Upload
jacob-thompson
View
213
Download
0
Embed Size (px)
Citation preview
World Wide Web
• Hypertext model
• Use of hypertext in World Wide Web (WWW)
• WWW client-server model
• Use of TCP/IP protocols in WWW
Hypertext and HypermediaHypermedia system allows interactive access to collections of documents
Document can hold:
Text (hypertext)
Graphics
Sound
Animations
Video
Documents linked together
Nondistributed - all documents stored locally (like CD-ROM)
Distributed - documents stored on remote servers
HyperPointers
Each document contains links (pointers) to other documents
Link represented by "active area" on screen
Graphic - button
Text - highlighted
Selecting link fetches referenced document for display
Links may become invalid
Link is simply a text name for a remote document
Remote document may be removed while name in link remains in place
Browser Interface
Interactive, "point-and-click" interface to hypermedia documents
Each document is displayed in screen User can select and follow links - "point-
and-click" Application is called a browser (infinite
time sink)
• Each WWW document is called a page Initial page for individual or organization is called a home page Page can contain many different types of information; page must specify
Content
Type of content
Location
Links
• Rather than fixed WYSIWYG representation (e.g., Word), pages are formatted with a mark up language (like TeX)
Allows browser to reformat to fit display
Allows text-only browser to discard graphics
• Standard is HyperText Markup Language (HTML)
HTML specifies
Major structure of document
Formatting instructions
Hypermedia links
Additional information about document contents
Two parts to document:
Head contains details about the document
Body contains information/content
Page is represented in ASCII text with embedded HTML tags formatting instructions
Tags have format <TAGNAME>
End of formatted section is </TAGNAME>
Page identified by:
Protocol used to access page
Computer on which page is stored
TCP port to access page
Pathname of file on server
Specific syntax for Uniform Resource Locator (URL): protocol://computer_name:port/document_name
Protocol can be http, ftp, file, mailto
Computer name is DNS name
(Optional) port is TCP port
document_name is path on computer to page
Browser is client, WWW server is server
Browser:
Makes TCP connection
Sends request for page
Reads page
Each different item - e.g., IMG - requires separate TCP connection
HyperText Transport Protocol (HTTP) specifies commands and client-server interaction
Client/Server Model
Server Architecture
• Much like ftp server Waits for incoming connection
Accepts command from connection
Writes page to connection
• Performance is hard issue
Browser Architecture
Browser has more components:
Display driver for painting screen
HTML interpreter for HTML-formatted documents
Other interpreters (e.g., Shockwave) for other items
HTTP client to fetch HTML documents from WWW server
Other clients for other protocols (e.g., ftp)
Controller to accept input from user
Must be multi-threaded
Caching
Downloading HTML documents from servers may be slow
Internet congested
Dialup connection
Server busy
Returning to previous HTML document requires reload from server
Local cache can be used to hold copies of visited pages
Also can implement organizational HTTP proxy that caches documents for multiple users
Security
Routers forward packets - from any source
Bad guys can send in packets from outside
How to avoid security breaches?
Security Policies
•Can't describe a network as secure in the abstract
•University may have different notion of security than military installation
•Must define a security policy Many possibilities to consider:
Data stored on servers
Messages traversing LANs
Internal or external access
Read/write versus read-only access
Encryption
Encryption - rewrite contents so that they cannot be read without key
Encrypting function - produces encrypted message
Decrypting function - extracts original message
Encryption key - parameter that controls encryption/decryption; sender and receiver share secret key
Sender produces: E = encrypt(K, M)
Sender transmits E on network
Receiver extracts: M = decrypt(K, E)
Public Key
•Previous scheme requires shared secret K
•If K is discovered, security is compromised
•Public key encryption uses two keys:
Private key - kept secret by user
Public key - published by user
To send to user, encrypt using public key, decrypt using private key
Digital Signatures
•Goal - guarantee that message must have originated with certain entity
•Authenticate Sender
•Idea - encrypt with private key, decrypt with public key
•Only owner of private key could have generated original message
Packet FilteringCan configure packet forwarding devices - esp. routers - to drop certain packets
Consider example:
Suppose 192.5.48.0 is test network and 128.10.0.0 has controlling workstations
Install filter to allow packets only from 192.5.48.0 to 128.10.0.0
Keeps potentially bad packets away from remainder of Internet s
Internet Firewall
Packet filter at edge of intranet can disallow unauthorized packets
Restricts external packets to just a few internal hosts
Proxies forward packets through firewall after authorization