NET CENTRIC AND DATA PROCESSING

CSC 401

COMPUTER SCIENCE, AAUA

AKINWUMI DAVID (Ph.D)

 Introduction
Net-Centric
Net-Centric or network centered computing is an ongoing area in the twenty-first century with a
great interest among software engineers as it is an enabling technology for modern distributed
computing systems and applications. Today, Net-Centric applications have invaded the lives of
people in many ways. Net-Centric Computing (NCC) is a distributed environment where
applications and data are downloaded from servers and exchanged with peers across a network. Net-
centric Computing focuses on large-scale distributed computing systems and applications that
communicate through open, wide-area networks like the Internet. General examples of large-scale
network-centric systems are the World-Wide Web and Computational Grids. For several years,
major changes are being brought to the world by universal networking capabilities, such as the
Internet. Today’s technology solutions represent the convergence of computing power, networking
capability and the information, data or knowledge that forms the content of these solutions. Net-
centric computing refers to an emerging technology architecture and an evolutionary stage of
client/server computing. It is a common architecture built on open standards that supports in
different ways for different people to collaborate and to reach different information sources. The
evolutionary nature of net-centric computing links technological capabilities and strategic
opportunities, helping people in facing today’s new problems and providing the flexibility to meet
tomorrow’s challenges.
A Distributed System is a system whose components are located on different networked computers,
which communicate and coordinate their actions by passing messages to one another from any
system in order to appear as a single system to the end-user. The computers that are in a distributed
system can be physically together and connected by a local network, or they can be geographically
distant and connected by a wide area network. A distributed system can consist of any number of
possible components such as mainframes, personal computers, workstations, minicomputers, and so
on. Common use cases of a distributed systems are electronic banking systems, massive multiplayer
online games, and sensor networks.

Distributed Computing is a much broader technology that has been around for more than three
decades now. Distributed computing is computing over distributed autonomous computers that
communicate only over a network. Distributed computing systems are usually treated differently
from parallel computing systems or shared-memory systems where multiple computers share a
common memory pool that is used for communication between the processors. Distributed memory
systems use multiple computers to solve a common problem, with computation
distributed among the connected computers (nodes) and using message- passing to communicate
between the nodes.
Example of distributed computing is the grid computing where the nodes may belong to different
administrative domains. Another example is the network-based storage virtualization solution which
uses distributed computing between data and metadata servers.

Figure 1.1.1: Distributed Computing Systems

Distributed computing, however, can include heterogeneous computations where some nodes may
perform a lot more computation, some perform very little computation and a few others may perform
specialized functionality (like processing visual graphics).

One of the main advantages of using distributed computing is that efficient scalable programs can be
designed so that independent processes are scheduled on different nodes and they communicate only
occasionally to exchange results – as opposed to working out of a shared memory with multiple
simultaneous accesses to a common memory.
It is obvious that cloud computing is also a specialized form of distributed computing, where
distributed Software as a Service (SaaS) applications utilize thin clients (such as browsers) which
offload computation to cloud-hosted servers (and services).
Distributed computing, virtualization, service orientation, and Web 2.0 form the core technologies
enabling the provisioning of cloud services from anywhere on the globe.
Distributed computing is a foundational model for cloud computing because cloud systems are
distributed systems. Besides administrative tasks mostly connected to the accessibility of resources
in the cloud, the
extreme dynamism of cloud systems—where new nodes and services are provisioned on demand—
constitutes the major challenge for engineers and developers.
3.0 Web 2.0 technologies
Web 2.0 technologies constitute the interface through which cloud computing services are delivered,
managed, and provisioned. Besides the interaction with rich interfaces through the Web browser,
Web services have become the primary access point to cloud computing systems from a
programmatic standpoint.
3.1 Service Orientations
Service orientation is the underlying paradigm that defines the architecture of a cloud computing
system. Cloud computing is often summarized with the acronym XaaS meaning, Everything-as-a-
Service—that clearly underlines the central role of service orientation. Infrastructure-as-a-Service
solutions provide the capabilities to add and remove resources, but it is up to those who deploy
systems on this scalable infrastructure to make use of such opportunities with wisdom and
effectiveness.
Platform-as-a-Service solutions embed into their core offering algorithms and rules that control the
provisioning process and the lease of resources. These can be either completely transparent to
developers or subject to fine control. Integration between cloud resources and existing system
deployment is another element of concern.
3.2 Virtualization
Virtualization is another element that plays a fundamental role in cloud computing. This technology
is a core feature of the infrastructure used by cloud providers. Virtualization concept is more than 40
years old but cloud computing introduces new challenges, especially in the management of virtual
environments, whether they are abstractions of virtual hardware or a runtime environment.

MOBILE & WIRELESS COMPUTING

Mobile and wireless computing is a human–computer interaction concept in which a computer could
be in motion during normal usage. Mobile and wireless computing involves mobile communication,
mobile hardware and mobile software, does involve the use of physical cable but devices are
connected through electromagnetic waves. The farther the usage location to the network source the
less the intensity of the cloud and speed of connection and vice versa.
Mobile and wireless Computing is a technology that allows transmission of data, voice and video via
a computer or any other wireless enabled device without having to be connected to a fixed physical
link.
Computing Technologies are the technologies that are used to manage, process, and communicate
the data. Wireless simply means without any wire i.e. connecting with other devices without any
physical connection. Wireless computing is transferring the data or information between computers
or devices that are not physically connected to each other and having a “wireless network
connection”. For example, mobile devices, Wi-Fi, wireless printers and scanners, etc. Mobiles are
not physically connected but then too we can transfer data.

Mobile is a computing device that not require any network connection or any connection to transfer
data or information between devices. For example laptops, tablets, smartphones, etc. Mobile
computing allows transferring of the data/information, audio, video, or any other document without
any connection to the base or central network. These computing devices are the most widely used
technologies nowadays.
There are some wireless/mobile computing technologies given below:
1. Global System for Mobile Communications (GSM) :
GSM is a Current circuit-switched wireless data communication technology. It is established in
Europe by ETSI (European Telecommunications Standards Institute) in the mid-1980s. GSM
network has 4 different parks that who’s functions are different: Mobile Station, BSS (Base Station
Subsystem), NSS (Network Switching Subsystem), OSS (Operation and Support Subsystem).

As the name suggests, GSM is widely used for the mobile communication system. It operates in the
frequency band 900-MHz, 1800-MHz, and 1900-MHz. GSM is developed using TDMA (Time
Division Multiple Access) for better communication using mobile. It is the most widely used mobile
communication system and is mostly required nowadays. It can achieve maximum data transmission
speed or data transmission rate up to 9.6Kbps (Kilobits per second).

2. Code-Division Multiple Access (CDMA) :

CDMA is a type of wireless computing technology. It is developed during World War II. This
technology is mostly used as it provides better network quality, more storage capacity for voice and
data communications than TDMA, decreases system noise and interference using power control,
provides more security by encoding the user transmission data into a unique code.
CDMA does not provide any user with a specific frequency instead utilizes the entire frequency
spectrum available for transmission. It
operates in the frequency range of 800 MHz to 1.9 GHz. It uses Soft Handoff that reduces signal
breaks.

3. Wireless in Local Loop (WLL) :

WLL is a widely used technology for wireless communication systems. It is also called a Fixed
Wireless Loop. WLL is very easy to develop and less time is required to install, very cost-effective
as wireless systems are less expensive because the cost of cable installation is not added.
WLL allows users to connect to the local telephone station using a wireless link and provides
advanced features of customer service. It provides high-quality data transmission and a high data
rate. Generally, two types of WLL techniques are available: Local Multipoint Distribution Service
(LMDS) and Multichannel Multipoint Distribution Service (MMDS).

4. General Packet Radio Service (GPRS) :

GPRS is a type of Packet-based Wireless communication technology. It is established by ETSI
(European Telecommunications Standards Institute). GPRS can achieve a data transfer rate of up to
114Kbps. It is very cost-effective, highly stable, can achieve a maximum data rate of up to 114Kbps
(Kilobits per second). It supports Internet Protocol (IP),
X.25 (standard protocol for packet-switched data communication), Point-to-Point protocol (PPP),
and based on Gaussian minimum-shift keying (GMSK) which is a modulation technique.
The Gateway GPRS Service Node (GGSN) and the Serving GPRS Service Node (SGSN) are the two
core modules required to enable GPRS on GSM network or TDMA network.

5. Short Message Service (SMS) :

SMS is originally created for a phone/mobile that uses GSM Global System for Mobile
communication). This service is used to send text messages even without the Internet connection
between two or more mobile devices. This technique is very easy, user-friendly, comfortable and the
most effective means of wireless communication.

In this service, less time is required for communication. It does not require any Internet connection
for sending text messages. It allows the transmission of short messages i.e. up to 160 characters in
length. SMS uses standardized communication protocols. SMS is received by Short Message Service
Center (SMSC).
Figure 3.1 below shows the Internet and various devices connected to it wirelessly for
communication all over the world.

Figure 1.2.1: Internet with Mobile Devices connected

1.2 Mobile communication
• The mobile communication refers to the infrastructure put in place to
 ensure that seamless and reliable communication goes on
• These would include devices such as protocols, services, bandwidth, and
portals necessary to facilitate and support the stated services
• The data format is also defined at this stage
• This ensures that there is no collision with other existing systems which
offer the same service.
• the media is unguided/unbounded, the overlaying infrastructure is
basically radio wave-oriented
That is, the signals are carried over the air to intended devices that are capable of receiving and
sending similar kinds of signals.

1.3 Mobile hardware

• mobile devices or device components that receive or access the service of
mobility
• They would range from portable laptops, smartphones, tablet Pc's,
Personal Digital Assistants

Figure 1.2.2: Mobile Hardware

1.4 Mobile Software
• Mobile software is the actual program that runs on the mobile hardware
• It deals with the characteristics and requirements of mobile applications
• This is the engine of the mobile device
• It is the operating system of the appliance
• Its the essential component that operates the mobile device
• Since portability is the main factor, this type of computing ensures that users are not tied
or pinned to a single physical location, but are able to operate from anywhere. It
incorporates all aspects of wireless communications

3.3 Mobile Classification

• Mobile computing is not only limited to mobile phones, but there are
various gadgets available in the market that are built on a platform to
support mobile computing
• They are usually classified in the following categories:
 3.3.1. Personal Digital Assistant (PDA)
• The main purpose of this device is to act as an electronic organizer or day planner that
is portable, easy to use and capable of sharing information with your computer
systems.
• PDA is an extension of the PC, not a replacement
• These systems are capable of sharing information with a computer system through a
process or service known as synchronization
• Both devices will access each other to check for changes or updates in the individual
devices
• The use of infrared and Bluetooth connections enables these devices to always
Figure 1.2.4: Personal Data Assistant be synchronized.
• With PDA devices, a user can browse the internet,
listen to audio clips, watch video clips, edit and
modify office documents, and many more services
• The device has a stylus and a touch sensitive screen
for input and output purposes

3.5.2 Smartphones
 • It combines the features of a PDA with that of a mobile phone or camera
phone
• It has a superior edge over other kinds of mobile phones.
• Smartphones have the capability to run multiple programs concurrently
• These phones include high-resolution touch screens, web browsers that
can:
• access and properly display standard web pages rather than just mobile-
optimized sites
• high-speed data access via Wi-Fi and high speed cellular broadband.
• The most common mobile Operating Systems (OS) used by modern
smartphones include:
a. Google's Android
b. Apple's iOS
c. Nokia's Symbian
d. RIM's BlackBerry OS
e. Samsung's Bada
f. Microsoft's Windows Phone, and embedded Linux distributions such as Maemo
and MeeGo. Such operating systems can be installed on different phone models,
and typically each device can receive multiple OS software updates over its
lifetime.

Figure 1.2.5: Smart Phones

3.5.3 Tablet PC and iPads
• This mobile device is larger than a mobile phone or a PDA and integrates into a touch
screen and is operated using touch sensitive motions on the screen They are often
controlled by a pen or by the touch of a finger
• They are usually in slate form and are light in weight. Examples would include ipads,
Galaxy Tabs, Blackberry Playbooks etc.
• They offer the same functionality as portable computers
• They support mobile computing in a far superior way and have enormous processing
horsepower
• Users can edit and modify document files, access high speed internet, stream video and
audio data, receive and send e-mails, attend/give lectures and presentations among its
very many other functions
• They have excellent screen resolution and clarity
Figure 1.2.6: Ipads & PCs

3.4 Advantages of Mobile Computing

• Location Flexibility
• This has enabled users to work from anywhere as long as there is a network connection
established
• A user can work without being in a fixed position
• Their mobility ensures that they are able to carry out numerous tasks at the same time and
perform their stated jobs.
• Saves Time
• The time consumed or wasted while travelling from different locations or to the office and
back, has been slashed
• One can now access all the important documents and files over a secure channel or portal and
work as if they were on their computer
• It has enhanced telecommuting in many companies
• It has also reduced unnecessary incurred expenses
• Enhanced Productivity
• Users can work efficiently and effectively from whichever location they find
comfortable
• This in turn enhances their productivity level
• Ease of Research
• Research has been made easier, since users earlier were required to go to the field
and search for facts and feed them back into the system
• It has also made it easier for field officers and researchers to collect and feed data
from wherever they are without making unnecessary trips to and from the office
to the field
• Entertainment
• Video and audio recordings can now be streamed on-the- go using mobile
computing
• It's easy to access a wide variety of movies, educational and informative material
• With the improvement and availability of high speed data connections at
considerable cost, one is able to get all the entertainment they want as they
browse the internet for streamed data
 • One is able to watch news, movies, and documentaries among other
entertainment offers over the internet
• This was not possible before mobile computing dawned on the computing world.
• Streamlining of Business Processes
• Business processes are now easily available through secured connections
• Looking into security issues, adequate measures have been put in place to ensure
authentication and authorization of the user accessing the services
• Some business functions can be run over secure links and sharing of
information between business partners can also take place Meetings, seminars
and other informative services can be conducted using video and voice
conferencing
• Travel time and expenditure is also considerably reduced
3.5 Security Issues
• Mobile computing has its fair share of security concerns as any other
technology
• Due to its nomadic nature, it's not easy to monitor the proper usage
• Users might have different intentions on how to utilize this privilege
• Improper and unethical practices such as hacking, industrial espionage,
pirating, online fraud and malicious destruction are some but few of the
problems experienced by mobile computing
• Another big problem plaguing mobile computing is credential verification
• As other users share username and passwords, it poses as a major threat to
security
• This being a very sensitive issue, most companies are very reluctant to
implement mobile computing to the dangers of misrepresentation
• The problem of identity theft is very difficult to contain or eradicate
• Issues with unauthorized access to data and information by hackers, is
also an enormous problem
• Outsiders gain access to steal vital data from companies, which is a major
hindrance in rolling out mobile computing services.
• No company wants to lay open their secrets to hackers and other
intruders, who will in turn sell the valuable information to their
competitors
• It's also important to take the necessary precautions to minimize these
threats from taking place
• Some of those measures include:
• Hiring qualified personnel.
• Installing security hardware and software
• Educating the users on proper mobile computing ethics
• Auditing and developing sound, effective policies to govern mobile
computing
• Enforcing proper access rights and permissions
• In the absence of such measures, it's possible for exploits and other
unknown threats to infiltrate and cause irrefutable harm
• These may be in terms of reputation or financial penalties
• In such cases, it's very easy to be misused in different unethical practices.
 • If these factors aren’t properly worked on, it might be an avenue for
constant threat
• Various threats still exist in implementing this kind of technology
3.6 Current Trends
• These are the list of the current mobile technologies starting from 5G technologies which
is the hottest mobile technology available in the market.
3.6.1. 5G
• In telecommunications, 5G is the fifth generation technology standard for broadband
cellular networks. Telecoms company began to deploy it in2019, and is the planned
successor to the 4G networks providing connectivity to most current cellphones.
5G networks are predicted to have more than
1.7 billion subscribers worldwide by 2025. 5G networks cellular networks’ service area is divided
into small geographical areas called cells. All 5G wireless devices in a cell are connected to the
Internet and telephone network by radio waves through a local antenna in the cell. It has an
advantage of having greater bandwidth and download speeds up to 10 gigabits per second (Gbit/s).
5G is not only faster than existing networks, 5G can connect more different devices. Due to the
increased bandwidth, the networks will increasingly be used as general internet service providers
(ISPs) for laptops and desktop computers, competing with existing ISPs such as cable internet, and
also will make possible new applications in internet-of- things (IoT) and machine-to-machine areas

4G is the fourth generation of broadband cellular network technology that precedes 5G. A 4G
system must provide capabilities defined by ITU in IMT Advanced. Recent applications include
amended mobile web access, IP telephony, gaming services, high-definition mobile TV, video
conferencing, and 3D television.

• WIMAX standard was first-released commercially and deployed in South Korea in 2006 and
has since been deployed in most parts of the world.
• Long Term Evolution (LTE) standard was first-released commercially and deployed in Oslo,
Norway, and Stockholm, Sweden in 2009, and has since been deployed throughout most
parts of the world. It was to be considered as 4G LTE. The 4G wireless cellular standard was
defined by the International Telecommunication Union (ITU) and specifies the key
characteristics of the standard, including transmission technology and data speeds.
3G or third generation
• 3G mobile telecommunications is a generation of standards for mobile phones and mobile
telecommunication services fulfilling the International Mobile Telecommunications-2000
(IMT-2000) specifications by the International Telecommunication Union. Application
services include wide-area wireless voice telephone, mobile Internet access, video calls
and mobile TV, all in a mobile environment.
Global Positioning System (GPS)
• The Global Positioning System (GPS) is a space-based satellite navigation system that
provides location and time information in all weather, anywhere on or near the Earth,
where there is an unobstructed line of sight to four or more GPS satellites
• The GPS program empowers the military, civil and commercial users around the world
• It (GPS) is the backbone for modernizing the global air traffic system, weather, and
location services.
Long Term Evolution (LTE)
• LTE is a standard for wireless communication of high-speed data for mobile phones and
data terminals
• It is based on the GSM/EDGE and UMTS/HSPA network technologies, increasing the
capacity and speed using new modulation techniques
• It is related with the implementation of fourth Generation (4G) technology.
WiMAX
• WiMAX (Worldwide Interoperability for Microwave Access) is a wireless
communications standard designed to provide 30 to 40 megabit-per-second data rates,
with the latest update providing up to 1 Gbit/s for fixed stations
• It is a part of a fourth generation or 4G wireless-communication technology
• WiMAX far surpasses the 30-metre wireless range of a conventional Wi-Fi Local Area
Network (LAN), offering a metropolitan area network with a signal radius of about 50 km
• WiMAX offers data transfer rates that can be superior to conventional cable-modem and
DSL connections, however, the bandwidth must be shared among multiple users and thus
yields lower speed in practice
Near Field Communication
• Near Field Communication (NFC) is a set of standards for smartphones and similar
devices to establish radio communication with each other by touching them together or
bringing them into close proximity, usually no more than a few centimeters
• Present and anticipated applications include contactless transactions, data exchange, and
simplified setup of more complex communications such as Wi-Fi. Communication is also
possible between an NFC device and an unpowered NFC chip, called a "tag"

NETWORK SECURITY
INTRODUCTION
The transmission of data from one point A on the network to the other point, B is a great
concern and therefore, there is the need to deploy measure that can secure the transmission
of data away from unauthorized individuals. Hence, the need for network security.
Network security is a term that describes the security tools, tactics and security policies
designed to monitor, prevent and respond to unauthorized network intrusion, while also
protecting digital assets, including network traffic. Network security includes hardware and
software technologies (including resources such as savvy security analysts, hunters, and
incident responders) and is designed to respond to the full range of potential threats
targeting your network.

Network security is the defense you use to protect yourself against ever- increasing
cybercrime.
The Three Key Focuses of Network Security
There are three key focuses that should serve as a foundation of any network security
strategy: protection, detection and response.
 Protection entails any tools or policies designed to prevent network security intrusion.
 Detection refers to the resources that allow you to analyze network traffic and quickly
identify problems before they can do harm.
 Response is the ability to react to identified network security threats and resolve them as
quickly as possible.

3.4 Benefits of Network Security

Network security tools and devices enable organizations to protect its sensitive information,
overall performance, reputation and its continuity in business. Secure and reliable networks
protect not just organizational interests and operations, but also any client or customer who
 exchanges information with the organization, in addition to the general public. The benefits
of network security are:
1. Builds trust
Security for large systems translates to security for everyone. Network security boosts client
and consumer confidence, and it protects your business from the reputational and legal
fallout of a security breach.
2. Mitigates risk
The right network security solution will help your business stay compliant with business
and government regulations, and it will minimize the business and financial impact of a
breach if it does occur.
3. Protects proprietary information
Your clients and customers rely on you to protect their sensitive information. Your business
relies on that same protection, too. Network security ensures the protection of information
and data shared across the network.
4. Enables a more modern workplace
From allowing employees to work securely from any location using VPN to encouraging
collaboration with secure network access, network security provides options to enable the
future of work. Effective network security also provides many levels of security to scale
with your growing business.
Network Security Tools and Techniques
Enterprises’ network encounter varying degrees of threats, and therefore should be prepared
to defend, identify and respond to a full range of attacks. However, the reality is that the
biggest danger to most companies are not fly- by-night threat actors, but the attackers that
are well-funded and are targeting specific organizations for specific reasons. Hence,
network security strategy needs to be able to address the various methods these actors might
employ. Here are 14 different network security tools and techniques designed to help you
do just that:
1. Access control: If threat actors cannot access your network, the amount of damage
they will be able to do will be extremely limited. But in addition to preventing
unauthorized access, be aware that even authorized users can be potential threats.
Access control allows you to increase your network security by limiting user access
and resources to only the parts of the network that directly apply to individual users’
responsibilities.
2. Anti-malware software: Malware, in the form of viruses, trojans, worms, keyloggers,
spyware, etc. are designed to spread through computer systems and infect networks.
Anti-malware tools are a kind of network security software designed to identify
dangerous programs and prevent them from spreading. Anti-malware and antivirus
software may also be able to help resolve malware infections, minimizing the damage
to the network.
3. Anomaly detection: It can be difficult to identify anomalies in your network without a
baseline understanding of how that network should be operating. Network anomaly
detection engines (ADE) allow you to analyze your network, so that when breaches
occur, you will be alerted to them quickly enough to be able to respond.
4. Application security: For many attackers, applications are a defensive vulnerability
that can be exploited. Application security helps establish security parameters for any
applications that may be relevant to your network security.
5. Data Loss Prevention (DLP): Often, the weakest link in network security is the
human element. DLP technologies and policies help protect staff and other users from
misusing and possibly compromising sensitive data or allowing said data out of the
 network.
6. Email security: As with DLP, email security is focused on shoring up human-related
security weaknesses. Via phishing strategies (which are often very complex and
convincing), attackers persuade email recipients to share sensitive information via
desktop or mobile device, or inadvertently download malware into the targeted
network. Email security helps identify dangerous emails and can also be used to block
attacks and prevent the sharing of vital data.

CLIENT-SERVER COMPUTING
There are two configurations of networks: Client-Server and Peer-to-Peer networks. In
client server, the client requests resources while the server serves same. In Peer-to-peer
configuration, each node is free to communicate with others or not. The nodes under
this configuration are not over-seen by any node or the other, they relate in a
workgroup.
Client Server Computing
In client-server computing, the client requests a resource and the server provides that
resource. A server may serve multiple clients at the same time while a client is in
contact with only one server. Both the client and server usually communicate via a
computer network, as pictured in figure 1.4.1, but sometimes they may reside in the
same system.

Figure 1.4.1: Client-Server Computing

1.1 Characteristics of Client Server Computing
The salient points for client server computing are as follows:

 The client server computing works with a system of request and response. The client
sends a request to the server and the server responds with the desired information.
 The client and server should follow a common communication protocol so they can
easily interact with each other. All the communication protocols are available at the
application layer.
 A server can only accommodate a limited number of client requests at a time. So it uses a
system based to priority to respond to the requests.
 Denial of Service (DoS) attacks hinders servers’ ability to respond to authentic client
requests by inundating it with false requests.
 An example of a client server computing system is a web server. It returns the web pages
to the clients that requested them.
 1.2 Differences between Client-Server and Peer-to-Peer Computing
The major differences between client-server computing and peer-to-peer computing are
as follows:
 In client server computing, a server is a central node that services many client nodes. On
the other hand, in a peer-to-peer system, the nodes collectively use their resources and
communicate with each other.In client server computing, the server is the one that
communicates with the other nodes. In peer-to-peer computing, all the nodes are equal
and share data with each other directly.
 Client-Server computing is believed to be a sub-category of the peer-to-
peer computing.
1.3 Advantages of Client-Server Computing
 All the required data is concentrated in a single place i.e. the server. So it is easy to
protect the data and provide authorisation and authentication.
 The server need not be located physically close to the clients yet, the data can be
accessed efficiently.
 It is easy to replace, upgrade or relocate the nodes in the client-server model because all
the nodes are independent and request data only from the server.
 All the nodes i.e clients and server may not be built on similar platforms yet, they can
easily facilitate the transfer of data.
1.4 Disadvantages of Client Server Computing
 If all the clients simultaneously request data from the server, it may get overloaded. This
may lead to congestion in the network.
 If the server fails for any reason, then none of the requests of the clients can be fulfilled.
This leads to failure of the client-server network.
 The cost of setting and maintaining a client-server model are quite high.
Discussion
What makes the Client Server configuration peculiar from the Peer-to- peer? Discuss
Characteristics of Client Server Computing
The characteristics of the client-server computing are as follows:
 The client server computing works with a system of request and response.
The client sends a request to the server and the server responds with the
desired information.
 The client and server should follow a common communication protocol
so they can easily interact with each other. All the communication
protocols are available at the application layer.
 A server can only accommodate a limited number of client requests at a
time. So it uses a system based to priority to respond to the requests.
 Denial of Service (DoS) attacks hinders servers’ ability to respond to
authentic client requests by inundating it with false requests.
 An example of a client server computing system is a web server. It returns
the web pages to the clients that requested them.
 BUILDING WEB APPLICATIONS
1.0 INTRODUCTION
A Web app
An interactive computer program, built with web technologies (HTML, CSS, JS),
which stores (Database, Files) and manipulates data (CRUD), and is used by a team or
single user to perform tasks over the internet. The HTML and the CSS serves as the
front-end to receive data from the user while the database, programming like Javascript
and PHP serves as the back-end.
2.0 INTENDED LEARNING OUTCOMES (ILOS)
At the end of this unit, students will able to:
 Explain the concept of an App
 Enumerate the prerequisite for building a web application
3.0 Describe the steps for building a web application
3.1 Building a Web Application (app)-Prerequisites for Building a Web
Application
To make a data-centric web app from the bottom-up, it is advantageous to understand:
 Backend language (e.g. Python, Ruby) - control how your web app works
 Web front end (HTML, CSS, Javascript) - for the look and feel of your web app
 DevOps (Github, Jenkins) - Deploying / hosting your web app
If you do not have any experience with the points above, you need not worry. You have
two options:
1. Learn the points above - there are lots of resources online to help you. Codecademy is
recommend .
2. Use a web app builder like Budibase - As a builder, Budibase will remove the need to
learn a backend language. On top of that, Budibase will also take care of a lot of your
DevOps tasks such as hosting.

3.2 Building a Web Application

3.2.1 Step 1 – Source an idea
Before making a web app, you must first understand what you intend to build and more
importantly, the reason for it.
Your idea should stem from solving someone’s problem. Ideally, your own
problem.
It is important that developer choose an idea which interests him /her. Ask yourself:
 How much time do I have to build this app?
 What am I interested in?
 What apps do I enjoy using?
 What do I like about these apps?
 How much time/money will this app save or generate for me (as a user)?
 How much will it improve my life

3.2.2 Step 2 – Market Research

Once you have chosen your idea(s), it is important to research the market to see:
1. If a similar product exists
 2. If a market exists
The number 1 reason start-ups fail, is the failure to achieve product- market fit.
“Product/market fit means being in a good market with a product that can satisfy that
market.” To quickly find out if a similar web app exists, use the following tools to
search for your idea:
 Google
 Patent and trademark search
 Betalist
 Product hunt
If a similar product exists, do not worry. This can be a sign a market for your new idea
exists. Your future competitors have laid the groundwork, educated the market. It is
time for you to swoop in and steal the thunder. If a similar product does not exist, it is a
possibility you have struck lucky. On the other hand, it is a possibility someone before
has ventured down this path and hit a dead-end.

Nobody wants to experience that, so it is important to dive deep into the market and
source the wisdom of:
1. Your Web App’s target market - Share your web app idea on forums related to your
target market. If you know anyone who works within your target market, explain your
idea to them. The more you talk and receive validation from your target market, the
better.
2. Google Trends - A quick search of your web app idea will reveal relating trends.
3. SEO tool – MOZ/Ahrefs is recommended. Google’s keyword planner will suffice. Write
a list of keywords relating to your web app. If it is an ‘OKR tool’, use the tools to search
‘OKR tool’, ‘OKR app’, and ‘objectives and key results software’. If the SEO tool
indicates there are lots of people searching for your keyword terms, this is a small
indicator you have a target market.
4. Social Media - Jump over to Twitter/Facebook groups and present your idea to your
target market.
5. Events - If there is a local event in your area attracting people from your target market,
go to it. Share your idea and record the feedback.
After completing the above steps, you should have enough information to understand if
there is a market for your product. If there is a market for your product, and there is
also established competition, it is important to research them.
 3.2.3 Step 3 - Define your web apps functionality
You have got your idea, you have validated the market, it is now time to list everything
you want your app to do. A common mistake here is to get carried away. The more
functionality you add, the longer it will take to build your web app. Quite often, the
longer a web app takes to build, the more frustration you will experience.

Only define functionality which solves your target markets problems. Remember, your
web app is a work in progress and the first goal is version
1. It will still have cool features and delight your users, but you must keep things
simple.

For direction, I have included a list of basic functions required for a simple CRM app.
 Users can create an account
 Users can retrieve lost passwords
 Users can change their passwords
 Users can create new contacts
 Users can upload new contacts
 Users can assign a value to contacts
 Users can write notes under contacts
 Users can label a contact as a lead, customer, or associate
 Users can filter contacts by lead, customer, or associate
 Users can view the total value of leads, customers and associates

The above list will help you define your features. Once you are done, roll up your
sleeves. It is time to get creative! Moving from the Ideation stage, to design stage.
3.2.4 Step 4 - Sketch your web app
There are multiple stages of designing a web app. The first stage is sketching using a
notebook (with no lines) and pen/pencil. After step 1, 2 and 3, you should have an idea
of what your web app is, who your users are, and the features it will have. Sketch out
the wireframe of your web apps UI (User Interface) - it does not have to be exact - this
is just a sketch. When sketching, consider the following:
 Navigation
 Branding
 Forms
 Buttons
 Any other interactive elements
Sketch different versions of your web app. Consider how your web app’s functionality
will affect the overall design. Annotate your sketch and
 outline how your app should work. Taking notes will help you clarify and understand
why you have designed certain elements at a later stage. Overcomplicating the design
at this stage will only lead to frustration.

3.2.5 Step 5 – Plan your web apps workflow

It is time to put yourself in the shoes of your user. Here, we are going to plan your web
apps workflow. Now is the time to go back to step 2 and look at your market research.
Take your list of competitors and sign up to their free trials. Have a quick play around
with their product. Write notes on what you thought was good and what you thought
was bad. Pay particular attention to the workflow.

After you have finished analysing your competitor’s web apps, it is time to write down
different workflows for your app. Consider the following points:
 How does a user signup
 Do they receive a verification email
 How does a user log in
 How does a user change their password
 How does a user navigate through the app
 How does a user change their user settings
 How does a user pay for the app
 How does a user cancel their subscription

All of a sudden our one-page web app turns into a 10-page web app. Write a list of all
the different pages your web application will have. Consider the different states of
pages. For example, the homepage will have two states; logged in and logged out.
Logged in users will see a different page than logged out users.

3.2.6 Step 6 – Wireframing / Prototyping Your Web Application

Ok, it is time to turn those sketches and that new-found understanding of your web
application into a wireframe/prototype.
Wireframing is the process of designing a blueprint of your web application while
Prototyping is taking wireframing a step further, adding an interactive display.
The decision to wireframe or prototype is up to you. If you have the time, I would have
recommended prototyping as it will make it easier to communicate your web app when
seeking validation.
You can prototype/wireframe using the following tools:
 Sketch (macOS)
 InVision Studio (macOs)
 Adobe XD (macOS, Windows)
 Figma (Web, macOS, Windows, Linux)
 Balsamiq (macOS, Windows, Web)
I recommend you create a design system / style guide first. You can find inspiration at
UXPin. Design systems improve design consistency. But it’s not required.

3.2.7 Step 7 – Seek early validation

You have now got a beautiful wireframe/prototype which visually describes your web
app. It is time to show your beautiful wireframe to the world. At this stage we want
constructive feedback.
Simply asking your friends would they use your new web app is not enough. You
 should start with a small number of representative users. Go to your target market’s
forums, watering holes, their places of work and verify the problem with them, and
present your solution. Try to build a rapport with these representatives as they could
become your customers. I like to use this stage to test my sales pitch - the ultimate
tokens of validation are pre-launch sales. Takes notes and document all feedback. The
learning from these meetings will help direct the development of your MEP (Minimal
Excellent Product).

Ok, now you have got great feedback and product validation. It is time to start building
your web app.

3.2.8 Before Starting the development stage.

Before we make our web app, I would like to share the following tips:
1. Attempt to get a small section of your app fully working. What we would call a
“Complete Vertical”.
o Building the smallest possible section will allow you to piece all the bits together, and
iron out those creases early.
o You will get great satisfaction early by having something working - great motivation.
o Create things that you know you will throw away later - if it gets you something
working now.
2. At the start - expect things to change a lot as you learn and discover what you
have not thought about.
o Have faith that your app will stabilise.
o Do not be afraid to make big changes.
3. Spend time learning your tools.
o You may feel like you are wasting your time, reading, or experimenting with “hello
world”. Learning the correct way to do things will have a huge positive, cumulative
effect on your productivity over time.
o Where possible, “Go with the grain” of your tools. Realise that as soon as you step out
of the normal flow / usage of your toolset, you are on your own and could be in a deep
time sink. There are always exceptions to this of course!
4. Do not avoid issues that need to be fixed.
o Face your issues head on - they will never go away and will only grow in stature.
o However, If things are still likely to change - its best to spend as little time as possible
on things… It’s a tricky balance!

3.2.9 Step 8 – Architect and build your database

So, we know roughly our web application’s functionality, what it looks like, and the
pages required. Now it is time to determine what information we will store in our
database.

A Database
A database is simply a collection of data! Data can be stored to disk, or in memory on a
server, or both. You could create a folder on your hard drive, store a few documents,
and call it a database. A Database Management System (DBMS) is a system that
provides you with consistent APIs to (most commonly):
 Create databases, update and delete databases
 Read and write data to databases
 Secure access to a database by providing levelled access to different areas and functions
 What data you need to store and what your users need to do, will determine the type of
database required to run your web app.

Database Types
There are many types of database for many different purposes. A web app will most
commonly use one of the following:

a. SQL
You should use a SQL database if your data is very relational. Your data is relational if
you have multiple, well defined record types that have relationships between them. For
example, a “Customer” may have many “Invoices” stored against their record.
Typically, you would create a Customer table and an Invoice table - which could be
linked together by “Foreign Key” columns. E.g. Customer.Id = Invoice.CustomerId.
SQL databases have an extremely powerful query language that allows you to present
your data in all sorts of useful ways. They have been around for decades, are very well
understood, and usually a safe choice.
MySQL, Postgresql, Microsoft SQLServer are some of the most common - along with
many more modern offerings.
The downside of SQL databases is that you must declare all your tables and columns
up front. There can be a lot of overhead to manage. If you have never used one before –
you are in for a pretty steep learning curve. However, there are plenty of learning
resources available, and it is always a great skill to have.

b. Document Database
You should use a document database if your data is not very relational. Document
databases store “documents”. Each record in your database is simply a big blob of
structured data - often in JSON format. If you need to store relationships between your
records, you will have to write code to manage this yourself. However, many other
aspects of using document databases are much simpler. Your database can be
“schemaless” - meaning that you do not have to declare your records’ definitions up
front. Generally speaking, the bar to entry to a document database is much lower. They
also tend to be much more scalable than SQL databases. They usually offer some
querying capabilities, although sometimes not as powerful as SQL. Examples of
document databases are: MongoDb, CouchDb, Firebase (serverless), Dynamo Db
(AWS).
Decide how to segregate your data
Each of your clients has their own, private dataset. One of the worst things that can
happen to your app is for one client’s data to be seen by another client.

Even if there is only a small amount of non-sensitive leaked data, and no damage is
done, an event like this will massively erode trust in the security of your app. You must
architect a solid strategy for segregating your clients’ data to make sure that this never
happens. Broadly speaking, you have two options - Physical Separation and Logical
Separation.

Physical separation
Every one of your clients has a separate database (although could share a database
server with others). This makes it much more difficult to make a mistake that leads to
 data leakage.

Pros:
 Most secure
 More scalable
Cons:
 Managing, maintaining and upgrading is more complex
 Query all your clients’ data together is more difficult
For example, listing all Invoices in a database will only return Invoices for one of your
clients. In order to get another Client’s invoices, you need to connect to another
database.

Since each of your client’s data is in its own database, you can easily spread them all
across many database servers, without the need for “sharding”. Your app will be much
easier to scale this way.
The code you will need to write:
 When creating a new client, you need to create a new database and populate with any
seed data.
 You need to keep a record somewhere of all your clients, and how to connect to each
client’s database.
 If you need to upgrade your database (e.g. add a new table), you need to code to upgrade
each separately.
 If you need to query all your client’s data into one, you need to pull the data out of each
and aggregate it.

Logical separation
All of your clients are stored in one giant database. Every time you need to get data for
a single client, you must remember to include a filter for the client. E.g. ‘select’ from
customers where customerClientId = “1234” Pros:
 Easier to get started
 Easier to maintain and upgrade
 Can easily query all your clients’ data with one query
Cons:
 Easy to make a mistake that will result in a data breach
 More difficult to scale

You now only have one database to manage. Setting this up and connecting to your
database is easy. Your speed to market increases. When you need to upgrade your
database, you can do so with a few clicks, or by typing a few commands. It is very easy
to add new features. As you gain more users, your database will grow to millions of
rows. Put some effort into how your database handles this extra volume and load. You
will have to start tuning your queries.
When you’re under pressure, it is so easy to forget to include that “where clientId =
1234” filter. Doing so could result in a business ending data breach.
Ensure your database is secured. You should look into best practices for securing
your particular database. Some databases come with a default administrator login,
which people often forget to change. This could leave your data open to the world.
From the start, you should create a login with “Just Enough” access. If your app only
reads and writes data, then it should authenticate to your database using a login with
 only data reading and writing access.

3.2.10 Step 9 - Build the frontend

Note: In reality, you will build your backend and frontend at the same time. But for this
post, we’ll keep it simple.

A frontend
The Frontend is the visual element of your web application. It defines what you see and
interact with. The frontend is developed with HTML, CSS, and JavaScript.
If using server pages, getting started is super easy. Your backend framework is all set
up and ready to start building. This is where the huge benefit lies with server pages.
With SPA, it’s a little trickier.
First, you need to set up your development environment. The components of this will
be:
1. A code editor, such as VS Code, Sublime Text
2. A compilation, and packaging framework:
 Webpack
 Gulp
 Grunt
This is also used for serving and “Hot Loading” your application at development time,
on a nodejs web server, running on localhost.
3. A frontend framework (strictly not necessary, but highly advised unless
you are an experienced frontend developer):
 React
 Ember
 Vue
 Svelte
The list is endless!
4. Configuring your packaging tool to talk to your backend - which is most likely running
on a different port on localhost. Usually, this is done using Node’s HTTP proxy. Most
packaging solutions have this option built-in, or available as plugins. This point
commonly gets people stuck, and may need a diagram. Remember - if you write your
backend API in C Sharp (for example) then at development time, you will be running it
on a local web server, through your code editor. i.e. your frontend and backend are
running on 2 different web servers, in development. However, in production, your
frontend should (probably) be running on the SAME web server as your backend -
mainly because you want them to run under the same domain.
This means a few things:
 At dev (development) time, your frontend should make API requests to its own (Nodejs
server - e.g. Webpack dev server). This Nodejs server should then proxy all “/api”
request to your backend server.
 When building for production, you need to get your compiled frontend files into your
backend server - so they can be served as static files. You can copy and paste the files in
when you deploy, but you will want to set up some sort of script to do this.
There is always a significant time required to set up your dev (development)
environment for a SPA. There are plenty of boilerplate templates out there for your
frameworks of choice. However, I have never written an app that has not eventually
needed some custom code on top of the boilerplate.
Still, I always choose a SPA.
 The end product for a web app is a much more usable application.
 When you are up and running with your dev environment, I find SPAs much more
productive to work with - which is more likely to do with the capabilities of modern
javascript frameworks than anything else.
 Writing a SPA is really the only way to make a Progressive Web Application.

You should now have a better idea of how to setup your frontend and define the look
and feel of your web app. In most cases, I build the frontend and backend together.

3.2.11 Step 10 - Build your backend

The backend is typically what manages your data. This refers to databases, servers, and
everything the user cannot see within a web application. Building your backend is one
of the toughest parts of web app development. If you feel overwhelmed, a tool like
Budibase can take away many of the complexities - including the following tasks. If
you feel confident, continue.

When building your web app, you need to choose between:

 Server Pages (Multiple Page Application) and
 Single Page Application

“But is not this the frontend?” - I hear you say. Yes! But your choice will affect how
you develop your backend.

The primary jobs of the backend will be to:

 Provide HTTP endpoints for your frontend, which allow it to operate on
your data. E.g. Create, Read, Update and Delete (“CRUD”) records.
 Authenticate users (verify they are who they say they are: a.k.a log them
in).
 Authorization. When a logged in user makes a request, the backend will
determine whether they are allowed (authorized) to perform the requested
action.
 Serve the frontend

If you have chosen Server Pages, your backend will also be generating your frontend
and serving it to your user.
With a single page app, the backend will simply serve your static frontend files (i.e.
your “Single Page” and it is related assets).
When choosing your backend:
 Go with what is familiar.
 Try Budibase
 Server Pages / SPA should inform your decision of framework choices
within your chosen language. For example, a SPA will only require an
API only framework. Server pages need their own framework.
o Django
o Express
o Flask
Login/User & Session Management
 How will users authenticate?
o Username and password?
 o Open ID (i.e. sign in as Google, FB, etc)
 Be sure to read up on security best practices. I highly recommend:
OWASP
 What user levels will you create in the system?
Environments. You will usually need to create multiple environments. For example:
 Testing - for all the latest development features.
 Beta - to give early releases to clients.
 Production - Your live system.

3.2.12 Step 11 - Host your web application

Hosting involves running your web app on a particular server. When using Budibase,
this step can be automated with Budibase hosting . With Budibase, you are still
required to buy a domain. If you are not using Budibase to host your web application,
follow these quick steps:
1. Buy a domain - Namecheap
2. Buy/Setup an SSL certificate - Let’s Encrypt
3. Choose a cloud provider:
 Amazon
 MS Azure
 Google Cloud Platform
 Lower cost: Digital Ocean / Linode - if you are happy managing your own VMs
 Zeit Now, Heroku, Firebase are interesting alternatives that aim to be faster and
easier to get things done - you should read about what they offer.

Choosing one of these hosting options will almost certainly provide you with
everything you need. They have ample documentation and community supports, and
are generally reliable options.
3.2.13 Step 12 - Deploy your web app
You have sourced your idea, validated it, designed and developed your web app, and
chosen your hosting provider. You are now at the last step. Well done!
The deployment step includes is how your web application gets from your source
control on your computer to your cloud hosting from step 11. How does your
application get from Source Control / Your computer to your cloud hosting provider?
The following development tools provide continuous integration and will help you with
deploying your web app to your cloud hosting:
 GitLab
 Bitbucket
 Jenkins
To start with, you can just deploy directly from your machine of course. You have
made a web application. Well done. You should take some time to celebrate this
achievement. You are the proud owner of a new web app.
Discussion
How can cybercrime be mitigated? Discuss
4.0 SELF-ASSESSMENT/EXERCISE
1. Mention and explain the Database types.
There are many types of database for many different purposes. A web app will most
commonly use one of the following:
 a. SQL
You should use a SQL database if your data is very relational. Your data is relational if
you have multiple, well defined record types that have relationships between them. For
example, a “Customer” may have many “Invoices” stored against their record.
Typically, you would create a Customer table and an Invoice table - which could be
linked together by “Foreign Key” columns. E.g. Customer.Id = Invoice.CustomerId.
SQL databases have an extremely powerful query language that allows you to present
your data in all sorts of useful ways. They have been around for decades, are very well
understood, and usually a safe choice. MySQL, Postgresql, Microsoft SQLServer are
some of the most common - along with many more modern offerings.

The downside of SQL databases is that you must declare all your tables and columns
up front. There can be a lot of overhead to manage. If you have never used one before –
you are in for a pretty steep learning curve. However, there are plenty of learning
resources available, and it is always a great skill to have.

b. Document Database
You should use a document database if your data is not very relational. Document
databases store “documents”. Each record in your database is simply a big blob of
structured data - often in JSON format. If you need to store relationships between your
records, you will have to write code to manage this yourself. However, many other
aspects of using document databases are much simpler. Your database can be
“schemaless” - meaning that you do not have to declare your records’ definitions up
front.
Generally speaking, the bar to entry to a document database is much lower. They also
tend to be much more scalable than SQL databases. They usually offer some querying
capabilities, although sometimes not as powerful as SQL. Examples of document
databases are: MongoDb, CouchDb, Firebase (serverless), Dynamo Db (AWS).

2. What do we mean by the backend, the types and what determine your backend choice?
Explain.
The backend is typically what manages your data. This refers to databases, servers, and
everything the user cannot see within a web application. Building your backend is one
of the toughest parts of web app development. If you feel overwhelmed, a tool
 like Budibase can take away many of the complexities - including the following tasks.
If you feel confident, continue.
When building your web app, you need to choose between:
 Server Pages (Multiple Page Application) and
 Single Page Application
“But is not this the frontend?” - I hear you say. Yes! But your choice will affect how
you develop your backend.
The primary jobs of the backend will be to:
o Provide HTTP endpoints for your frontend, which allow it to operate on your data. E.g.
Create, Read, Update and Delete (“CRUD”) records.
o Authenticate users (verify they are who they say they are: a.k.a log them in).
o Authorization. When a logged in user makes a request, the backend will determine
whether they are allowed (authorized) to perform the requested action.
o Serve the frontend
If you have chosen Server Pages, your backend will also be generating your frontend
and serving it to your user.
With a single page app, the backend will simply serve your static frontend files (i.e.
your “Single Page” and it is related assets).

When choosing your backend:

o Go with what is familiar.
o Try Budibase
o Server Pages / SPA should inform your decision of framework choices within your
chosen language. For example, a SPA will only require an API only framework. Server
pages need their own framework.
 Django
 Express
 Flask
7. Endpoint security: The business world is becoming increasingly, “bring your own
device” (BYOD), to the point where the distinction between personal and business
computer devices is almost non-existent. Unfortunately, sometimes the personal
devices become targets when users rely on them to access business networks. Endpoint
security adds a layer of defense between remote devices and business networks.
8. Firewalls: Firewalls function much like gates that can be used to secure the borders
between your network and the internet. Firewalls are used to manage network traffic,
allowing authorized traffic through while blocking access to non-authorized traffic.
9. Intrusion prevention systems: Intrusion prevention systems (also called intrusion
detection) constantly scan and analyze network traffic/packets, so that different types of
attacks can be identified and responded to quickly. These systems often keep a database
of known attack methods, so as to be able to recognize threats immediately.
10. Network segmentation: There are many kinds of network traffic, each associated with
different security risks. Network segmentation allows you to grant the right access to
the right traffic, while restricting traffic from suspicious sources.
11. Security information and event management (SIEM): Sometimes simply pulling
together the right information from so many different tools and resources can be
prohibitively difficult — particularly when time is an issue. SIEM tools and software
give responders the data they need to act quickly.
12. Virtual private network (VPN): VPN tools are used to authenticate communication
between secure networks and an endpoint device. Remote-access VPNs generally use
IPsec or Secure Sockets Layer (SSL) for authentication, creating an encrypted line to
block other parties from eavesdropping.
13. Web security: Including tools, hardware, policies and more, web security is a blanket
term to describe the network security measures businesses take to ensure safe web use
when connected to an internal network. This helps prevent web-based threats from
using browsers as access points to get into the network.
14. Wireless security: Generally speaking, wireless networks are less secure than
traditional networks. Thus, strict wireless security measures are necessary to ensure
that threat actors are not gaining access.