Presentation is loading. Please wait.

Presentation is loading. Please wait.

LYU9901 Travel-Net Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "LYU9901 Travel-Net Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur."— Presentation transcript:

1 LYU9901 Travel-Net Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur

2 Outline Introduction & Project Objectives Approaches to Web Applications Facilities of TravelNet System Design Security Issues Future Enhancement Summary

3 Project Objectives Practise real life e-commerce with security and payment issues Building an online Web application - A Travel Agent Using new server side programming technology - Java Servlet Finally, develop our system in distributed manner

4 Introduction Nowadays e-commerce: A new way to do business and earn money. (Amazon, CDNow) Due to its great potential and popularity among the internet, it is worthy for us to practice it. Travel-Net is an e-commerce application providing travel related services.(like Expedia, Travelocity, Preview Travel)

5 E-commerce model 3-Tier client/server: A special type of client/server architecture consisting of three well-defined and separate processes, each running on a different platform Components include: Client Web Browser Web Server with programming capability (like servlets) Database or other resources

6 Approaches on Web Applications Java Applets ASP CGI Java Servlets

7 Java Applets Run on Client Side Reduce server process load Download overhead(plugins, classes) Connectivity restrictions Small scale application

8 Active Server Page(ASP) Server scripts in Html Can invoke server programs (rarely) Generating dynamic pages Fast and efficient Low compatibility (MS products)

9 Common Gateway Interface(CGI) Gateway for server programs Can be written in different languages Scripts or Compiled code Platform dependent Poor concurrency performance Security threats

10 Java Servlets Server side programming Written in pure Java Handle HTTP protocol Need Servlet engine

11 Advantages Of Servlets Performance (concurrent) High Portability Extensibility Security

12 Facilities of TravelNet Travel Accessories Shop Flight Search Travel Guides To provide travel related service

13 Travel Accessories Shop Selling of travel accessories: different types of luggage travel maps travel guide books other stuffs that is convenient & portable for travel

14 Travel Accessories Shop(2) provides pictures and description of products users add the item they want to buy in a shopping basket system keep the content of basket until they leave the current session on-site delivery after paying the bill

15 Demonstration

16 Flight Search One way flight (ready) Round trip Multi-cities route Type of Search

17 Flight Search (2) User enter search information TravelNet contact each Airline Manager through interface Show results

18 Flight Search(3) Database coverage: Each Airline has its own database for its flight To minimize the complexity and the large size of data, the DB only covers for some major Asian cities

19 Flight Search (4) Difficulties encountered: Simulation of airline databases –unable to obtain the actual database of airlines –construct the structure of the database by hypothesis on the data from some travel web site –get flight data from these travel web site manually –Tedious work!!!

20 Travel Guides Provides online information on Cities that covered by Travel-Net Information includes: –City map –Famous spot –Currency –Necessary equipment and procedure on visit the city –other information

21 System Design Architecture Overview Communication Interfaces Web Site Hierarchy

22 Web Browser 1 Host Machine: Java enable web Server Servlets User Profile Database Inventory Stock Database HTTP Req/Resp 23 Foreign Inventory Database Company DB Mngr Foreign Inventory Database Company DB Mngr Authorized Companies Providing Inventory Data 4 Bank Account Database Payment Manager Bank Handling Payments 5 System Architecture

23 Airline Database Manager Interface Flight information query FLIGHT_ID FLIGHT_QUERY (DEPARTURE_DATE, DEPARTURE_TIME SOURCE, DESTINATION, TYPE_OF_FLIGHT, CLASS_OF_SEAT, AGE_GROUP, USER_REQUIREMENT) THROWS (NO_FLIGHT_MATCH) Flight booking request VOID FLIGHT_BOOK (DEPARTURE_DATE, FLIGHT_ID TYPE_OF_FLIGHT, CLASS_OF_SEAT, AGE_GROUP, USER_REQUIREMENT, USER_INFORMATION) THROWS (NO_FLIGHT_MATCH, BOOKING_FULL) Flight price search FLOAT GET_PRICE (FLIGHT_ID) THROWS (NO_FLIGHT_MATCH)

24 Simple Payment Manager Visa card validation interface VALIDATE_VISA (VISA_NUMBER, CARD_HOLDER_NAME, EXPIRE_DATE) THROWS (INVALID_VISA) Visa card debit credit interface DEDUCT_CREDIT_FROM_VISA_CARD (VISA_NUMBER, CARD_HOLDER_NAME, EXPIRE_DATE, DEBIT_AMOUNT, CREDIT_ACCOUNT) THROWS (INVALID_VISA, NOT_ENOUGH_CREDIT, CREDIT_ACCOUNT_NOT_EXIST)

25 Web Site Hierarchy

26 Security A major concern on every e-commerce system Useful feature especially on transferring confidential data like credit card details during payment Common solution: Encryption

27 Security(2) Parts that require encryption in the system: Client (browser) Travel Agent Server Payment Gateway : credit card detail / user password : transaction reference

28 Security(3) Our concern: –Encryption/Decryption of data requires computation power at both clients & servers –No problem for servers communication –But difficult to control the computation at clients

29 Security(4) Our approach: –Use of browser build-in capability for security –Advantage: do not require user to install extra plug-in –Disadvantage: need the browser to support –Use of SSL which is supported by major browsers(Netscape / Internet Explorer)

30 Security(5) - SSL Brief introduction of SSL: –developed by Netscape –support of different encryption algorithm(e.g. RSA) –use of symmetric key called session key for data encryption & decryption –session key is generated using information of server certificate which should be signed by a trusted CA –common key length used is 40bits, 56bits and 128bits(US only)

31 Security(6) - SSL Brief procedures of SSL connection: –Authenticate the server to the client. –Allow the client and server to select the cryptographic algorithms, or ciphers, that they both support. –Optionally authenticate the client to the server. –Use public-key encryption techniques to generate shared secrets. –Establish an encrypted SSL connection.

32 Security(7) What do we need to do? Get a server certificate & install it –we are now using a fully functional free trial certificate from Entrust Co. Use https in browser for SSL connection

33 Future Enhancement Develop distributed TravelNet using CORBA Integrate a secure payment system of a post- graduate student with TravelNet Real life micro payment payment (Mondex) Add service: Hotel Room Reservation Evaluate the possibility of using Agent techniques Add other interesting stuffs if time is allowed (like trip planner)

34 Summary Already built a nearly real life Web application, a travel agency. Using Servlet (a quite new technology) to implement our system The use of Java allow us to extend our distributed system in CORBA Security has be taken in consideration on information exchange.

35 Program Listing

36 ~Thanks for Coming~ LYU9901: TravelNet Ho Chi Ho Malcolm Lau Chi Ho Arthur

Download ppt "LYU9901 Travel-Net Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur."

Similar presentations

Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
Cryptography and Network Security

Cryptography and Network Security
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 

Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 
IIS Technologies.

IIS Technologies.
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.

Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Servlets and a little bit of Web Services Russell Beale.

Servlets and a little bit of Web Services Russell Beale.
15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.

15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Introduction to Web Application Architectures Web Application Architectures 18 th March 2005 Bogdan L. Vrusias

Introduction to Web Application Architectures Web Application Architectures 18 th March 2005 Bogdan L. Vrusias
Outline IS400: Development of Business Applications on the Internet Fall 2004 Instructor: Dr. Boris Jukic Server Side Web Technologies: Part 2.

Outline IS400: Development of Business Applications on the Internet Fall 2004 Instructor: Dr. Boris Jukic Server Side Web Technologies: Part 2.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
LYU9901-Travel Net LYU9901-Travel Net Supervisor: Prof. Michael R. Lyu Students: Ho Chi Ho Malcolm Lau Chi Ho Arthur (Presentation on 29-02-2000)

LYU9901-Travel Net LYU9901-Travel Net Supervisor: Prof. Michael R. Lyu Students: Ho Chi Ho Malcolm Lau Chi Ho Arthur (Presentation on )
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
LYU9901 Travel-Net Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur.

LYU9901 Travel-Net Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur.
LYU9901 TravelNet Final Presentation Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur On 25-04-2000.

LYU9901 TravelNet Final Presentation Supervisor: Prof. Michael R. Lyu Members: Ho Chi Ho Malcolm Lau Chi Ho Arthur On
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.
ECA 228 Internet/Intranet Design I Intro to the Web.

ECA 228 Internet/Intranet Design I Intro to the Web.

Similar presentations

Ads by Google