Web application

In computing, a web application or web app is a clientserver computer

program in which the client (including the user interface and client-side logic)
runs in a web browser.[1] Common web applications include webmail, online
retail sales, online auctions, wikis, instant messaging services and many other
functions.

6 Different Types of Web Application Development

1. Static web app: eg using HTML, CSS
2. Dynamic: PHP< ASP
3. Shop online: Paypal etc
4. Portal web app: email, browser etc
5. Animated : flash technology
6. Content management system: wordpress, joomla etc
3 Types Of Web Application Architecture

Type 1: server-side HTML web application

Type 2: JS generation widgets (AJAX)

 Type 3: service-oriented single-page web apps (Web 2.0, HTML5 apps)

Issues:
Responsiveness/ usability, Linkability, Speed of dev, Performance, Testabilit,
Reliability, Adaptability, extensibility, Security, Conversion, Offline work
Conversion: website mobile or desktop application

Web engineering
Establishment and use of sound scientific, engineering, and management
principles and disciplined and systematic approaches to the successful
development, deployment, and maintenance of high quality Web-based
systems and applications.

Need:
Industries such as Construction, Education, Hospitality, manufacturing,
banking, government and business, development of corporate intranet web
applications. To Date the development of web applications has been in
general ad hoc, resulting in poor quality applications, which are difficult to
maintain.
Categories:
1. Informational: read only
2. Download:
3. Interaction: chat room etc
4. Customizable:
5. User input: form based
6. Transaction oriented:
7. Portal:
a) Database access: querying single DB and extracting large amount of data
b) Data warehousing: querying a collection of DBs and extracting data.

Sw engg vs web engg:

Software projects have the various models like Waterfall, Spiral, Incremental,
etc., but there is no defined models for Web Applications project, as the
requirements are dynamic (not fixed).
Secondly, WEBE is more complex then SWE, as former is dependent on the
various types of browsers, OS, and servers like Web server, application
servers.

Internet
The Internet is a global system of interconnected computer networks. In
contrast, the World Wide Web is a global collection of documents and other
resources, linked by hyperlinks and URIs. Web resources are usually
accessed using HTTP, which is one of many Internet communication
protocols.
The hyper-link structure of the WWW is described by the webgraph. Dead
links are formed with modification therefore Internet Archive since 1996.
Things to write:
HTML, DNS, client server, URL, network address, browsers, CSS, JS, load
balancing, security, privacy, standards W3C, accessibility to people with
disability, internationalisation, stats (deep web), web cache

Internet: uses tcp/ip, nw of nw, regional internet registries (RIPs) allocate ip

addr, dns root zone,
infrastructure (routing and access(wiring, wifi etc)),
protocols (ipv4 exhausted in 2011),
services (www, communication(email),
data transfer(file sharing)),
uses(entertainment, telecommuting, ebusiness, collaborative publishing,
politics and revolution, philanthropy,),
security(malware, censorship),

An intranet is a network where employees can create content, communicate,

collaborate, get stuff done, and develop the company culture.
An extranet is like an intranet, but also provides controlled access to
authorized customers, vendors, partners, or others outside the company.

Advanced encryption standards (AES) supersedes des and is symmetric in

nature.
Digital signature
A digital signature is a mathematical scheme for demonstrating the
authenticity of digital messages or documents. A valid digital signature gives a
recipient reason to believe that the message was created by a known sender
(authentication), that the sender cannot deny having sent the message (non-
repudiation), and that the message was not altered in transit (integrity).[1]
It uses asymmetric algorithm. It uses single side hash which is encrypted.
Document is hashed using this hash. Recipient decrypts the hash table and
hashes the message received and checks whether the hash he calculated
and the hash value he received have the same value.

CGI
CGI.pm is a large and widely used Perl module for programming Common
Gateway Interface (CGI) web applications, providing a consistent API for
receiving and processing user input. There are also functions for producing
HTML or XHTML output, but these are now unmaintained and are to be
avoided.

Types of firewall:
1. Network layer or packet filters: operate at relatively low level. eg. Bsd os
2. Application layer: work on application layer
3. Proxies: proxy server may itself act as a firewall
4. Network address translation: firewalls often have NAT functionality and
the hosts protected behind a firewall commonly have addresses in the private
address range.

RPC: same as dos.

VLAN
A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated
in a computer network at the data link layer (OSI layer 2).
A virtual LAN (Local Area Network) is a logical subnetwork that can group
together a collection of devices from different physical LANs. Larger business
computer networks often set up VLANs to re-partition their network for
improved traffic management.
Benefits:
Improve the overall performance of busy networks.
Traffic can be handled more efficiently by network switches instead.
Additional security benefits on larger networks by allowing greater control over
which devices have local access to each other.

Static and Dynamic VLANs

Static VLAN: also called port-based VLAN.requires an administrator to
assign individual ports on the network switch to a virtual network.

Dynamic VLAN configuration allows an administrator to define network

membership according to characteristics of the devices themselves rather
than their switch port location.
VLAN 802.1Q tag consists of 32 bits (4 bytes) of data inserted into the
Ethernet frame header.

First 16 bits triggers Ethernet devices to recognize the frame as belonging to

a 802.1Q VLAN. The last 12 bits contain the VLAN number.

Native LAN: Ethernet VLAN devices treat all untagged frames as belonging
to the native LAN by default. The native LAN is VLAN 1, although
administrators can change this default number.
Management VLAN: Used to support remote connections from network
administrators. Some networks use VLAN 1 as the management VLAN while
others set up a special number just for this purpose (to avoid conflicting with
other network traffic)
Setting up a VLAN
1. Choose a valid VLAN number
2. Choose a private IP address range for devices on that VLAN to use
3. Configure the switch device with either static or dynamic settings.
4. Configure routing between VLANs as needed.
5. The administrative tools and interfaces used vary greatly depending on the
equipment involved.

Cookies
An HTTP cookie is a small piece of data sent from a website and stored on
the user's computer by the user's web browser while the user is browsing to
remember stateful information such as names, addresses, passwords, and
credit card numbers.
Authentication cookies are the most common method used by web servers to
know whether the user is logged in or not, and which account they are logged
in with.

ASP
Active Server Pages is a development framework for building web pages
which runs only on Windows.
ASP and ASP.NET are server side technologies which enable computer code
to be executed by an Internet server.
When a browser requests an ASP or ASP.NET file, the ASP engine reads the
file, executes any code in the file, and returns the result to the browser.
ASP uses server-side scripting to generate content that is sent to the client's
web browser. The ASP interpreter reads and executes all script code between
<% and %> tags, the result of which is content generation. These scripts were
written using VBScript, JScript, or PerlScript.
ASP Objects:
1. Request object: Allows data to be read that was sent by the client browser:
Form, Querystring, and HTTP Cookie.
2. Response object: Can send information to the client, such as the writing of
the text on a page or HTTP Cookie.
3. Server object: Allows connections to databases (ADO), filesystem, and
use of components installed on the server.
4. Application object: Stores global variables.
5. Session object: Stores variables accessible only to a single visitor.
6. Err object: Allows the management of errors.

PHP
PHP is a server-side scripting language designed primarily for web
development but also used as a general-purpose programming language.
Originally stood for personal home page, now recursive acronym hypertext
preprocessor.
PHP code may be embedded into HTML or HTML5 markup, or it can be used
in combination with various web template systems, web content management
systems and web frameworks. processed by interpreter implemented as a
module in the web server or as a Common Gateway Interface (CGI)
executable. The web server software combines the results of the interpreted
and executed PHP code, which may be any type of data, including images,
with the generated web page. PHP code may also be executed with a
command-line interface (CLI) and can be used to implement standalone
graphical applications.[7]
It has data types, functions and uses oop concepts.

XML
Extensible Markup Language (XML) is a markup language that defines a set
of rules for encoding documents in a format that is both human-readable and
machine-readable.
Terminology:
Character
An XML document is a string of characters.
Processor and application
The processor analyzes the markup and passes structured information to an
application.
Markup and content
The characters making up an XML document are divided into markup and
content, which may be distinguished by the application of simple syntactic
rules.
Tag
A tag is a markup construct that begins with < and ends with >. Tags come in
three flavors:
start-tag, such as <section>;
end-tag, such as </section>;
empty-element tag, such as <line-break />.
Element
An element is a logical document component that either begins with a start-
tag and ends with a matching end-tag or consists only of an empty-element
tag.
Attribute
An attribute is a markup construct consisting of a namevalue pair that exists
within a start-tag or empty-element tag
XML declaration
XML documents may begin with an XML declaration that describes some
information about themselves. The oldest schema language for XML is the
Document Type Definition(DTD), inherited from SGML.

JSP
JavaServer Pages (JSP) is a technology that helps software developers
create dynamically generated web pages based on HTML, XML, or other
document types. JSP is similar to PHP and ASP, but it uses the Java
programming language. To deploy and run JavaServer Pages, a compatible
web server with a servlet container, such as Apache Tomcat or Jetty, is
required.
JSP is a Servlet; each JSP servlet is cached and re-used until the original
JSP is modified.[2]

JavaScript

high-level, dynamic, weakly_typed, prototype-based, multi-paradigm, and

interpreted programming language. Alongside HTML and CSS, JavaScript is
one of the three core technologies of www content production. It is used to
make webpages interactive and provide online programs, including video
games. Supported by means of a built-in JS engine with different
specifications.

Supports event-driven, functional, and imperative (including object-oriented

and prototype-based) programming styles. It has an APIfor working with text,
arrays, dates, regular expressions, and basic manipulation of the DOM, but
the language itself does not include any I/O, such as networking, storage, or
graphics facilities, relying for these upon the host environment in which it is
embedded.

Strong outward similarities between JavaScript and Java but design are
different.

Inverse domain is used to map an address to a name called inverse

query(pointer query -PTR) to know whether the requester is authorized to
make the request or not.

We use 3DES and not 2DES because 2DES does not yield the security increase that you
would believe. Namely, 2DES uses 112 key bits (two 56-bit DES keys) but offers a
security level of about 257, not 2112, because of a "meet-in-the middle attack"

Similarly, 3DES uses 168 key bits, but offers "only" 2112 security. sometimes used with a
112-bit key (the third DES key is a copy of the first): going to 168 bits does not actually
make things more secure.
https://en.wikipedia.org/wiki/Virtual_private_network

https://en.wikipedia.org/wiki/IPsec

https://en.wikipedia.org/wiki/Reverse_Address_Resolution_Protocol