CSI 5389 1

Internet as the Infrastructure for E-Commerce

CSI 5389 2

Outline

• Development of the Internet• Design Principles of the Internet• Core Network Protocols• The World Wide Web• Intranets and Extranets• The Future of the Internet

CSI 5389 3

Introduction

• The first 3 lectures were primarily about business issues for Internet commerce.

• From this lecture on we shall be discussing the technologies of Internet commerce.• The core principles underlying the technology

provide some guidance for making design decisions.• The current technology components provide some

understanding of how to put them to work, and demonstrate how the core principles can be applied.

CSI 5389 4

Development of the Internet

• The Internet grew out of a research network.• The development began in 1969 and was funded by

ARPA (Advanced Research Project Agency), which is a major research arm of the US Department of Defense.

• This network grew over time as universities, agencies and companies joined the network.• It was used for applications beyond research such as

electronic mail.• In the early 1980s, the core network protocols,

TCP and IP, were introduced.• Shortly after, ARPA reduced its role in supporting the

network.• The term Internet came as the name for the now

global network.

CSI 5389 5

Design Principles of the Internet• The Internet has been successful because of

some good fundamental design decisions.• These decisions are often invisible to the end

users, and even to the application developers.• Understanding them provides insight into why

the Internet is the way it is today.• Such insight can help us in making choices

when we build new applications for Internet commerce.• Those applications that match the spirit of the

Internet are more likely to succeed than those that do not.

• Let us look at some main design principles.

CSI 5389 6

Design Principles: Interoperability• Independent implementation of the Internet

protocols actually work together.• It may seem obvious today, but it took significant

work in the early days of the Internet to make that happen.

• Interoperability means that systems can be assembled using computers and software from different vendors.

• In the context of Internet commerce, interoperability also means that buyers and sellers do not have to buy and upgrade software simultaneously from the same vendor to conduct business.

CSI 5389 7

Design Principles: Layering

• Internet protocols are designed to work in layers.

• Each layer builds on the facilities provided by lower layers.• TCP builds on IP to create

reliable byte streams.• Application layers (e.g., e-mail

or those for the Web) build on the capabilities of TCP.

Physical Layer(e.g., Ethernet)

Network Layer (IP)

Transport Layer (TCP, UDP)

Application Layer (HTTP, SMTP)

CSI 5389 8

Design Principles: Simplicity

• IP is very simple, providing only the addressing, routing, and formatting of packets.• Below IP layer, there is the complexity of many

different kinds of network hardware and topologies such as Ethernet, dialup connections etc.

• IP hides that complexity from applications.• Above IP, the higher layer TCP offers

abstractions that are easy for programmers to understand and use.

• Hence, both users and programmers are insulated from the complexities of different network devices and low-level network protocols.

CSI 5389 9

Design Principles: Uniform Naming and Addressing

• The IP layer offers a uniform addressing structure that assigns a 32-bit address to each computer connected to the network.• These addresses are commonly written in dotted quad

form, e.g., 16.11.0.1• Numeric addresses are hard for people to

remember, so the Domain Name System (DNS) offers a uniform way to translate human-readable names of computer (such as www.serissa.com) to the numeric IP address for that computer.

• The IP layer is also evolving: The newer version IPv6 uses 128-bit addresses, enabling many more systems and networks to be interconnected.

CSI 5389 10

Design Principles: End-to-End Protocols• The Internet is designed around end-to-end

protocols:• The interpretation of the data happens on the sending

and receiving systems.• The network only looks at the destination address and

a few other control bits for delivering the packet.• This is similar to our mailing of a letter.

• Advantages of end-to-end protocols: • Hiding the internal structure of the network from users.• Providing simple abstractions to programmers.• Transferring to the end systems the responsibility of

error recovery, hence making the network much simpler.

CSI 5389 11

Core Network Protocols

• We will look at• Physical layer• Domain Name System (DNS)• Internet Protocol (IP)• Unreliable Datagram Protocol (UDP)• Transmission Control Protocol (TCP)

CSI 5389 12

Physical Layer• The Internet is a network of networks.• Various parts of the Internet run over local area

networks (LANs) using different technologies: Ethernet, token ring, fiber distributed data interconnect (FDDI), asynchronous transfer mode (ATM) etc.

• These technologies are used to transport and route Internet traffic.

• Within each technology, routing is handled by whatever means are built into that technology. Sometimes, even the addressing is different from the Internet addressing• Ethernet uses 48-bit universal identifiers for addressing and

routing.• When an IP network is built using Ethernet, the end systems

must use a special protocol known as the Address Resolution Protocol (ARP), to translate 32-bit IP addresses into 48-bit Ethernet addresses.

CSI 5389 13

Physical Layer (cont.)• Internet routers are used to connect these

constituent networks.• These routers forward packets from network to

network until they reach the network connected to the destination system.

• Each router has a local map of the network that tells it where to forward a packet next, based on the destination address in the IP header.

• Routers are often used as the first line of defense against network attacks.• Routers can be configured as part of a network

firewall to separate “suspect” traffic that originates outside an organization from authorized traffic that originates on the inside.

• We shall talk more about firewalls when we discuss about the issue of Internet security later on.

CSI 5389 14

Domain Name System (DNS)• The Internet uses 32-bit numeric addresses,

which are perfectly suited for routers to identify hosts, but are hard for humans to remember (i.e., not user friendly).

• The Domain Name System (DNS) offers a uniform way to translate human-readable names to numeric addresses.

• Generally speaking, a domain refers to an organization that assigns names to computers and services in that organization.

• DNS names are structured in a hierarchy in which names are processed from right to left and use periods as the separator.

CSI 5389 15

DNS: Domain Hierarchy

edu com gov mil org net ukca

arizona mit ibmserissa

cs ece

opt che

CSI 5389 16

DNS: Name Servers

• DNS implements the domain hierarchy by partitioning them into sub-trees called zones.

• The information contained in each zone is implemented in two or more name servers.• A name server is a program that can be accessed

over the Internet and that knows how to resolve names.

• Clients send queries (regarding name resolution) to name servers.

• Name servers respond with the requested information.

• Each zone has two or more name servers for the sake of redundancy: If one name server fails, the information is still available.

CSI 5389 17

DNS: Name Servers (cont.)

edu com gov mil org net ukca

arizona ibm

cs ece

opt che

Root Name Server

Arizona Name Server

CS Name Server

IBM Name Server

CSI 5389 18

DNS: Name Servers (cont.)• Each name server implements the zone information as a

collection of records.• A record is a 5-tuple: <Name, Value, Type, Class, TTL)• Name and Value are exactly what we would expect.• Type can be one of the following:

• “Type = A” indicates that Value is an IP address of the host Name.

• “Type = NS” indicates that Value is the domain name of the host that is running the name server to resolve names within the domain Name.

• “Type = MX” indicates that Value is the domain name for a host that is running the mail server to accept messages for the domain Name.

• “Type = CNAME” indicates that Value is the canonical name for the host Name, which is defined as an alias.

• To date, the only Class is the one used by the Internet. It is denoted by IN. However, the Class field was defined to accommodate entities other than the one used by the Internet.

• The TTL field indicates how long this record is valid.

CSI 5389 19

DNS: Example of Name Servers

• The root name server contains an NS record for each second-level name server.

• It also has an A record that translates that name into the corresponding IP address.

• These two records effectively implement a pointer from the root name server to each of the second-level name servers.• <arizona.edu, telcom.arizona.edu, NS, IN>• <telcom.arizona.edu, 128.196.128.233, A, IN>• <ibm.com, thumper.ibm.com, NS, IN>• <thumper.ibm.com, 128.96.32.20, A, IN>• Etc.

CSI 5389 20

DNS: Example of Name Servers (cont.)

• At the second level, the domain arizona.edu has a name server running on host telcom.arizona.edu.

• That name server contains the following records:• <cs.arizona.edu, optima.cs.arizona.edu, NS, IN>• <optima.cs.arizona.edu, 192.12.69.5, A, IN>• <ece.arizona.edu, helios.ece.arizona.edu, NS, IN>• <helios.ece.arizona.edu, 128.196.28.166, A, IN>• Etc.

CSI 5389 21

DNS: Example of Name Servers (cont.)

• At the third level, the domain cs.arizona.edu contains A records for all of its hosts.

• It also defines a mail server (MX record) for the domain; and maybe a set of aliases (CNAME records):• <cs.arizona.edu, optima.cs.arizona.edu, MX, IN>• <optima.cs.arizona.edu, 192.12.69.5, A, IN>• <opt.cs.arizona.edu, optima.cs.arizona.edu, CNAME,

IN>• <cheltenham.cs.arizona.edu, 192.12.69.60, A, IN>• <che.cs.arizona.edu, cheltenham.cs.arizona.edu,

CNAME, IN>• Etc.

CSI 5389 22

DNS: Name Resolution

clientLocal Name Server

Root Name Server

Arizona Name Server

CS Name Server

1

2

3

4

56

7

1. cheltenham.cs.arizona.edu

2. cheltenham.cs.arizona.edu

3. arizona.edu, 128.196.128.233

4. cheltenham.cs.arizona.edu

8

5. cs.arizona.edu, 192.12.69.5

6. cheltenham.cs.arizona.edu

7. cheltenham.cs.arizona.edu, 192.12.69.60

8. 192.12.69.60

CSI 5389 23

Internet Protocol (IP)• IP deals only with small packets of data, which

are labeled with the network addresses of the source and destination computers.

• The network is responsible for trying to deliver packets to their destination, but does not guarantee that it will do so.• Packets may be lost or duplicated, and they may

arrive out of order.• Other protocols can be built on the foundation

of IP to meet the needs of different kinds of applications• Such protocols are identified in an IP packet by a

protocol identifier, which allows a destination system to select the correct protocol for processing at the next higher layer.

CSI 5389 24

Internet Protocol (cont.)• IP does not offer any security services.

• In theory, attackers can listen to packets going by, introduce forged packets etc.

• It is the responsibility of higher level protocols to manage the security problems.• In practice, network layer techniques such as

firewalls are used to create protected network environments in which applications do not have to worry about attacks.

• IETF has recently defined IPv6 with many improvements:• Larger address space (128-bit addresses as opposed

to the 32-bit ones used by the current IPv4)• Better packet format (i.e., simpler header format)• Auto-configuration (plug-and-play operation), etc.

CSI 5389 25

Transmission Control Protocol (TCP)

• TCP is the most common transport protocol built on the packet-oriented foundation of IP.

• TCP provides the abstraction of a reliable byte stream. • An application sends data, and the receiver gets it in the order it

was sent.• Each packet contains a sequence number, so the receiver can

put them into the right order.• TCP also provides a flow control mechanism so that the

receiver is not overwhelmed by a sender transmitting data so fast.• TCP works by having the receiver send back an

acknowledgement for the packet it receives.• If the sender does not get the acknowledgement within a

certain period of time, it transmits the packet again.• Hence, TCP creates an illusion of a continuous ordered

stream of data for application programmers, who need not worry about the details of how the data get through the network.

CSI 5389 26

The World Wide Web (WWW)• The WWW is a global hypertext network of

millions of Web servers and Web browsers connected by the Hypertext Transfer Protocol (HTTP).

• Web servers supply (and Web browsers display) pages of multimedia information.

• These pages are usually defined by the HyperText Markup Language (HTML).• Web pages can contain text, graphics, audio, video, and

even pieces of software called applets.• Applets are automatically downloaded from the server

and run on the client desktop.• The most important elements of Web pages are

hypertext links to other pages on the same or different servers.

• Hyperlinks can be represented by text or images.

CSI 5389 27

The World Wide Web: Uniform Resource Locator (URL)

• The target of a hyperlink is described by a Uniform Resource Locator (URL).

• A URL is composed of several parts. Consider http://www.w3.org/example/path/index.html

• Protocol designator (http://):• This tells the browser what protocol to use in connecting

to the Web server.• Web browsers can also use other protocols (e.g., FTP for

file transfer or SMTP for electronic mail).• Server name (www.w3.org):

• The browser will use the DNS to translate this server name into an IP network address

• Path name (/example/path/index.html):• This is the full name of a file on the Web server

CSI 5389 28

The World Wide Web: Uniform Resource Locator (cont.)

• The above URL refers to a static HTML page.• Pages can also be constructed dynamically by

application software, and information can flow in both directions.• The Web server can pass the path portion of the URL to an

application program, which can return an HTML page or other content constructed on the fly by the application itself.

• HTML pages can contain forms to be filled out by the user, and the input data for the forms can be sent back to the Web server.

• The Web can also be used by programs to pass information to other programs and return the result.• These are called Web services in which information is

encoded in XML rather than HTML (to be discussed in a later lecture).

CSI 5389 29

The World Wide Web: HyperText Transfer Protocol (HTTP)

• With HTTP, the client opens a TCP connection to the Web server and transmits an HTTP header.

• The header contains an HTTP command such as GET, PUT or POST, and the path portion of the URL.• The GET command is used to retrieve documents, and the

PUT to upload files to the server.• The POST command is used to send the results of a form

filled out by the user.• When the Web server has finished processing the

request, it sends a reply header back to the client followed by a page to be displayed.• One of the header fields specifies the format of the data

being returned.• This allows the client to locate the proper application for the

data.

CSI 5389 30

Intranets and Extranets• The term “intranet” refers to an internal

network of a company.• Internet commerce applications can be deployed for

internal use, making it possible to use the same applications for ordering, transaction processing, and customer service etc. for internal customers.

• The term “extranet” refers to a network connecting a company with its partners, suppliers, and close customers.• Typical applications include sharing of information

for joint projects, direct connections to a supplier’s ordering system, direct access to customer service and support etc.

• An extranet can provide an exterior security boundary that protects the company and its partners from the open network, while providing lower security boundaries for greater sharing of information between the partners.

CSI 5389 31

The Future of the Internet• TCP/IP is evolving with the development of IPv6.

• IPv6 is built on the experience with IPv4 and provides improvements on scalability, security, and support for real-time media.

• Since the Internet is already very large and decentralized, it will be quite some time before the entire Internet is running IPv6 (although many IPv6 products are available on the market today).

• From a system design view point, IPv6 has little effect on Internet commerce: Due to the layered architecture, applications for commerce are insulated from the lower layers.

• The Web is also changing: New versions of HTTP promise better performance and more flexible interactions between clients and servers.• Changes in HTTP may affect applications more than IPv6

does, because HTTP provides capabilities closer to the application’s logic.

CSI 5389 32

The Future of the Internet (cont.)• The development of the Extensible Markup Language (XML)

has been gaining wide acceptance.• XML allows applications to define their own markup extensions.• This enables them to include application-specific tags for data

items as well as rules for displaying them.• Example: A commerce application can use XML to define an order

form, where prices, item descriptions, quantities etc. are tagged appropriately. This enables browsers to show a nicely formatted form, while the application can easily parse the order form to extract the information needed to process the order.

• Although changes in Internet technologies are inevitable, it is not necessary to adopt a change immediately after it becomes available.• Adoption of changes must be evaluated in terms of how it will

affect the value delivered to customers by the commerce application, and in terms of the cost of implementing the change.

• There is also some risk that such changes will not become common in the marketplace, leaving the application at a dead end.

References

• Treece Book Ch. 8• Dr Thomas Tran Slides

CSI 5389 33