Internet Systems Development

Aims

This course unit seeks to equip the candidate with an understanding of how to implement and maintain a web site. The course unit aims:

  1. To help the candidate to understand the key issues, technologies, protocols and paradigms of web site development and management.
  2. To stimulate analysis and develop a critical approach to web site design and construction, thus to enable appropriate choices of tools and methodologies when constructing web sites.
  3. To examine and compare a wide variety of different technologies used in web site construction, including those at the cutting edge of Internet development.
  4. To introduce some of the key programming languages used in web site construction.
  5. To provide an opportunity for the candidate to gain proficiency in web authorship.

Programme Content and Learning Objectives

After completing the programme, students should be able to:

1. Write advanced HTML, including the use of forms, tables, frames, image maps, dynamic HTML and style sheets and to be aware of current and forthcoming advances such as XML.

2. Understand the key issues of web page design with regard to the balance of dynamics, performance and aesthetics.

3. Understand the issues of authoring for platform and location independence.

4. Write simple client-side applets and/or components and incorporate them into a web page.

5. Write simple client-side scripts to create dynamic web content.

6. Write simple server-side scripts and use these to provide web-based access to a database.

7. Understand issues of security as they relate to intranet and Internet technologies and know how to design a secure web-based system.

8. Explain the technologies and implications of online commerce.

9. Explain the operation of the World Wide Web and related Internet technologies.

10. Set up and manage a web server.

Syllabus Content:

1. HTML Part 1

Basic HTML, publishing to a website.

2. Web protocols, servers and infrastructure

HTTP, the architecture of the web, web server design and management.

3. Design issues

Aesthetics vs efficiency, separation of content and representation, design for multiple browsers, hypertext design issues, designing for the visually impaired, international concerns, cross-media design.

4. HTML Part 2

Further HTML: tables, forms, frames, style sheets, imagemaps.

5. Java and ActiveX

Incorporating applets and other objects into HTML pages, writing simple Java applets, overview of ActiveX, security and performance concerns, Java sandboxing, digital signatures and notions of trust. Use of Plug ins.

6. Client-side scripts

Basic JavaScript, including form validation, image pre-loading, window manipulation.

7. Server-side scripts

Introduction to Active Server Pages and database integration.

8. CGI

Introduction to Perl, implementing CGI programs on the web server.

9. Security

Technologies of security such as S-HTTP, SSL and PPTP, secure transaction protocols, server security mechanisms, site certificates.

10. e-commerce issues

Implementing shopping carts, credit card authentication schemes, micro payments and ecash, the exploitation of search engines/portals.

11. Intranet design

Business benefits, connecting to legacy applications, design issues (e.g. user involvement, publishing methods), email/news/groupware integration.

12. Current issues

Investigation of current issues. From June 99 these might include one or more technologies such as XML, SMIL, IPv6, VRML etc.

Method of Assessment

By written examination. The pass mark is 40%. Time allowed 3 hours.

The question paper will contain: Seven questions of which five must be answered. All questions carry 20 marks. Paper will consist of two sections split broadly into technical mostly language-related) problems and business-oriented and design issues, candidate must answer at least two from each section. The course unit also requires the incremental construction of a website and, although this will not be directly assessed, it is unlikely that a candidate will be able to answer the examination questions without this practical experience.

Reading List:

Essential Reading

Web Programming Unleashed Breedlove et al SAMs

(in particular Chapters 1,2,5,7,8,10,11,12,13,14,15,18,19, 20,21,25,29,30,34)

Additional Reading 

Relevant web sites and online tutorials on specific technologies, including those found at: http://www.webmonkey.com, in particular: 

• http :llwww. hotwired. com/webmonkey/collections/javascript. html?tw-javascript - JavaScript tutorial

• http://www.hotwired.com/webmonkey/collections/Perl.html?tw Perl Perl Tutorial

• http :llwww. hotwired. com/webmonkey/stylesheets/reference/ Stylesheets Reference

• http://www.activeserverpages.com/learn/printout.asp ASP Quick Lessons by Charles M. Carroll

• http ://ituser. it. bton. act uk/staff/mas/mas/courses/html/html. htm Guide to HTML and CGI Scripts, by Mike Smith

• http ://ituser. it. bton. ac.ukldesigns. htm, Web Design resources

• http://www.webteacher.org/winnet, WebTeacher Tutorials on many topics

• http://www.internet.com, (Numerous relevant resources)

• http://www.stars.com (Web Developers Virtual Library)

• http ://vzone. virgin. net/sizzling.jalfrezi (Sizzling HTML Jalfrezi)

Note that the nature of the web means that these sites may change in location and content at any time and therefore these addresses should be considered as indicative only.

Computer & Software Access

Required

• PC running Windows 95/98/NT/2000

• scripting and Java-capable web browser (ideally Netscape 4/ IE4 or above)

• Web server- MS PWS/IIS with ASP (available as NT Options Pack)

• Java compiler

• Perl interpreter

• (apart from the PC running Windows 95/98/NT all software freely available at no extra charge)

• ODBC-accessible database, preferably MS Access

Recommended

PC should be attached to a network running over TCP/IP with Internet connection authorising access to a publicly available web server (scripting and CGI rights preferable but not required) Familiar programming environment capable of producing ActiveX controls (e.g. Microsoft Visual Basic, Visual C++, Visual J++, Borland C++ Builder, Delphi etc)

Guidance Notes for Tutors

Weighting of Topics and Sections

The course is divided into 12 roughly equal topics, each thus receiving approximately three hours of tuition.

1. HTML Part I

It is not expected that the candidates will gain more than a basic grasp of html at this point, but they should be aware of the basic divisions of an html document (head and body), be able to implement basic formatting (minimally paragraphs, line breaks, header styles, list styles) and know how to use basic anchors to provide an href to another document as well as within the current document. In particular, they should understand the difference between absolute and relative URLs. They should be able to incorporate images into their documents and know the types (JPEG/GIF, perhaps PNG) and how they differ/may be used. This should include the use of background images.

At the end of this section the student should have constructed a basic website. It is suggested that this should be themed around this course unit. The website should be developed over the entire course unit to provide a mechanism for reflection and to provide the necessary practice with HTML and associated technologies.

2. Web Protocols and Infrastructure

The objective here is to provide the candidate with a broad idea of how the web works, covering HTTP, HTML and the basics of the Internet (if these have not been covered in previous units). Essential concepts to grasp at the networking level will minimally be packet switching, DNS, sockets, IP addressing and reliability (how TCP works).

At the end of this section the candidate should have a clear idea about the nature of HTTP (connectionless request/response protocol) and know how it is implemented as a client server system. They should understand the operation of MIME types.

Basic issues of website implementation should be covered, including the setting of default directories and virtual directories, including server-root and COI-BIN. Configuration of servers will be discussed, including administration via a web browser, multi-homing, MlME type configuration and permissions. Candidate should have basic understanding of log file analysis and management. It is suggested that the candidates apply theory to practice by using PWS on their machines.

3. Design Issues

Candidates should be able to critically appraise sites according to their suitability for web browsing and time should be spent visiting and discussing each others’ sites. As well as aesthetic issues (including consistency of style, colour schemes, font selection etc) candidates should be strongly aware of navigational issues (e.g. consistent use of button bars, navigation in frames, HCI issues, perhaps relating to GUIDE methodology if this has been covered in previous course units) and performance issues (e.g. optimisation and sensible use of pictures and other multimedia content, reduction of unnecessary characters and tags in HTML code). International issues should be covered such as date/time formats, time zones, cultural differences and so on. It is important that the candidates should grasp the fact that HTML describes a document’s format but does not prescribe its appearance. This might be reinforced with a workshop demonstrating the differences between browsers (including perhaps Lynx as well as the more obvious Netscape/IE duopoly) and ideally showing different screen resolutions and colour ranges. Mention should be made of issues relating to partially sighted viewers such as use of alt tags, problems with frames, Java, scripting and image maps. The candidate should be aware of considerations affecting cross media design (e.g. printing of websites, conversion to and from PDF and other non-hypertext formats).

4. HTML Part 2

It is expected that this section will require more study than most, but most of this should be self study reinforced by practical implementation of the candidate’s own website. At the end of this section, candidates should be able to produce tables of some complexity, minimally to be able to control cells spanning multiple rows and columns, to manipulate borders and shading/colouring .

Candidates should be able to produce forms containing text boxes, text areas, check boxes, radio buttons and drop down lists, as well as submit and cancel buttons. It is suggested that the tutor provides a simple CGI or ASP program to which the results of the forms might be sent to verify that they work. Alternatively, the action specified could be mail to, making sure type is set to text/plain. Frame manipulation should include the ability to control size and orientation of frames, use of scroll bars and borders and a full understanding of top, parent etc and naming of frames. The candidate should be able to control the frame into which a document loads. The candidate should know the purpose of style sheets and be able to produce a simple CSS file, as well as to use styles within a document. They should understand the hierarchy of style sheet-document- individual tag element. The candidate should be able to produce client-side image maps and be aware that server side implementations exist. All technologies should be reflected in the development of the candidate’s website.

5. Java and ActiveX

This is not intended to be a full-scale introduction to Java and ActiveX. The candidate should be aware of the potential and limitations of each technology and know how to incorporate applets and controls into their web pages. It is suggested that the basics of Java be explained to the candidates sufficiently so that they can be given a simple demonstration of apples and modify parameters and simple elements of the program to view the effects. Sufficient explanation should include an introduction to basic constructs, knowledge of how to compile Java applets, use of an apples viewer, location of files etc.

The demonstration program might conveniently be an interactive graphical program, perhaps a game such as Pong or Tic Tac Toe. Depending on previous programming experience, it may be appropriate to encourage the candidate to write a ‘hello world’ apples from scratch, but no more than this. This should be made available on the candidate’s website.

The advantages and disadvantages of ActiveX should be explained in the context of Java, particularly drawing attention to its proprietary format and platform dependence, but also emphasising the advantages of familiar language support, sophistication of applets and tight integration with Windows. Issues of certification vs sandboxing should be covered. The candidate should be able to make a reasoned judgement about appropriate technology to use in various circumstances. Plugins should be explained in association with ActiveX controls.

6. Client-side Scripts

JavaScript should be introduced in relation to Java, emphasising its dissimilarities and clearly indicating its domain as a scripting language. The candidate should be able to construct simple JavaScript functions to take and manipulate form input, to write text to documents and change the location of documents in multiple frames and other windows. The use of JavaScript to preload images should be covered, and the candidate should be familiar enough with the Document Object Model to be able to use events such as click, on load, on blur, on mouseover etc effectively and appropriately. Candidates should be aware of the existence of VBScript and its shortcomings (Microsoft only implementation or need for plugins for other browsers).

7. Server-side Scripts

The candidate should be able to explain the difference between client-side and server-side scripting and know how to use both effectively. They should be able to take input from a form and use server-side scripting to modify and display results from a database, JavaScript be used as the scripting language of choice (given earlier exposure), although VBScript may be simpler depending on candidates’ previous exposure to Visual Basic. The object is not to demonstrate clever use of SQL, so it is suggested that the database used should consist of a single table with just a few fields. The candidate should write or modify ASP pages to update, append and display records in the table. Depending on time constraints, a sample application may be provided or a skeleton for the candidate to modify.

8. CGI

The candidate should be clear about the differences between server-side scripting and CGI, particularly as it relates to security, flexibility and performance and integration with the web server. They should be aware of server APls (e.g. NSAPI, ISAPI) and their use. They should know (theoretically at least) how to wrap up CGI safely using COI-WRAP or similar techology. Perl should be introduced at the ‘hello world’ level. Candidates should be aware of server setup for Perl, including the setting of a path, execute permissions etc. The candidate should know how to run a Perl program from the command line and should understand use of stain and stdout. I would also expect the candidate to understand the contents of HTTP headers and use of MIME types.

9. Security

Candidates should know basic security at the server level and on a per-user basis. They should be aware of the advantages and disadvantages of basic and O/S level security (particularly ways in which this can be incorporated into web site design). A basic understanding of the strengths and limitations of firewall technologies (including proxy servers, bastion hosts and stateful/stateless filters) should be gained. Issues relating to Java, VBSCRIPT, CGI etc should already have been covered in topics on those technologies. Students should be aware of issues such as private key/public key technologies (it is hoped that this may have been covered in the networking course unit), use of digital signatures and certificates, trusted third parties (e.g. Verisign) and X.509. The ability to explain the differences between SSL and S-HTTP (and/or SHEN) would be expected. The candidate should understand the use of cookies and how this relates to security. It is hoped that VPNs would have been covered in a previous course unit but, if not, then these should be briefly explained.

10. e-commerce Issues

Issues covered should include issues surrounding shopping carts (e.g. design concerns, maintaining states, cookies etc), credit card authentication schemes, micropayments and ecash. This topic does not need to be covered in great technical detail, but the candidate should be aware of the available technologies and how an ecommerce-enabled site might be implemented, including shopping carts and methods of enabling secure payment. Students should be aware of the relevant encryption/trusted third party issues, especially SET technology. The role of XML in unifying traditional EDI applications should be examined. Students should be aware of the need for speed, ways of enticing customers to browse and the benefits of ecommerce (such as the various reduced costs, personalised service and customer targeting). Pitfalls (such as the strong negative effect of poor performance, excessive graphics, lack of feedback or poor responsiveness) should be emphasised. An appropriate exercise would be to consider the needs of a real or fictional company and an investigation of how the company might implement various e-commerce solutions.

11. Intranet design

This part should cover issues that distinctly relate to intranet design, particularly managing the implementation of an intranet project- organisation of the site, enabling users to publish and manage their own material and the importance of planning and control. The issues should be compared and contrasted with public website design concerns which will have arisen in earlier topics. Different models of intranet design should be explored, including top down and bottom-up techniques. The construction of middleware to deal with legacy applications should be discussed, including connection to SQL databases, screen scraping and the integration of messaging and calendaring systems.

Candidates should be aware of the business benefits of intranet systems, in particular the various ways that costs can be cut (including reduced development times, integration of existing systems, simplified training etc) and improved communications, sense of ownership and so on. They should also recognise the potential hazards to an intranet, with particular emphasis on timeliness of information, effects leading to organisational change, roles in maintaining the system and the need for management co-operation and involvement.

12. Current issues

Investigation of current issues. As of June 99 these might include technologies such as XML, SMIL, issues of metadata, PICS, IPv6 implications etc. This might also be an appropriate place to introduce technologies such as CORBA and DCOM, perhaps Enterprise Java Beans, although it should be borne in mind that this is not a programming course unit as such. It might also be appropriate to explore the integration of other Internet technologies, including VRML, RealAudio (and other streaming media) and multimedia technologies.

The candidates should be encouraged to use the web and appropriate journals to investigate selected technologies. Key issues to draw attention to should be integration with/backwards compatibility with existing systems, technical and organisational benefits, possible future developments, impact on infrastructure, problems being solved, market impact. The candidate should prove that they are able to critically evaluate the various technologies from a variety of perspectives. It is suggested that a report on a particular technology be presented on the candidate’s website and that candidates should be encouraged to view and critically assess each others’ work.

CHIEF EXAMINER’S COMMENTS

This course is aimed at implementers of websites and webmasters. As such, with the exception of HTML, it is not expected that the candidate will gain a deep knowledge of any one topic, but that they should be able to critically evaluate and use a broad range of technologies with an awareness of the implications and issues that arise.

Those who have learnt the facts might just pass, but in order to gain credit or distinction the emphasis should be on synthesis of the components, their appropriate use in a given context and a critical understanding of the strengths and limitations of the various technologies. A good candidate should be able to discuss a range of issues incorporating technical to design to business considerations.