This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The task given was to compare and contrast the differences between static content websites and dynamic content websites, by analysing the different architecture structures as well as to examine the security related problems with electronic transactions and storage. This essay will examine the differing network architectures for dynamic and static websites and highlight the impact these architectures have on the security of data, by highlighting the impact of these architectures on security of data.
Static Content Websites
A static website contains web pages with fixed or static content, and they are mainly coded in Hypertext Mark-up Language (HTML). Although you may not be able to tell immediately if a website is static, chances are if the site looks basic and is for a smaller company, and simply delivers information, it could be a static website. Static sites are the most basic type of website and they are the most simple to create. As opposed to dynamic websites, they do not necessitate any web programming or database design. A static website consists of web pages arbitrarily put together. These pages are located on a server in the same position as you would view them within a browser. A static website is needed when changes to a website are infrequent, and the list of products and services provided on the website are limited, therefore, not needing to be updated often. A simple e-mail based ordering system is sufficient for the website, and no advanced online ordering facility is required. Also, features such as order tracking, verifying availability of stock, and online credit card transactions are not needed, and the website does not require the need to be connected to a back-end system. (Kaushik, P., 2009). The main advantage to a static site is that every page can be different if required, to match the layout of different content. As well as this, there is no need for any programming skills to create a static page, and no particular hosting requirements are needed, along with this the websites can be viewed directly by a web browser without needing a web server or application server.
However, it is difficult to alter content of a static website, as content such as text, graphics and multimedia are stored in HTML pages and not databases; it would be tedious and time-consuming to change content on multiple web pages. There is also a risk of files being overwritten. Since static web pages contain fixed code, the content of each page does not alter unless it is manually updated by the webmaster. Although this works for small websites, it can be difficult to maintain large websites. Therefore, larger websites generally use dynamic pages which can be updated by simply modifying a database record.
Dynamic Content Websites
A dynamic website contains web pages that are generated in real-time, and contain web scripting code, such as ASP and PHP, ColdFusion, or JSP. In a dynamic websites, the content of the site is called in by the scripting language from a database or from other files. Examples of dynamic websites include search engines, banking sites, and weather sites. Dynamic sites have an advantage of not needing to be updated by a web professional. A dynamic content website, though developed by a web professional, can be maintained directly by the owner of the site. A dynamic website responds to the needs of the user, and provides appropriate information for the user by accessing information in a connected database. It also allows the user to have an interactive experience, as opposed to just being able to view text and graphics on a webpage, with the user being in control of information he or she views. Most large websites are dynamic, as they are easier to maintain than static websites. This is because each webpage on a static site has unique content, meaning that the necessary page must be opened and edited manually, and then published when the required changes have been made. However, since dynamic websites access their information from a database, the webmaster may only need to update a database record. Since a dynamic site is connected to a database, information can easily be pulled in, in an organised and structured manner to create product pages or categories of related products that can be sorted in a selection of different ways depending on how the user wants them to be viewed. Dynamic web pages are quite often very simple, regarding their actual design. There is a place for the user to type in data, with some information and simple graphics. After the user types in their data, this changes. The web page server accesses a database of information, and searches for what the user wants. Once the information has been found, it is brought to the web page, and then displayed.
Dynamic websites give users a far more functional website over a static website, and they are much easier to update. Since dynamic websites are much easier to update over static websites, new content brings more users back to the site.
Compare and Contrast Static and Dynamic Websites
First of all, static websites are quick, and cheap to develop, however, there are ongoing costs for updating the site with new content, as it requires web development expertise to update the site, otherwise content can get stagnant. (EDinteractive). However "... dynamic sites are more costly to create, but easier to update." (Pakroo, P., 2002).Â There are little or no other ongoing costs with a dynamic website unless there is a change in the basic design of the site, or if any extra capabilities have been added to the site. "Unlike Static Websites, the initial setting up costs of Dynamic-content Web sites is quite high but there will be enormous saving in subsequent maintenance costs." (Kaushik, P., 2009). In addition to this however, hosting a dynamic website would cost slightly more than when hosting a static website. An advantage with static websites is its flexibility; every page can be different if wanted, so each page of the website looks individual, although updating each page can be a lengthy process. As well as this, another main problem with static websites is scalability. If you wish to be able to sell products on your site, and you had a large amount of products to sell, there would be a need to build individual pages for each product, which would take up time, cost, and effort. This is opposed to dynamic websites, which are much easier to update. "Instead of using web-site creation software or editing HTML code, you'll generally use a browser based content management system (CMS) to make changes to dynamic site content... Also, dynamic sites are much more scalable than static sites, and can much more easily be expanded with new sections or features." (Pakroo, P., 2005).Â (EDinteractive). Furthermore, dynamic websites have the unique advantage of not having to rely on web professionals to be constantly updated, as opposed to static websites. (Kaushik, P., 2009).
Security Issues Associated with Electronic Transactions and Storage
In eBusiness and eCommerce, there is a lot of data passed over the internet, which should not be read by anyone other than the user. This can include credit card information, and other types of sensitive data. To protect this, a special protocol called SSL (Secure Socket Layer) is used that uses public key encryption. The SSL certificate provides two primary functions; SSL encryption allows data to be transmitted over computer networks in a secure manner, and identity validations allows the business running the site to 'prove' that they are who they claim to be. Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers andÂ Web servers to transmit sensitive information.Â In a browser, to tell whether or not a secure protocol is being used, the "http" in the address line is replaced with "https", and a small padlock should be seen in the bottom of the browser window. When accessing sensitive information, such as an online bank account, the format should change to this to prove that website is secure. SSL makes significant used of certificant authorities. Once the browser has requested a secure page and adds the "s" onto the end of "http, the browser will then send out the public key and the certificate checking three things; whether or not the certificate comes from a trusted party, that the certificate is valid, and the certificate has a relationship with the site from which it's coming from. (Tyson, J). SSL has now become part of an overall security protocol which is known as TLS (Transport Layer Security).
DSN or Data Source Name provides connectivity to a database through an ODBC (Open DataBase Connectivity) driver. The DSN contains the name of the database, the directory, database driver, user ID, password and other types on information. Once a DSN has been created for a particular database, the DSN can be used in an application to call information from the database. To protect a DSN from security issues, it must be unique, and password protected.
Regarding databases "an attacker can target and compromise a database server in a number of ways by exploiting a variety of configuration and application level vulnerabilities. The main threats to a database server are: SQL injection, network eavesdropping, unauthorized server access, and password cracking." Microsoft. (2006). An SQL injection attack is when an attacker exploits the vulnerabilities in your applications input validation and data access code to run commands in the database using the security contexts of the Web application. To counter measure this, a SQL server login should have restricted permissions in the database. To prevent network eavesdropping, a server certificate should be installed on the database. To combat password cracking, passwords for SQL server login accounts should be complex, not containing words that are common in the dictionary. Finally, to protect a database from unauthorised server access, SQL server ports should not be visible from outside the perimeter network, and within the perimeter, direct access should be restricted from unauthorised hosts, by using, for example, IPSec or TCP/IP filters. (Microsoft, 2006)
Both static websites and dynamic websites have been analysed in this task, and the different architectures have been examined, compared and contrasted.
Static websites are the simpler of websites, as they don't require any web programming knowledge; however the familiarity of HTML is necessary. This also keeps costs down. As well as this, they are flexible as pages can be distinct, and each page can have its own layout. Static websites are also more common than dynamic websites, as many older sites use the static architecture, and are used by smaller companies and businesses. It is also cheaper to host, as no particular hosting requirements are needed. On the other hand, it is difficult to alter and update a static website as it is time-consuming, and can be costly , files may be overwritten, and it has issues with scalability.
Dynamic websites are more complex, as they contain scripting code, but are far easier to update and manage, since a dynamic site is connected to a database, only a record may need to be changed to modify the site. This allows non-web professionals to update their own site, therefore, not spending money out to have their site updated. Dynamic sites are more interactive than static sites, as the user is in control of what he or she wants to view. Dynamic sites tend to be used more so in eCommerce, especially for selling items over the internet, as opposed to static websites. Furthermore, dynamic sites are much more scalable that static sites.
Finally, there are many security flaws associated with electronic transactions and software; however, there are also many ways to combat those issues, as proven within this document. These include digital certificates, usernames and passwords, and database server security.