Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Database-Driven Websites Nate Byrnes Agenda Definitions Why Use a Web Database Designing a Database Understanding Web Database Technology Comparing the Tools Databases with Web Capabilities HTML Editors with DB Capabilities Web DB Application Servers Programming Web Database Solutions Security Show and Tell IA – Do/Don’t(s) Conclusion Definitions Table Entity-Relationship Diagram collection of information organized into interrelated tables of data and specifications of data objects Web site that uses a database to search, browse, collect, manipulate and display information Flat File: Employee Structured Query Language (SQL): is an industry-standard language used for manipulation of data in a relational database SELECT, INSERT, JOIN, UPDATE. SELECT * FROM Employees ORDER BY LastName M Belon gs to 1 Department M Take s Index M Class data files that contain records with no structured relationships A single object about which data can be stored the "subject" of a table Database-driven Web site: Collection of RECORDS (rows) & FIELDS (columns) that hold data to define an entity Database (DB): Entity a database feature used for locating data quickly within a table. Example: Last Name Schema: collection of meta-data that describes the relations in a database. Layout/blueprint outlining the way data is organized into tables Employee Records Fields ID 976234 976235 976236 976237 976238 976239 976240 LastName First Name Rank Johnson Jeremy 2LT Bird Larry GS09 Helms Michelle SGT Gold Jonny SPC Young Sara PFC Johansen Hans MAJ White Barry CPT SSN 324342344 233534343 786373798 233636777 457839291 343099894 333225555 DOB 12-Mar-81 30-Dec-58 19-Feb-84 18-Jun-77 22-Sep-86 1-Jul-66 27-Oct-75 http://databases.about.com/od/administration/a/glossary.htm Why a DB Driven Website? 1. 2. The Web is a great medium for delivering information. Databases are the perfect medium for managing information. Flexibility Data consistency Ease of maintenance Browser independence Ashenfelter, J. P. (1998). Choosing a database for your website. New York: Wiley. Retrieved October 22, 2007, from NetLibrary database: http://www.netlibrary.com.ezproxy.lib.utexas.edu/urlapi.asp?action=summary&v=1&bookid=26152 http://www.archetype-it.com/english/view.asp?AutoId=29& Differences Static OLD vs Dynamic MODERN Examples Directories Libraries Surveys Content management Portals Internal databases Online Catalogs Shopping Cart & E-Commerce Systems User Logins Transaction and Online Ordering Systems Email Mailing List Newsletters Form Information Aggregation www.butterflydatabase.com http://www.techsoup.org/learningcenter/databases/page4799.cfm DBA/WebMaster Combo = DataMaster? web developer fluent HTML graphic design scripting languages network protocols database construction and maintenance do not need to be an expert understand enough facilitate communication and management of web database projects. Web Application + DB = Dynamic Page Web Application Server DB Web Template + DB (Row/Record) Dynamic Web Page = Ways to Use DBs on the Web dynamic publishing Information on the web pages changes automatically information transactions Stock price changes As buyers add new products… Moving discrete chunks of information between a client and a business Forms, etc. data storage and analysis Static/changed rarely Resource for analysis or historical purposes Completed orders Accounts paid Closing stock prices Images in a media archive Address books Ashenfelter, J. P. (1998). Choosing a database for your website. New York: Wiley. Retrieved October 22, 2007, from NetLibrary database: http://www.netlibrary.com.ezproxy.lib.utexas.edu/urlapi.asp?action=summary&v=1&bookid=26152 Web DB Application Servers server-based processing of databases to the web browser client in HTML-formatted web pages work is accomplished by Integrate with existing HTML web page elements. special prefix delimits the custom tags from standard HTML tags. Tags replaced w results Specific file extensions. The web page files have a specific filename extension that marks them for special processing by the server. (CFM; ASPX…) Traditional applications interact with files and directories on the server, as well as other applications or function libraries. Server-side web database tools typically make it easier to use files on the server, process email, and call external programs residing on the server. Proprietary tag-based format. Simplified access to server applications and files. programmatic means whether by using a higher-level scripting language or by programming in traditional computer languages. common features of server-side Web tools designed for developing applications, same logic used in traditional programming is implemented in the server-side language Examples loops; if/then/else and goto structures. data processing application logic delivers results Traditional programming structures. handles most: common features of server-side Web tools (cont’d) web server State management for web sessions. Web is that it is a stateless system no foolproof way to track users/data across multiple pages Web applications - sessions. Easier cookie & state tracking development of full-fledged web applications Examples: ASP; Cold Fusion; C#; Java Comparison Things to Consider if You Have Pre-Existing DB Databases w ith ‘Web Capabilities’ Com plexity Fairly Simple Scalability Less Web Program s w ith ‘Database Capabilities’ Complex More Costly: Requires additional Softw are (Oracle; Cost Inexpensive / Free SQL Server…) Little to None (use same Increased - Requires different programming Learning-Curve product) capabilities (VB; ASP...) More Complex: Require technologies to connect Com patibility Inherent different databases (ODBC, SQL...) Web Design Prog: Frontpage; ASP; etc Program s Com bo Prog: MS Access & DB Prog: Oracle; SQL; etc More Building a database application 1. GOAL 2. INCLUSIONS 3. Use feedback to refine REPEAT 7. Present to users & explain REFINE 6. How it will work PRESENT 5. What to include HOW 4. Define the goal and purpose of the Steps 4–5 until you reach agreement. FINALIZE Design-documents S. R. (2006, January 1). Creating Database-Backed Library Web Pages : time lines/milestones Westman, Using Open Source Tools. ALA Editions. Retrieved October 22, 2007, from Univ of Texas Libraries: Library Catalog database: sign off http://catalog.lib.utexas.edu.ezproxy.lib.utexas.edu/search/ X?SEARCH=web+database&searchscope=25&m=z&m=g&m=k&m=p&l=eng&Da=&Db=&p=&SORT=D Development Procedures Establishing a Process 1. Who gets what tasks. 2. Build applications one step at a time. 3. Test and debug as you go 4. Review code periodically, assuring code is following programming standards 5. Version Control 6. Test the application fully Implementing Standards Quality Assurance Documentation Debugging Westman, S. R. (2006, January 1). Creating Database-Backed Library Web Pages : Using Open Source Tools. ALA Editions. Retrieved October 22, 2007, from Univ of Texas Libraries: Library Catalog database: http://catalog.lib.utexas.edu.ezproxy.lib.utexas.edu/search/ X?SEARCH=web+database&searchscope=25&m=z&m=g&m=k&m=p&l=eng&Da=&Db=&p=&SORT=D Program DB Solutions Why program? Limitations of Proprietary Web Database Applications Servers flexibility for development purposes, but have limitations. proprietary algorithms and techniques Web database applications developed from scratch cannot be tweaked to improve performance, stability, security, or scalability. Limited to certain computing environments Can be modified to improve performance, stability, security, or scalability Customized for existing computing-environment CGI programming and Java can conceivably run on any web server on any platform Control No compromising (like with prepackaged solutions) i.e. High-End Business Systems – Fidelity.com Program DB Solutions Why NOT to program? Time Cost Complexity Short Web-Technology Life-cycle If it’s not broke, don’t fix it Threats and challenges related to security in Web Services Maintaining security while routing between multiple Web Services Unauthorized access Confidentiality, Integrity, Authentication, Non-repudiation Denial of Service Availability, Integrity Network eavesdropping and message replay Authentication, Authorization Parameter manipulation/Malicious input Confidentiality, Integrity, Authentication, Non-repudiation Availability Bypassing of firewalls Confidentiality, Integrity, Authentication Show and Tell My Webspace My Zoho IA - Do’s & Don’ts Do Liberally-Estimate The Work Involved. Making A Website Is Easy Linking To A Database = More Complex DB Skills - Prerequisite Learning Curve Is Steep Be Good At HTML Be Willing To Put In A Lot Of Time If Not, Hire A Professional Increased Load On Your Webserver Server-side include Do Look Out For Packaged Solutions That Do What You Want. Ie:Shopping Carts Graphic/Web Skills ≠ Database Skills Ensure Solid Previous Experience Technologies Involved Development Don't Be The Guinea Pig Common Government Problem Don't Forget Murphy's Law! Cheaper Difficult To Work With And Maintain Poor Performance Data Inconsistencies Inflexibility Do Check The Qualifications Designer Access vs. SQL Do Understand The Implications Of A Database-driven Site. Do Invest In Proper Data Analysis Prior Poorly Created Sites: Do Use Appropriate Technologies. If Something Can Go Wrong, It Will Backups Test, Test, Test Ensure Error-handling Before You Buy Meets Needs Scalable Ensure You Have Skill-set Necessary Get it done PROPERLY, the FIRST-TIME!!! References • Ashenfelter, J. P. (1998). Choosing a database for your website. New York: Wiley. Retrieved October 22, 2007, from NetLibrary database: http://www.netlibrary.com.ezproxy.lib.utexas.edu/urlapi.asp?action=summary&v=1&bookid=26152 Chapple, M. (n.d.). Database Glossary. In About: Databases. Retrieved October 21, 2007, from http://databases.about.com/od/administration/a/glossary.htm Colley, A. (2006, January 31). Sunbeam polishes its e-image. The Austrailian: IT Broadsheet Edition, p. 2. Retrieved October 21, 2007, from LexisNexis database: http://www.lexisnexis.com.ezproxy.lib.utexas.edu/us/lnacademic/ search/homesubmitForm.do Gianni, A. (2002, April 8). Database-Driven Web Sites. In Techsoup Learning Center: Databases . Retrieved October 21, 2007, from http://www.techsoup.org/learningcenter/databases/page4799.cfm Westman, S. R. (2006, January 1). Creating Database-Backed Library Web Pages : Using Open Source Tools. ALA Editions. Retrieved October 22, 2007, from Univ of Texas Libraries: Library Catalog database: http://catalog.lib.utexas.edu.ezproxy.lib.utexas.edu/search/ X?SEARCH=web+database&searchscope=25&m=z&m=g&m=k&m=p&l=eng&Da=&Db=&p=&SORT=D Yuill, V. (2002). Databases: not just for big boys. In Archetype-IT: Articles. Retrieved October 20, 2007, from Archetype IT Ltd Web site: http://www.archetype-it.com/english/view.asp?AutoId=29& Yuill, V. (2002). Decoding database lingo. In Archetype-IT: Articles. Retrieved October 20, 2007, from Archetype IT Ltd Web site: http://www.archetype-it.com/english/view.asp?AutoId=31& Decoding database lingo by Veronica Yuill Yuill, V. (2002). The Dos and Don'ts of database-driven websites. In Architype-IT: Articles. Retrieved October 20, 2007, from Archetype IT Ltd Web site: http://www.archetype-it.com/english/view.asp?AutoId=30& Yuill, V. (2002). 5 essential tools you'll need for your database-driven site. In Architype-IT: Articles. Retrieved October 20, 2007, from Archetype IT Ltd Web site: http://www.archetype-it.com/english/view.asp?AutoId=32& Questions… Understanding Web Database Technology The Web Side Web Clients Web Servers The Database Side Database Queries: What Is SQL? Database Servers Putting It All Together: Web Application Architecture Comparing the Tools Purpose: What Is It Designed to Do? Extensions to Existing Database Tools HTML Editors with Database Capabilities Web Database Application Servers Programmatic Web Database Tools Technology: How Are the Features Implemented? Ease of Learning Ease of Use Robustness Scalability Compatibility Security Extensibility Performance Reusability/Modularity Support: What Do I Need to Implement Those Features? Portability Cost ISP Support Evaluation: How does it work in the real-world? Security Sensitive Information Public Search-ability High-Assurance Confidentiality Integrity Availability Authentication Authorization Non-Repudiation IA Focus? Website architecture is an approach to the design and planning of websites which, like architecture itself involves technical, aesthetic and functional criteria. the user and on user requirements particular attention web content business plan Usability interaction design information architecture web design Maintaining security while routing between multiple Web Services Traditional security techniques, such as SSL, are designed to protect communication between two points, i.e. security context 1 Traditional security techniques can not handle end-to-end security, i.e. security context 2 Traditional security techniques work at the session layer while SOAP works at the application layer A SOAP message has to be decrypted at the intermediary, thereby threatening confidentiality, integrity and authentication which all are related to authorization and non-repudiation Holgersson, J., & Söderström, E. (September 2005). Web Service Security –Vulnerabilities and Threats in the Context of WS-Security [Data file]. Retrieved October 23, 2007, from University of Skoevde, Sweden Web site: http://siit2005.dreamhosters.com/presentations/S3-Stds-Impl/ 0509-SIIT-S3-J.Holgersson.pdf