
• Each router has a local map of the network that
tells it where to forward a packet next, based on
the destination address in the IP header.
• Routers are often used as the first line of
defense against network attacks.
• Routers can be configured as part of a network
firewall to separate “suspect” traffic that
originates outside an organization from
authorized traffic that originates on the inside.
• We shall talk more about firewalls when we
discuss about the issue of Internet security later
on.
CSI 5389
13
Domain Name System (DNS)
• The Internet uses 32-bit numeric
addresses, which are perfectly suited for
routers to identify hosts, but are hard for
humans to remember (i.e., not user
friendly).
• The Domain Name System (DNS) offers a
uniform way to translate human-readable
names to numeric addresses.
• Generally speaking, a domain refers to an
organization that assigns names to
computers and services in that
organization.
• DNS names are structured in a hierarchy in
which names are processed from right to
left and use periods as the separator.
CSI 5389
14
DNS: Domain Hierarchy
com
edu
mit serissa
arizona
cs
opt
gov
mil
org
net
ca
uk
ibm
ece
che
CSI 5389
15
DNS: Name Servers
• DNS implements the domain hierarchy by
partitioning them into sub-trees called
zones.
• The information contained in each zone is
implemented in two or more name servers.
• A name server is a program that can be
accessed over the Internet and that knows how
to resolve names.
• Clients send queries (regarding name resolution)
to name servers.
• Name servers respond with the requested
information.
• Each zone has two or more name servers for the
sake of redundancy: If one name server fails, the
information is still available.
CSI 5389
16
DNS: Name Servers (cont.)
Root Name Server
com
gov
mil
org
edu
Arizona
arizona Name
Server
CS
csName
Server
opt
net
ca
uk
IBM ibm
Name
Server
ece
che
CSI 5389
17
DNS: Name Servers (cont.)
• Each name server implements the zone information as a
collection of records.
• A record is a 5-tuple: <Name, Value, Type, Class, TTL)
• Name and Value are exactly what we would expect.
• Type can be one of the following:
• “Type = A” indicates that Value is an IP address of the host
Name.
• “Type = NS” indicates that Value is the domain name of the
host that is running the name server to resolve names
within the domain Name.
• “Type = MX” indicates that Value is the domain name for a
host that is running the mail server to accept messages for
the domain Name.
• “Type = CNAME” indicates that Value is the canonical
name for the host Name, which is defined as an alias.
• To date, the only Class is the one used by the Internet.
It is denoted by IN. However, the Class field was defined
to accommodate entities other than the one used by the
Internet.
• The TTL field indicates how long this record is valid.
CSI 5389
18
DNS: Example of Name Servers
• The root name server contains an NS record for
each second-level name server.
• It also has an A record that translates that
name into the corresponding IP address.
• These two records effectively implement a
pointer from the root name server to each of
the second-level name servers.
•
•
•
•
•
<arizona.edu, telcom.arizona.edu, NS, IN>
<telcom.arizona.edu, 128.196.128.233, A, IN>
<ibm.com, thumper.ibm.com, NS, IN>
<thumper.ibm.com, 128.96.32.20, A, IN>
Etc.
CSI 5389
19
DNS: Example of Name Servers
(cont.)
• At the second level, the domain arizona.edu
has a name server running on host
telcom.arizona.edu.
• That name server contains the following
records:
•
•
•
•
•
<cs.arizona.edu, optima.cs.arizona.edu, NS, IN>
<optima.cs.arizona.edu, 192.12.69.5, A, IN>
<ece.arizona.edu, helios.ece.arizona.edu, NS, IN>
<helios.ece.arizona.edu, 128.196.28.166, A, IN>
Etc.
CSI 5389
20
DNS: Example of Name Servers
(cont.)
• At the third level, the domain cs.arizona.edu
contains A records for all of its hosts.
• It also defines a mail server (MX record) for
the domain; and maybe a set of aliases
(CNAME records):
• <cs.arizona.edu, optima.cs.arizona.edu, MX, IN>
• <optima.cs.arizona.edu, 192.12.69.5, A, IN>
• <opt.cs.arizona.edu, optima.cs.arizona.edu,
CNAME, IN>
• <cheltenham.cs.arizona.edu, 192.12.69.60, A, IN>
• <che.cs.arizona.edu, cheltenham.cs.arizona.edu,
CNAME, IN>
• Etc.
CSI 5389
21
DNS: Name Resolution
1. cheltenham.cs.arizona.edu
2. cheltenham.cs.arizona.edu
3
3. arizona.edu, 128.196.128.233
Root
Name
Server
4. cheltenham.cs.arizona.edu
2
client
1
8
Local
Name
Server
4
5
6
Arizona
Name
Server
5. cs.arizona.edu, 192.12.69.5
6. cheltenham.cs.arizona.edu
7. cheltenham.cs.arizona.edu, 192.12.69.60
8. 192.12.69.60
CSI 5389
7
CS
Name
Server
22
Internet Protocol (IP)
• IP deals only with small packets of data,
which are labeled with the network
addresses of the source and destination
computers.
• The network is responsible for trying to
deliver packets to their destination, but
does not guarantee that it will do so.
• Packets may be lost or duplicated, and they may
arrive out of order.
• Other protocols can be built on the
foundation of IP to meet the needs of
different kinds of applications
• Such protocols are identified in an IP packet by
a protocol identifier, which allows a destination
system to select the correct protocol for
processing at the next higher layer.
CSI 5389
23
Internet Protocol (cont.)
• IP does not offer any security services.
• In theory, attackers can listen to packets going
by, introduce forged packets etc.
• It is the responsibility of higher level
protocols to manage the security
problems.
• In practice, network layer techniques such as
firewalls are used to create protected network
environments in which applications do not have
to worry about attacks.
• IETF has recently defined IPv6 with many
improvements:
• Larger address space (128-bit addresses as
opposed to the 32-bit ones used by the current
IPv4)
• Better packet format (i.e., simpler header
format)
• Auto-configuration (plug-and-play operation), etc.
CSI 5389
24
Transmission Control Protocol (TCP)
• TCP is the most common transport protocol built on the
packet-oriented foundation of IP.
• TCP provides the abstraction of a reliable byte stream.
• An application sends data, and the receiver gets it in the
order it was sent.
• Each packet contains a sequence number, so the receiver
can put them into the right order.
• TCP also provides a flow control mechanism so that the
receiver is not overwhelmed by a sender transmitting
data so fast.
• TCP works by having the receiver send back an
acknowledgement for the packet it receives.
• If the sender does not get the acknowledgement within a
certain period of time, it transmits the packet again.
• Hence, TCP creates an illusion of a continuous ordered
stream of data for application programmers, who need
not worry about the details of how the data get through
the network.
CSI 5389
25
The World Wide Web (WWW)
• The WWW is a global hypertext network of
millions of Web servers and Web browsers
connected by the Hypertext Transfer
Protocol (HTTP).
• Web servers supply (and Web browsers
display) pages of multimedia information.
• These pages are usually defined by the
HyperText Markup Language (HTML).
• Web pages can contain text, graphics, audio, video,
and even pieces of software called applets.
• Applets are automatically downloaded from the
server and run on the client desktop.
• The most important elements of Web pages are
hypertext links to other pages on the same or
different servers.
• Hyperlinks can be represented by text or images.
CSI 5389
26
The World Wide Web:
Uniform Resource Locator (URL)
• The target of a hyperlink is described by a
Uniform Resource Locator (URL).
• A URL is composed of several parts. Consider
http://www.w3.org/example/path/index.html
• Protocol designator (http://):
• This tells the browser what protocol to use in
connecting to the Web server.
• Web browsers can also use other protocols (e.g., FTP
for file transfer or SMTP for electronic mail).
• Server name (www.w3.org):
• The browser will use the DNS to translate this server
name into an IP network address
• Path name (/example/path/index.html):
• This is the full name of a file on the Web server
CSI 5389
27
The World Wide Web:
Uniform Resource Locator (cont.)
• The above URL refers to a static HTML page.
• Pages can also be constructed dynamically by
application software, and information can flow
in both directions.
• The Web server can pass the path portion of the URL
to an application program, which can return an HTML
page or other content constructed on the fly by the
application itself.
• HTML pages can contain forms to be filled out by the
user, and the input data for the forms can be sent
back to the Web server.
• The Web can also be used by programs to pass
information to other programs and return the
result.
• These are called Web services in which information is
encoded in XML rather than HTML (to be discussed in
a later lecture).
CSI 5389
28
The World Wide Web:
HyperText Transfer Protocol (HTTP)
• With HTTP, the client opens a TCP connection to
the Web server and transmits an HTTP header.
• The header contains an HTTP command such as
GET, PUT or POST, and the path portion of the
URL.
• The GET command is used to retrieve documents, and
the PUT to upload files to the server.
• The POST command is used to send the results of a
form filled out by the user.
• When the Web server has finished processing
the request, it sends a reply header back to the
client followed by a page to be displayed.
• One of the header fields specifies the format of the
data being returned.
• This allows the client to locate the proper application
for the data.
CSI 5389
29
Intranets and Extranets
• The term “intranet” refers to an internal
network of a company.
• Internet commerce applications can be deployed
for internal use, making it possible to use the
same applications for ordering, transaction
processing, and customer service etc. for
internal customers.
• The term “extranet” refers to a network
connecting a company with its partners,
suppliers, and close customers.
• Typical applications include sharing of
information for joint projects, direct connections
to a supplier’s ordering system, direct access to
customer service and support etc.
• An extranet can provide an exterior security
boundary that protects the company and its
partners from the open network, while providing
lower security boundaries for greater sharing of
information between the partners.
CSI 5389
30
The Future of the Internet
• TCP/IP is evolving with the development of IPv6.
• IPv6 is built on the experience with IPv4 and provides
improvements on scalability, security, and support for
real-time media.
• Since the Internet is already very large and
decentralized, it will be quite some time before the
entire Internet is running IPv6 (although many IPv6
products are available on the market today).
• From a system design view point, IPv6 has little effect
on Internet commerce: Due to the layered architecture,
applications for commerce are insulated from the lower
layers.
• The Web is also changing: New versions of HTTP
promise better performance and more flexible
interactions between clients and servers.
• Changes in HTTP may affect applications more than
IPv6 does, because HTTP provides capabilities closer
to the application’s logic.
CSI 5389
31
The Future of the Internet (cont.)
• The development of the Extensible Markup Language
(XML) has been gaining wide acceptance.
• XML allows applications to define their own markup
extensions.
• This enables them to include application-specific tags for
data items as well as rules for displaying them.
• Example: A commerce application can use XML to define an
order form, where prices, item descriptions, quantities etc.
are tagged appropriately. This enables browsers to show a
nicely formatted form, while the application can easily parse
the order form to extract the information needed to process
the order.
• Although changes in Internet technologies are inevitable,
it is not necessary to adopt a change immediately after it
becomes available.
• Adoption of changes must be evaluated in terms of how it
will affect the value delivered to customers by the
commerce application, and in terms of the cost of
implementing the change.
• There is also some risk that such changes will not become
common in the marketplace, leaving the application at a
dead end.
CSI 5389
32
References
• Treece Book Ch. 8
• Dr Thomas Tran Slides
CSI 5389
33