Download All Definitions for

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
Document related concepts

Clusterpoint wikipedia , lookup

Functional Database Model wikipedia , lookup

Object-relational impedance mismatch wikipedia , lookup

Database model wikipedia , lookup

Transcript 
Ch 9
The Term
Web
Web browsers
forms
Uniform Resource
Locators (URLs).
HTML
Definition
distributed information system based on HyperText
Markup Language (HTML)
have become the de-facto standard user interface
to databases. providesa graphical user interface
enabling users to enter data which can then be
sent back to the Web server
is provided In the Web, functionality
HTML provides formatting, hypertext link, and
image display features also provides input features
HyperText Transfer
used for communication with the Web server
Protocol (HTTP)
(connectionless)
http://www.acm.or
the document is to be accessed using the Hyper
g/sigmod
Text Transfer Protocol. *second part gives the
unique name of a machine on the Internet. *The
rest of the URL identifies the document within the
machine.
document name in a URL may identify an executable program, that, when
run, generates a HTML document.
Common Gateway
a standard interface between web and application
Interface (CGI
server
Motivation
reduces load on server
Solution
use a cookie
Is small piece of text containing identifying information.
cookie
can be stored permanently or for a limited time
Servlets
Servlet Sessions
Server-side scripting
Application program (also called a servlet) is loaded
into the server is defines an API for communication
between the Web/ application server and
application program running in the server
Sets a cookie on first interaction with browser, and
uses it to identify session on further interactions
simplifies the task of connecting a database to the
Web Define an HTML document with embedded
executable code/SQL queries.
is widely used for Web server scripting. Extensive
PHP
libaries including for database access using ODBC
allow documents to be active Browsers can fetch
Client-side
certain scripts (client-side scripts) or programs
scripts/programs
along with documents, and execute them in “safe
mode” at the client site
mechanisms needed to ensure that malicious
scripts do not cause damage to the client machine .
Security
Disallows dangerous actions such as file writes
*Can check input for validity *modify the displayed
Web page, by altering the underling document
Javascript functions
object model (DOM) tree representation of the
displayed HTML text
model-view-controller (MVC) architecture
1. model: business logic
2. view: presentation of data, depends on display
device
3. controller: receives events, executes actions,
and returns a view to the user
business-logic layer
Application layers
1- provides high level view of data and actions on
1-Presentation or user
data
interface
2- often using an object data model
3- hides details of data storage schema
data access layer
1- interfaces between business logic layer and
the underlying database
2- provides mapping from object model of
business layer to relational model of database
Provides abstractions of entities
Business Logic Layer
Enforces business rules for carrying out actions
object-relational mapping system is widely used
The Hibernate
developed by Microsoft
Entity Data Model
Allow data on Web to be accessed using remote
Web Services
1
procedure call mechanism
Representation State allows use of standard HTTP request to a URL to
Transfer (REST)
execute a request and return data
uses XML representation for sending request data,
Big Web Services
as well as for returning results
Tools for applications to use the Web when
Disconnected Operations connected, but operate locally when disconnected
from the Web
tools even before advent of Web
rapid application
development (RAD)
allows user to be authenticated once, and
applications can communicate with authentication
Single sign-on
service to verify user’s identity without repeatedly
entering passwords
(SAML)standard for exchanging authentication and
Security Assertion
Markup Language
authorization information across security domains
standard allows sharing of authentication across
OpenID
organizations
Applications must log actions to an audit trail, to
detect who carried out an update, or accessed
Audit Trails
some sensitive data
same key used for encryption and for decryption
Symmetric-key encryption
Data Encryption
Standard (DES)
Advanced Encryption
Standard (AES)
Public-key encryption
public key
private key
substitutes characters and rearranges their order
on the basis of an encryption key which is provided
to authorized users via a secure mechanism
is a new standard replacing DES, and is based on
the Rijndael algorithm, but is also dependent on
shared secret keys
each user having two keys: public and private key
publicly published key used to encrypt data, but
cannot be used to decrypt data
known only to individual user, and used to decrypt
data.Need not be transmitted to the site doing
Hybrid schemes
salt bits
Password based
authentication
Challenge-response
Digital signatures
encryption
combining public key and private key encryption
for efficient encryption of large amounts of data
extra bits
is widely used, but is susceptible to sniffing on a
network.
systems avoid transmission of passwords
are used to verify authenticity of data
Digital signatures also Sender cannot later claim to have not created the
help ensure
data
nonrepudiation:
3
Related documents
Database Security
Database Security
Chapter 12 - Key Terms
Chapter 12 - Key Terms
Application Design and Development
Application Design and Development
Shouting from the Rooftops: Improving Email
Shouting from the Rooftops: Improving Email
50 Word Company Description 100 Word
50 Word Company Description 100 Word
security leaflet
security leaflet
Are you looking for an easier way to initiate and
Are you looking for an easier way to initiate and
Pr sentation PowerPoint
Pr sentation PowerPoint
BitLocker Drive Encryption Self
BitLocker Drive Encryption Self
Network Security: It`s Time to Take It Seriously
Network Security: It`s Time to Take It Seriously
Database Confidentiality
Database Confidentiality
Remote Access - York Technical College
Remote Access - York Technical College
CSCI 3140 Module 3 – Logical Database
CSCI 3140 Module 3 – Logical Database
CryptoOddsAndEnds
CryptoOddsAndEnds
Network Device Security Options
Network Device Security Options
Client/Server - The University of Texas at Dallas
Client/Server - The University of Texas at Dallas
CH10 E-Commerce Fraud and Security
CH10 E-Commerce Fraud and Security
CH 8 – Review - WordPress.com
CH 8 – Review - WordPress.com
Document
Document
CS 363 Comparative Programming Languages
CS 363 Comparative Programming Languages
Network Security
Network Security
The CyberFence Difference
The CyberFence Difference