State informations keeping methods using HTTP

Thesis title: Metody udržování stavových informací v protokolu HTTP
Author: Novák, David
Thesis type: Bakalářská práce
Supervisor: Pinkas, Otakar
Opponents:
Thesis language: Česky
Abstract:
Práce se zabývá využíváním služeb WWW v internetu při komunikaci prostřednistvím bezestavového protokolu HTTP. Dnes ale webové aplikace potřebují uchovat stav k zajištění svých funkcí. Nejprve je popsán protokol HTTP 1.1, poté stavové informace, jejich členění a metody uchovávání a přenosu. Další oddíl popisuje proxy a cache servery, ukládající záložní kopie dat pro opětovné použití a ušetření přenosových kapacit sítě. Rozšířením protokolu HTTP o možnost uchování stavových informací jsou cookies. Zhodnocena jsou bezpečnostní rizika a implementace. Popsána je také platforma P3P zabývající se ochranou soukromí uživatelů. Praktickou část tvoří aplikace implementující několik popsaných metod zajišťujících bezpečnost a ochranu soukromí.
Keywords: HTTP; WWW; stavové informace; session-id; cookies; P3P; proxy
Thesis title: State informations keeping methods using HTTP
Author: Novák, David
Thesis type: Bachelor thesis
Supervisor: Pinkas, Otakar
Opponents:
Thesis language: Česky
Abstract:
The mission of this batchelor thesis is to give complete view to the problems concerning usage of interactive WWW services in the internet, where the communication is runned by HTTP protocol. This protocol is stateless. It means, that no information is stored between each connection. Nowday’s interactive web applications needs state informations for their proper functionality. That’s why this thesis considers methods of storing and transmission of state informations. In the first part is HTTP protocol described with mentions to the historical development. Actual version HTTP 1.1 is mainly focused. Next part is addicted to state informations, to the definition explanation, classification and methods of storing and transmitting theese informations. Following section is concerned with communication intermediaries in HTTP protocol. It means proxy and cache servers, which saves backup coppies of data for faster reusing and transmission capacities saving. This system brings along many problems, which are discussed in context of internet activity. References to extension of HTTP protocol for carrying state informations are highlighted. This is cookies. Their security risks are being discussed and also implementation in the relation to other methods is evaluated. In context of cookies is described P3P platform concerning protection of users privacy. Practical part consists of trivial application implementing the best of methods described here from the view of security and protection of privacy. Whole work might serve to the web application builder, it helps to understand patterns and to detect appropriate security risks.
Keywords:

Information about study

Study programme: Aplikovaná informatika/Informatika
Type of study programme: Bakalářský studijní program
Assigned degree: Bc.
Institutions assigning academic degree: Vysoká škola ekonomická v Praze
Faculty: Faculty of Informatics and Statistics
Department: Department of Information and Knowledge Engineering

Information on submission and defense

Date of assignment: -
Date of submission: -
Date of defense: 2006

Files for download

The files will be available after the defense of the thesis.

    Last update: