Websites security methods and vulunabilities, Lecture notes of Network security

Describing the methods to secure the website in php

Typology: Lecture notes

2021/2022

Uploaded on 01/15/2023

Umerzhahid
Umerzhahid 🇵🇰

5 documents

1 / 23

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Web Engineering
Lecture 14
Web Services
Fatima Bashir
Lecturer
Computer Science Department
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17

Partial preview of the text

Download Websites security methods and vulunabilities and more Lecture notes Network security in PDF only on Docsity!

Web Engineering

Lecture 14 Web Services Fatima Bashir Lecturer Computer Science Department

What is Web Service?

▷ Web service is a means by which computers talk to

each other over the web using HTTP and other universally supported protocols.

▷ A web service is a software module which is

designed to perform a certain set of tasks.

▷ The web services can be searched for over the

network and can also be invoked accordingly.

▷ When invoked the web service would be able to

provide functionality to the client which invokes that web service.

▷ Web Services are typically application

programming interface (API) or Web APIs that are accessed via HTTP and executed on a remote system hosting the requested service.

▷ Web services are platform- and language-

independent. You can develop a Web service using any language, and you can deploy it on any platform, from the tiniest device to the largest supercomputer.

Web Services

▷ REST = Representational State Transfer.

▷ REST is set of guidelines, which talk about, how

client interact with server.

▷ REST says that data and functionality, which client

can access on server is known as a Resource.

▷ A resource must be accessed using its URI by all

the clients.

REST

▷ This response is representation of a resource.

▷ Resource can be represented to client in multiple

format i.e. HTML. XML, Plain Text, PDF, JPEG, JSON etc.

▷ Client directly access a resource using its URI

(this is advantage of RESTFUL web services over SOAP web services)

▷ Where SOAP (Simple Object Access Protocol)

needs WSDL (Web Service Description Language) in order to access anything on server.

REST

A GET request

▷ Host: Web server ▷ The Accept header tells the server about the various presentation formats this client supports. ▷ User-Agent contains information about the type of client who made this request. ▷ Accept-Encoding/Language tells about the encoding and language this client supports.

▷ The communication protocol which RESTFUL web

services uses is HTTP.

▷ Stateless communication between client to the server is

treated as new request.

▷ Every single request from client to server is treated as a

new request and should be containing all information needed to establish the communication.

▷ However there is no restriction describe in REST

guidelines that RESTFUL services have to use HTTP and not any other communication protocol.

Features of RESTFUL Web Services

▷ SOAP (Simple Object Access Protocol) is an XML-

based protocol to let applications exchange information over HTTP.

▷ SOAP is language independent and platform

independent.

▷ SOAP provides a way to communicate between

application running on different OS with different technologies and programming languages.

▷ Web services use XML to code and decode data.

SOAP

Components of Web Services

▷The basic web services platform is XML + HTTP.

All the standard web services work using the following components −

▷SOAP (Simple Object Access Protocol) to transfer

a message

▷UDDI (Universal Description, Discovery and

Integration) for describing, publishing, and finding Web services

▷WSDL (Web Service Description Language) to

describe the availability of service. 14

▷ UDDI is a directory of service that is use to

register and search web service.

▷ Any client looking for a particular service would go

and hit UDDI and search for particular web services.

  • UDDI is a directory of web service interfaces described by WSDL
  • UDDI communicates via SOAP UDDI (Universal Description, Discovery and Integration)

▷ Now question arise, how client is able to locate

WSDL file on internet.

▷ Ans: If service provider (Server) knows the

client, then service provider directly gives this file to the client, and then client can access the web services using this file. Second there is entity UDDI directory on internet(universal description discovery & integration), where all service provider on internet register their web services on UDDI using WSDL file

UDDI

Web service Architecture

Service provider

▷ The provider creates the web service and makes it available to

client application who want to use it. Service requestor

▷ This is any consumer of the web service. The requestor

utilizes an existing web service by opening a network connection and sending an XML request. Service registry

▷ This is a logically centralized directory of services. The registry

provides a central place where developers can publish new services or find existing ones. It therefore serves as a centralized trade center for companies and their services.

How web service works?