Introduction

1. The Birth of an Idea
   

   For my final semester at Villanova, I have decided to create an online real-time automobile auction for my independent study.  This idea is unique in that even though there are many auction sites on the world wide web for automobiles, I failed to find any that offered real time interaction.  My supervisor on this assignment is Dr. John Lewis.  He is highly respected in the Villanova community as well as among the Computing Sciences field and I am sure he will offer excellent guidance as I pursue this topic.
   

2. Why an Auto Auction?
   

   1. My background - I have been fortunate enough to have been involved with the used car industry for many years.  My family operated a used car dealership in Northeast Pennsylvania for over thirty years.  During the times when I worked at the dealership, I was not only involved in dealer preparation, but used car sales and purchasing.  Our inventory was purchased exclusively from various auto auctions in the Pennsylvania and New Jersey areas, specifically from Manhiem Auto Auction in Manhiem, PA.  This knowledge coupled with my computer science experience has led me to believe that incorporating auction technology at the used automobile level is reasonable and appropriate considering the current state of technology.
      
      

   2. Improve Customer Base - I hesitate to suggest that this auction site would "increase" the customer base of an auto auction such as Manhiem because there is already a tremendous amount of diversity within the auction buyers.  Although, obviously a great number of the Manheim's customers are local to the auction itself (most averaging around 60-70 miles away), there are a vast number of dealers that fly in from all over the United States to attend the auction, which occurs every Friday and every other Thursday.  By improving the auction's customer base, I  suggest that dealers that already attend Manhiem on a regular basis would now have the option whether or not to attend the actual sale.  They would be able to purchase autos for their inventory from the comfort of their homes or dealerships.  Sellers would also benefit from more potential bidders on his or her car, which would potentially increase selling prices.  On a more grand scale, one might believe that through this process, you would actually be determining more accurate market values of the automobiles being sold (This is the same concept of an open stock exchange determining market values for shares of companies).
      
      

   3. Industry Growth Management - The wholesale auto auction industry has seen massive growth over the last ten years.  Manhiem alone has seen an annual increase of around 20 percent in units registered for the Friday auction (this doesn't even take into account the additional two auctions per month from the Thursday sales).  Obviously, these automobiles must be on the premises for the auction, which had led to a storage lot that spans for acres and has become almost unmanageable for pre-sale inspections.  Since pre-sale inspections are all but a thing of the past, an online auction seems even more feasible, especially as many wholesalers guarantee their pre-sale claims of an auto's fitness.  At Manhiem, there are approximately 26 auction blocks going on at any given time, thus it has become difficult to track numerous vehicles during a typical day as well as the auction blocks themselves becoming entirely to congested with buyers.  An online auto auction would thus not only benefit those dealers that would rather not deal with this expansive process, but also those dealers who would rather not take part in such online transactions by removing some of the congestion from the auction block.
      
      
      

3. Why Webcasting?
   

   1. Maintain Original Feel - By allowing dealers to view the automobiles they intend to bid on in a live format, you will maintain much of the original feel of the auction.  This provides the buyers with views a specific details of a vehicle such as scratches, body damage, and special features.  This is essential to determining the value of an auto because simply stating that a car need body work does not provide enough information to determine repair costs.  They need to see the other dealers that may be bidding on a particular car, either those at the auction block or those dealers also online.  Bear in mind that this is an open process, so even if it goes online, it must maintain at least some semblance of that openness.  Dealers also would like to know what auctioneer happens to be operating a particular lane.  Some auctioneers run the vehicles faster than others through the lanes and some auctioneers are notorious for "pushing" a car.  "Pushing" is a technique where an auctioneer will take bids that do not exist.  Suppose a seller wishes to get $20 thousand for the vehicle they are selling and the current bidding is only at $15 thousand.  Well, the job of the auctioneer is to get the car sold for as much as possible and under these circumstances, this would be a no sale.  "Pushing" essentially gives the seller a better shot of selling to a buyer that may consider paying much more for a car anyway (assume there was only one bidder).  As you could imagine, buyers want to be aware of this "pushing" because it is often a disadvantage.  Webcasting is the only possible scenario where an online bidder can be exposed to these scenarios. 
      
      
      

   2. Dealers Fear Change - The auction industry, especially with high priced items, hasn't really changed much.  I feel it represents capitalism at its purest form.  That is, it functions much upon the principals of survival of the fittest, which the dealers involved understand.  The majority of the buyers are spending their own money (even owners of larger dealerships enjoy doing their own buying).  Thus, many dealers may not feel entirely in control  with an online auction.  Again, webcasting is the only potential selling point to convince these "old school" dealers.
      
      
      

   3. High Priced Transactions - As one knows, in most situations, the purchase of an automobile is an expensive proposition.  It is quite understandable that buyers would be concerned about spending thousands of dollars over the internet.  In most cases, the only way they might consider such a transactions is if they are from extremely reliable vendors (such as Mercedes-Benz discussed below), guaranteed secure, and maintain the same amount of information needed to make the initial purchase.  As for reliable vendors, this is why I have chosen Mercedes-Benz as our seller.  In addition, the concepts of security will be discussed in much detail throughout this report.
      
      

4. Determining My Audience
   

As I have stated, my background in the used automobile industry and my understanding of used car auctions should hopefully benefit my research on this topic.  When considering an auction of this type, I must first describe my primary audience.  After analyzing popular automobile auctions I decided to choose Dealer Only Wholesale auctions.  They represent the largest percentage of automobile auctions in the United States.  In addition, the largest auction group happens to be Manheim Auto Auctions,  which originated in Manheim, PA.  At a typical dealer only auction, there are basically four major types of sellers:  independent dealers, franchise dealers, wholesalers, and credit/leasing companies. 

 

I have decided to focus this study on the Credit/Leasing companies, specifically manufacturer sponsored auctions (i.e. Mercedes Benz Credit Corporation, Volkswagen Credit VCI, Jaguar of North America).  This was done for numerous reasons.  First of all, they tend to have an organized process of reconditioning their cars, as well as knowing, in advance, exactly which group of cars will be auctioned in a given day.  They also maintain fairly accurate description of specifics on each car, such as previous bodywork, inaccurate odometer readings, and any dealer service history on each car.  Finally, they have detailed policies on purchases regarding arbitration procedures (Note:  These arbitration procedures come into effect when there is a dispute in the description of the auto as compared to the actual car.)  More specifically, my project will focus on the policies of the Mercedes Benz Credit Corporation, who I feel, due to their professionalism in the auction business, will benefit most from the technology model I intend to create. 

By default, since my choice of dealer-only auctions, my end-user audience will be any dealer who is authorized to buy automobiles from Mercedes-Benz Credit Corporation.

5. Initial Issues

As I see it, there are seven major issues regarding the implementation of this technology.  They are primarily:

1. Web Camera Issues
   

   There are a few different variations of how web cameras can be used to enhance this technology.  There are choices on how the camera's will be controlled.  Will the buyer (end-user) have control with camera movement or will there be numerous stationary cameras that will show various angles?  I have decided that I will go with various stationary cameras due to the fact that since only one user could control the movement at any given time, there is little use for a mobile camera when there are numerous bidders.  In addition, there is a cost associated with these cameras and since not only would you require many, but they can become quite expensive as the quality increases.
   
   

2. Real-Time Auction Concerns
   

   Regarding the use of real time auctions, there are many issues that arise.  First of all, as a server is flooded with requests, it may be difficult to maintain actual real time.  The servers will need to be able to handle these requests and the buyers will need adequate bandwidth to accomplish their tasks.  The most cost effective method of having buyers with adequate equipment would be to require the use of cable modems, DSL, etc.  At first glance, one might begin to look at common auction websites and develop a real-time auction from my analysis, but actually I intend to research how many chat rooms on the world wide web function and then build from them.  Chat rooms already contain the real-time communication aspect that users are commonly using.  Obviously, the encoding and decoding of data with a webcast takes time.  I will discuss current technology and how it compensates for this.
   

3. Server Software/Hardware

Obviously, reliability in this auction scenario is of the utmost importance.  Due to the size of these transactions (Mercedes-Benz Credit Corp. has an average selling price of about $35 thousand per unit), it is imperative that they are performed accurately and efficiently.  My discussion of webcasting below will examine potential server implementations as well as performance tests of these.  

4. Networking Technology

   Even with the most powerful servers and a series of sophisticated cameras, a weak and slow network will make your entire process fruitless.  Due to the expansion of broadband applications at reasonable prices, this desire to have adequate networks to handle the massive use of bandwidth for a webcasting auction.  In the report below, I will examine the technology behind these networks and compare cost vs. benefits in the current market.

5. Security Issues

   Obviously, security become one of the most important issues due to the nature of this business. 
   Automobiles are expensive items, especially luxury makes such as Mercedes Benz. Because of this, it
   is important that buyers are legitimately bidding on a particular unit and they are also licensed to bid at
   all. In addition, it is imperative that non-dealers do not have access to the bidding arena nor the
   information being produced. As one could imagine, access to fraudulent information could result to hundreds of thousands of dollars in theft.  I intend to discuss common secure transaction systems used on the web today that ensure proper authentication.

Webcasting Technology

1. General Definition

   With the appropriate equipment to capture, encode, stream and store (if required) audio and video, anyone can create live or on-demand webcasts. On-demand webcasts relate to information that is streamed from stored files on a given Web/Streaming server.  On the other hand, live broadcasts occur when data is streamed directly from its source (camera, microphone, inputted text, etc.).  Only three requirements are necessary to webcast; a PC, a server PC running Windows NT/2000 or UNIX/Linux, and a high speed Internet connection.

   The basic webcast process involves analog or digital video signals traveling via shielded cable from the camera to the encoding PC. At the same time the audio travels via shielded cables either from the camera or from a sound board to the encoding PC.

   The encoding PC converts the analog/video signals to a digital format and then streams the file over an ISDN line to the server. The server will then serve the streams to the people connecting to it. The server can also propagate a stream or streams to other servers, which can feed more end users. The following section describes in detail, the various aspects of webcasting that relate to capturing the video, encoding schemes, server technology, networking protocols and standards, and client viewing needs.  Furthermore, a brief summary of some webcasting standards and political issues and an examination of a case study done for an online webcaster.
   
   

2. Capturing the Video

   1. Features
      
      

      1. Resolution - This describes the clarity or sharpness of an image.
         
         

         1. Analog - the number of video scan lines that cross a screen horizontally.

         2. Digital - Also called capture area, this relates to the number of pixels that would be used to encode a digital signal.
            
            

      2. Contrast - This is the difference between the lightest and darkest points in video.  A high contrast image has well defined edges where as low contrast image would have blurred edges.
         
         

         1. Analog video allows an infinite number of shade between the light and dark points due to the continuous nature of an analog image.

         2. Digital video has a discrete number of shades encoded into it.  This number is called an images luminance, which is the number of shades of gray between the lightest and darkest points.
            
            

      3. Frame Rate - This is the number of images used to provide the illusion of movement in a given amount of time.  Television allows about 25-30 frames per second and currently webcasts run at about 10-20 frames per second.  Obviously, the higher the frame rate, the better quality the image.
         
         

      4. Color - This is measured as chrominance, which involves hue and saturation.  The hue is the color of the image and the saturation is the intensity of the color.
         
         

         1. Analog video encodes and infinite number of colors.

         2. Digital video, on the other hand, encodes only a certain number of color that can range anywhere from 256 to the millions.  In addition, dithering is an effect used in digital video that patterns two colors to mimic third shade.
            
            

      5. Synchronization - This is the correct alignment of sound and video.
         
         

         1. Analog video is synchronized by the use of time codes written in the media itself.  This code was created by the Society of Motion Picture and Television Engineers (SMPTE).

         2. Digital video - The above format is so popular that many digital systems are capable of reading SMPTE.  This allows the data to be resynchronized if necessary in digital form.
            
            

   2. Video Capturing Devices - This consists of a system that focuses an image onto a light transducer called a charge-coupled device (CCD), which then converts the light into an electrical signal.  A camera then "dumps" the electrical signal to an analog or digital output channel, which can be video equipment, computers, etc.
      
      

      1. Analog Camcorders - These are analog recording devices that convert the electrical signal to magnetic tape.  Types include:  VHS, still quite popular but relatively low quality; 8mm, Hi-8, which are slightly of a higher quality, and laser disks.  The big advantage of working with analog video as the primary source is the ease of archiving (ie on video tape vs hard drive). Professional analog video sources are relatively less expensive than professional digital video sources. Analog formats such as Hi-8 and SVHS provide excellent signal strength and resolution for the PC video studio. Although it can be argued that digital sources do not suffer from signal loss, the analog source can be kept clean by using good quality cables. In camcorders, the digital signal within the camera is converted to an analog signal in its output channel.  If one intends to use this signal by a computer, it must then be digitized by either a standard video card or more appropriately, a video capture card.  These video capture skills can range anywhere from under $100 to a few thousand dollars.
         
         

      2. Webcams - Common today, webcam purchases have increased 6 times in the past 3 years.   This form of webcasting is more easily described as a slide show--images are refreshed anywhere from once a day to every second in common image format such as .jpg and .gif. They remain inexpensive because they utilize the computer's processor(s) to process the video signal, thus frame rates and screen sizes depend on processor speed and main memory (RAM).  Frequently, webcams output to parallel ports or USB connections.
         
         

         
         
         
         

      3. Digital Video (DV) Cameras - Sources of digital video include a camcorder, video camera, digital television, and DVD, etc. The camera signals go through analog to a digital converter and the video data is compressed and then recorded on a MiniDV cassette or some other storage media. Digital images are then downloaded to a computer.

         Generally DVC's have sharper shooting then analog camcorders. Digital camcorders record about 500 lines of horizontal resolution compared to SVHS which records about 400 lines. Most DVC's are immune to signal interference and do not deteriorate from copy to copy. The quality of the audio is also good, DVC's can record in 16 bit stereo the same quality as audio CD's. Many DVC's have an IEEE 1394 port that allows them to plug into the back of a PC's parallel port.  High speed video transfer from the DV camcorder can be accomplished using Firewire, which is capable of 100-400 megabits per second transfers.
         
         
         
         
         
         
         

   3. Archiving - The amount of storage space required to store the webcast material depends on the compression ratio used/ achieved by the encoding software. However even compressed video requires large amounts of storage space. Dedicated storage systems are an important component of a webcasting system, especially if an organization will be archiving video on a regular basis.
      
      

      1. Magnetic Tape
         
         

         1. VHS - .5 in. tape in three formats Standard Play (SP), Long Play (LP), and Extended Play (EP) in relatively low quality but great affordability.

         2. Super VHS - .5 in tape that is 70 percent sharper than VHS.  Most Macintosh systems have built in capturing systems for this Super VHS.

         3. Betacam - .75 in tape that benefits from the better larger tape size and tape speed.  This format is not used much in residential applications and has quality that would not be utilized in your standard webcast.

         4. 8mm - This has a high quality sound, but video on par with VHS.

         5. Hi-8 - It is compatible with 8mm, but with 400-500 lines of resolution and similar sound quality.
            
            

      2. Digital Storage Media - See Webcasting Servers hard drive and backups.

       

3. Codecs
   

   Whether producing a live webcast or archiving for on-demand streaming media, video data must be compressed to a file size that can be played back on a computers since digitized video files are very large (10 seconds of uncompressed video can take approximately 15-20 Meg of hard drive space). Codec schemes have been developed to offer a solution to managing these large files. A codec is a term used to describe technology for compressing and decompressing data or more precisely an algorithm that is used to compress a file and then read it again later (zipping and unzipping files is an example of the use of a codec). A compression scheme reduces the incoming and outgoing stream of video to a rate that the PC can manage. Note that in order to go from uncompressed data to a 28.8Kbps modem rate, a compression ratio of about 12,000 to 1 is required.  This is why the use of complicated compression schemes such as lossy compression technology, which saves only the information that changes between each frame of video, is necessary. Although this may slightly degrade the video, hence the name "lossy", the smaller file size makes it much easier for a PC to manage. There are many codecs available, including MPEG, Cinepak and Indeo, and more discussed below.
   

   1. Sorenson Video - has been QuickTime's primary video codec since the release of QuickTime.  The Sorenson Video Codec is a lossy compression technique that produces Web video suitable for playback on most PCs and provides high quality video using a small amount of bandwidth for streaming over the Internet. Sorenson video looks great at 320x240 pixels, but only if streamed at rates higher than 100Kbs, which is only available with more expensive broadband connections. The Developer Edition of the Sorenson Codec allows for temporal scalability in which video plays at a high frame rate on fast broadband connections and lower frame rates on slower standard modem connections. One of the biggest drawbacks to using this codec is it takes a long time to encode media, which results in the need for fast encoding PCs. In addition to long compression times, areas on the uncompressed video with highly saturated color tend to look blocky after the encoding.
      
      

   2. Real G2 with SVT - RealSystem uses RealVideo with Scalable Video Technology (SVT) as its primary video codec. This codec has the ability to "scale" its behavior depending on a comparison of connection bit rate to the encoding bit rate.  It does this by dropping the less important detail information at the server side, and decoding as much as it can on the player side. While the quality in this lossy compression is less than would be achieved without any data being dropped, it is substantially better than dropping entire frames or sequences. This scalability is made possible by the nature of the wavelet algorithm, which encodes a signal as a series of successive refinements.  This codec was derived from Intel's Indeo Video Interactive codec.  Compared to most other codecs, G2 encodes faster than the rest, although unfortunately end users are required to have the most recent versions of RealPlayer since it is not backwards compatible.
      
      

   3. MPEG-1 and MPEG-2 - (Moving picture experts group-a working group of ISO-- term also refers to digital video compression standards and file formats developed by the group). MPEG files can be decoded by special hardware or by software. MPEG achieves a high compression rate by storing only the changes from one frame to another. The video information is then encoded using a algorithm called (Discrete Cosine Transform) DCT. MPEG uses a type of lossy compression, since some data is removed. But the diminishment of data is generally imperceptible to the human eye (see Codecs section for more information).

      The most common implementations of the MPEG-1 standard provide a video resolution of 352-by-240 at 30 frames per second (fps). This produces video quality slightly below the quality of conventional VHS cassettes. A newer standard, MPEG-2, offers resolutions of 720x480 and 1280x720 at 60 fps, with full CD-quality audio. This is sufficient for all the major TV standards, including (National Television Standards Committee) NTSC, and even HDTV. MPEG-2 is used by DVD-ROMs. MPEG-2 can compress a 2 hour video into a few gigabytes. Decompressing a MPEG-2 data stream requires only modest computing power, but encoding a video in MPEG-2 format requires significantly more processing power.

   4. MPEG-4 - MPEG is a set of international standards for audio and video compression and MPEG-4 is the newest MPEG standard, designed for the delivery of interactive multimedia across networks. As such, it is more than a single codec, and includes specifications for audio, video, and interactivity. Version 1 of the MPEG-4 spec was approved in 1999. Version 2 is expected to be finalized by the end of 2000.  The image quality has been significantly improved, and optimized for delivery of video at Internet data rates.  One downside is that MPEG-4 tends to be CPU intensive, so it generally requires fast computers.  The MPEG-4 file format is based on QuickTime.
      
      

   5. Windows Media MPEG-4v3 - Microsoft's derivative of the above MPEG-4 standard has advanced rapidly, with the current version 3. It's a simple codec implementation, without a lot of different features. Many users were confused because the Microsoft implementation isn't compatible with standard MPEG-4, so they've just renamed it.
      
      

4. Webcasting Servers - 
   
   
   In order for a webcast to be broadcasted of Internets or Intranets, a server must be must be capable of sending the information over data lines.  To broadcast a webcast a dedicated server is more or less required due to the power needs of today's webcasting. The server used depends on the type of technology used and how many streams are webcast and must be connected to enough bandwidth to handle those streams.  
      
   

   1. Hardware Specifications - Although, in theory, almost any server is capable of hosting a webcast, media servers tend to be much more powerful in order to efficiently support the numerous data requests at once (hundreds to many thousands in some cases).  For simplicity, examine the features of popular server, the Cisco Media Convergence Server 7835, which is priced around $10 thousand.
      
      
      
      
      

      1. Processors - The two major styles of processors include your Intel based Pentium and your RISC (Reduced Instruction Set Computing) architecture found in UNIX and Mac based systems.  Our example contains an Intel Pentium III 733-MHz processor although many media server motherboards support multiple processors.  While 733 MHz may seem average in today's world of GHz processors from Intel, many experts, including many from PC Magazine, suggest that faster processors do not improve performance enough to justify their cost, especially since processing bottlenecks tend to occur with hardware and network I/O.  More so, dual-processor situations tend to provide a better cost vs. benefit ratio.  Below is a benchmark test from PC Magazine that gives insight on how a multiple processor system out performs a single processor.
         
         
         
         
         
         
         Note that this is extremely important in webcasting since the demands on fast encoding and decoding as well as an increasing number of clients viewing a webcasts.  (See detailed benchmark in the footnotes)
         
         

      2. Hard Drive - Hard disks today basically fall into two categories:  IDE and SCSI.  Our example comes standard with dual 18.2 GB Ultra2 SCSI hot plug drives (they may be removed and re-installed without re-booting the system).
         
         

         1. IDE (Integrated Drive Electronics) - Actually most versions are EIDE or Enhanced IDE, and while considerably faster than standard IDE, they offer data access rates of about 16.6 Mb per second and tend to be much cheaper than SCSI interfaces.  This performance is dependent on cache on the drive controller and the speed of the drive (upwards of 15,000 rpm in the latest technology).  Although great for webcasters on a budget, IDE drives tend to lack the burst rate necessary to sustain worthwhile streaming media.
            
            

         2. SCSI (Small Computer Systems Interface) - This is a standard in Macintosh systems and fairly common in PC's and Unix boxes.  The main advantage over an IDE drive is the higher data access rates (up to 80 Mb per second and 320 Mb per second in the latest SCSI technology).  In addition a SCSI port can control up to seven devices rather than only two for IDE interfaces).  SCSI bus mastering lets the drive continue to operate without the help of the processor. In general, SCSI uses less processor time than IDE, which means the system appears to be faster during disk drive processes. This makes SCSI useful for high-performance situations like video editing and webcasting. (See Various SCSI generations).
            
            

         3. RAID (Redundant Array of Independent Disks) -  This uses "disk striping", which interleaves data across different drives and thus allow reads and writes of multiple drives at a time.  This does not describe the internal configuration of the drive, but how drives are configured in an array of multiple drives.  There are various configurations, but RAID arrays tend to reduce error rates and increase redundancies of stored data.
            
            

      3. Backups - Backing up your webcast server, or any server for that matter, is probably a good policy for two reasons:  in case of failure, you limit your data loss and you have the ability to archive all your past webcasts.  There are numerous options when backing up your server.  They include your traditional tape drives, hot-swap plugs, which allow for quick swapping of SCSI drives on a chain, and with increasing popularity today are CD-R and CD-RW disks.  The Cisco Server has an optional internal 12/24 GB DAT drive in order to save critical data.
         
         

      4. Memory  - With the need for extremely fast compression and decompression in today's webcasts, the need for large amounts, and unfortunately expensive, memory is needed.  In our example, the Cisco Media Server can be upgraded to approximately 4GB SDRAM.
         
         

   2. Operating Systems
      
      

      1. UNIX based - Not only are Unix based operating systems the first to support the internet, they are still currently the best for webcasting.  In addition, with the many extremely affordable variations of Linux running on Intel processors, these stable platforms should remain fairly popular for webcasters, especially those on a budget.
         
         

      2. Windows NT/2000 - With significant name recognition and plentiful resources, Microsoft products have a relatively small learning curve, yet less scalable than a UNIX based system.  In general, though, it is thought that if you decide you webcast using an NT system, you will probably require more powerful hardware.
         
         

   3. Standard Web Server - Examples such as Apache, Microsoft Server, and iPlanet account for 60 percent, 20 percent, and 7 percent of the Web server market as of September 2000 according to a Netcraft Web Server Survey. 
      
      

      
      

      1. Posting - The use of streaming media with a standard web server is essentially no more than a downloading and playing a file. This media file is then placed on a standard web server and then a web page containing a link with the media file's URL is placed on the same web server. When the link is activated, the client-side player opens and the media file is downloaded. 
         
         

      2. Progressive Streaming -  In this case, a webcast may be viewed as it is being downloaded but the user cannot access portions of the file that haven’t been transferred yet. Progressive streaming files don’t adjust during transmission to match the bandwidth of the user’s connection like a realtime streaming format. In fact, the user receives data as fast as the web server, network, and client will allow without regard to the encoding bit rate of the stream.  Progressive streaming is often called HTTP streaming because standard HTTP protocols are capable of streaming in this fashion.  Progressive streaming delivery is primarily used for short video clips that you want to be viewed at high quality, such as movie trailers and product advertisements, due to the fact that you will be able to deliver video streams with a higher data rate than your modem could stream with real time streaming. This method guarantees the quality of the final movie because the viewed portion of the file is losslessly downloaded before it is played. This means users may experience a delay before the movie starts, especially with slower connections.  Because progressive streaming material is placed on a standard HTTP or FTP server, it is easier to administer, and generally corporate firewalls permit access through HTTP ports.  Unfortunately, progressive streaming is not a good solution for long movies or videos that you only wish to access specific points, such as lectures, speeches or presentations. In addition, it is appropriate to note that progressive streaming does not work for material that must be broadcast live — it is strictly an on-demand technology.
         
         

      3. HTTP (Hyper Text Transport Protocol) - HTTP operates on top of the Transmission Control Protocol (TCP), which handles all the data transfers. Optimized for non-real-time applications such as file transfer and remote log-in, TCP's goal is to maximize the data transfer rate while ensuring overall stability and high throughput of the entire network. To achieve this, using an algorithm called slow start, TCP first sends data at a low data rate, and then gradually increases the rate until the destination reports packet loss. TCP then assumes it has hit the bandwidth limit or network congestion, and returns to sending data at a low data rate, then gradually increases, repeating the process. TCP achieves reliable data transfer by re-transmitting lost packets. However, it cannot ensure that all resent packets will arrive at the client in time to be played in the media stream.
         
         

      4. Advantages to Web Server - The main advantage to streaming with a Web server rather than with a streaming media server is that it utilizes existing world wide web infrastructure. Thus, no new server software will be required which, in turn, will reduce the incremental costs inherent in learning and managing a more complex streaming media server.

         In addition, there is an increased load that Web server-based streaming puts on existing Web server infrastructure which often results in the need for additional more powerful server hardware to service the client requests. Thus, choosing Web server streaming over a dedicated streaming media server based on increased hardware cost alone usually does not result in any savings, financially speaking.
         
         

   4. Streaming Media Server
      
      

      1. Posting - In the streaming media server approach, the initial steps are similar to the web server approach, except that the media file is copied to a specialized streaming media server  instead of a web server. A web page with a link to the given media file is placed on a web server (not the streaming media server). Note that it is possible to have both the web server and media server running on the same computer.
         
         

      2. RealTime Streaming - This refers to streaming media technology that keeps the bandwidth of the media signal matched to that of the viewer’s connection so that the media is always seen in realtime. This matching technique is in contrast to the burst methodology used in web server streaming.  The word realtime differentiates this type of streaming from your standard HTTP streaming delivery. Dedicated streaming media servers and streaming protocols are required to enable true realtime streaming. Most media servers also supports random access of material, so the user can fast forward to specific portions of a video, which may be useful for presentations and lectures. In theory, realtime streaming movies should never pause once they start playing, but in reality, periodic pauses may occur.  This is caused because information that is lost in the network due to errors is often ignored, so the video quality and totality will suffer from network congestion and failure. Furthermore, realtime streaming movies must match the bandwidth of the viewer’s connection, which means the image quality is generally poor at slow analog modem speeds. In general, when maximum media quality is required, progressive streaming delivery may be a better solution. 
         
         Realtime streaming media requires special servers, such as a QuickTime Streaming Server, a RealServer or a Windows Media Server. These give you a greater level of control over your media delivery but can be more complicated to set up and administer than a standard HTTP servers such as Apache or FrontPage Server. Also, realtime streaming uses special network protocols, such as RTSP (Realtime Streaming Protocol) or UDP (User Datagram Protocol). These protocols can sometimes have trouble with corporate firewalls that disallow the use of protocols on specific network ports, so in certain situations, a user may not be able to view a live webcast.
         
         

      3. UDP (User Datagram Protocol) - RealServer, Windows Media and QuickTime all offer realtime streaming capabilities and use specialized protocols such as UDP (User Datagram Protocol), which is a fast, lightweight protocol that lacks the re-transmission and data rate management functionality of TCP.  This makes UDP an ideal protocol for transmitting realtime streaming video, which can tolerate some lost packets. As a bonus, because of the conservative wait policies implicit in the TCP protocol, UDP traffic gets higher priority than the TCP traffic on the Internet. And instead of the blind retransmission scheme employed by TCP, streaming media servers use an intelligent retransmission schemes on top of UDP that only retransmit lost packets to the client in time for playback.  The only downside to UDP is that many network administrators close their firewalls to UDP traffic, limiting the potential audience of UDP-based streams.
         
         

      4. Advantages of Streaming Media Server
         
         

         1. More Efficient Network Throughput. The TCP-based transfer used in Web server streaming is designed to repeatedly drive the slowest network link (likely the 28.8 Kbps modem link) to packet loss. This wastes bandwidth by: 

            (i) re-transmitting data to replace the lost packets; and 

            (ii) under-utilizing the network link while re-estimating the throughput that can be supported by the network connection.
            
            The UDP protocol allows higher bandwidth to be delivered to the client (resulting in better video quality), even when assuming the same network connectivity between server and client and the same level of congestion on the Internet. By having a specialized streaming media server, we know what rate the data is going to be consumed, based on headers of the compressed media file. Data is sent to the client only at this required bit-rate, and it doesn't drive the bottleneck network link to loss. Thus the network throughput is better, resulting in better quality audio and video for the client.
            
            

         2. Better Audio and Video Quality to the User. Better network throughput is only one of several ways that a Streaming media server delivers superior audio and video quality for users. Since the media server and the media player remain in contact throughout the play interval, the server can dynamically respond to client feedback. If network congestion is allowing only 22 Kbps of data to reach the client (instead of 28.8 Kbps), the server can decide to retain the audio quality but slightly lower the frame rate of the video stream so that it doesn't overshoot the available 22 Kbps. This ability is not possible with the Web server approach. In a Web server scenario, with no feedback from the client and no ability to dynamically prioritize audio over video, the audio/video delivered by a Web server would be stop-and-go at the client, causing the constant "rebuffering" delays common to early implementations of streaming media. In contrast, streaming media servers attempt to provide a continuous, smooth stream with barely perceptible changes in video frame rate during periods of network congestion. Media servers takes advantage of UDP's inherent higher priority over HTTP traffic to give the streaming audio and video data higher priority than file and Web page transfers, which increases the likelihood of uninterrupted viewing. 
            
            

         3. Support for Advanced Features. Most media servers support such advanced features as detailed reporting of streams played, VCR controls (seek, fast-forward, rewind), live video delivery, and delivery of multiple streams to the client. With Web server streaming such features, if they are even possible, are difficult to implement and inefficient to support. 
            
            

         4. Cost Effective Scalability to Large Number of Users. In the early days of streaming media, deployments often needed to serve only a small number of users simultaneously, making Web server streaming an adequate solution. But as delivery of audio and video has increased, sites often serve hundreds or thousands of simultaneous users. In these situations, two key capabilities of most media servers provide increasing advantages over a Web server: Specialization. In the Web server approach, the Web server is used to deliver the media files to the client. Web servers, however, are optimized for delivering lots of small HTML files, not large media files. With high volumes of file requests, these servers greatly improve performance by optimizing how media files are read from the disk, buffered in main memory, and streamed onto the network. Multicast Support (see Multicasting below). One way to get live or stored audio and video to large audiences with minimum network congestion is to use multicast networking technology. Multicast allows a single media stream to be played simultaneously by multiple clients, drastically reducing bandwidth use. 
            
            

         5. Protection of Content Copyright. Because Web server streaming creates a local cached copy of every media file played, there is no way to prevent end users from copying the files to a personal directory for later viewing. This hurts content providers who have a pay-per-view business model, or who have an advertisement-based revenue model, as the end users need not visit their site repeatedly. With a media server, users can only stream data and are prevented from downloading the file directly to their hard disk. As data packets are received over the network, they are delivered directly to the client application with no easy way for the end user to intervene and make a copy.
            
            

         6. Multiple Delivery Options. With a Windows Media server, the media may be streamed with the optimal UDP, RTSP or Multicast protocols when possible, and streamed with the TCP protocol when necessary. This enables corporate users to view Internet content without compromising firewall security and ensures that all users on all networks can access all streaming media content. Powerful media servers today even attempt to utilize HTTP protocols when necessary in order to penetrate corporate firewalls, while still maintaining most of the streaming media server functionality when possible.
            
            

   5. Performance Evaluation

To better understand the benefits of a streaming media server when broadcasting a webcast, testing was done using two separate servers.  A RealServer media server was installed on a Intel Pentium III 500Mhz system as was an Apace Server.  A software package called WebStress 4.0 was used that measures response time of a server at various numbers of simultaneous users.  Below are the results of those tests:

Note above that the error rates even with 100 simultaneous users is actually zero.  This shows the capabilities of the RealServer to ensure that each user (regardless of response time) will have the ability to view a webcast.  Also, the high error rates of the HTML code and the Servlet are more of an issue of hardware.

Let's examine the results of the median response times depending on the number of simultaneous users.  Whereas the HTML code and the Servlet tend to have a gradually increasing response time, the Streaming Media's response time increases dramatically at around 55 users.  This problem can be attributed to numerous reasons, but primarily, the limits of the RealServer (the version used was an evaluation version that has many limitations).

Let's examine the results of the mean response times depending on the number of simultaneous users.  Again, notice that the HTML code and the Servlet response times remain relatively stable as the number of users increases.  The streaming media, on the other hand, has an almost exponential increase in response time as the number of simultaneous users increases.  View this trend in the median and mean results leads to the conclusion that the RealServer, although it will cater to all users, will server a specific number of users until about 55 users, after which, each additional user will sacrifice a great deal in response time.

In this case, when we filter out any responses that create errors, the RealServer seems to perform better, especially when compared to the HTML performance.

Finally, when the mean response times are examined with filtered results (that is, the error responses are removed from the equation), you will notice that both the HTML and the Servlet perform more poorly, overall, but not yet to the point of outperforming the RealServer.

5. Webcasting Networks - 
   
   
   There are numerous options regarding uploading a webcast to a server.  If your webcast involves only On-Demand streaming, uploading at faster speeds will not be as important as uploading for a live broadcast, where the bandwidth of the broadcast dictates the upload speed necessary.  Usually 20Kps is required for each person connecting with a 28.8K and at least 40Kps for each person on a 56K or greater connection. Multiple servers can be used to increase available bandwidth.  
   
   As for use in the future, notice the trend that Forrester research has predicted in the Networking market.
   
   
   
   
   

   1. Delivery Strategies
      
      

      1. Unicasting - Unicasting sends out one copy of each webcast data packet to each viewer. However for a large viewer webcast this would require huge amounts of bandwidth. For example, if 50,000 viewers were simultaneously accessing a 20Kbps stream webcast, 1Gbps of server bandwidth would be required.
         
         
         
         
         
         
         

      2. Multicasting - MBONE - Multicast backBONE network was a protocol form of IP multicasting, which actually began running in 1994.  It works by replicating a webcast to numerous servers, thus reducing the network congestion on the original source.  This form of multicasting has been built on today by the IP multicast Initiative.  Multicast is an extension of the Internet Protocol (IP) that is used on the Internet. With IP Multicast, the server sends out a single data packet and only at points in the Internet where the data needs to go in different directions to reach different viewers (such as routers or switches) is the data packet cloned, and a copy of the packet is sent in each of the different directions.  In other words, Multicasting eliminates the network bottleneck by decentralizing the webcast sending network packets to numerous servers which repeat a webcast.  Furthermore, Multicasting is becoming prevalent on corporate networks, but is still very rare on the Internet due to the need of the specialized multicasting routers.

         Until recently, multicasting was implemented through unicast "tunnels" between the MBONE specially equipped high-speed networks, usually LAN connections. Recently, multicast-capable routers have been deployed by some Internet Service Providers and the hardware that dial-up users call into (known as "access servers" "WAN switches" or "terminal servers") are available with multicast capability.  Note below the bandwidth savings from the webcast source.
         
         
         
         
         
         

          

      3. Edge Technology - This builds on the webcasting situations where multiple users around the world will expect certain information on an ongoing basis.  Large servers with capacities in the range of two or more terabytes are strategically located around the world.  Thus when new information is gathered at the source, it is then output to POP servers in various local areas.  This reduces unnecessary bottlenecks that may occur over long distances on the entire internet.  Furthermore, edge technology, in a sense, caches common data for easy local access.  Obvious, from the design, this form of delivery does not advance realtime streaming, as it is strictly an on-demand delivery technique.
         
         

   2. Standard Internet Access
      
      

      1. 56K modem - These are not particularly effective in live webcasting since you are limited to an upload speed of about 33Kbps.  One bandwidth increase strategy with a standard analog modem is through using multiple modems on separate phone lines and "pooling" the bandwidth.
         
         

      2. Integrated Services Digital Network (ISDN) Connections - Developed in the 70's, ISDN consists of two 64Kbps channels that combine to form a data rate of 128Kbps.  This configuration is not especially popular among consumers due to the fact that special circuitry must be installed by your phone company before you can run a digital ISDN modem.
         
         

   3. Broadband Internet Access - 
      
      

      1. Digital Subscriber Lines (DSL) - Becoming more and more popular today, DSL service provides a speed of approximately 100-1000Kbps, yet bypassing the public phone switches, which allows it to easily be left on continuously.  This lends itself to an ideal condition for web hosting.  The one downside of DSL is that a subscriber must have phone lines running less than 2 miles from the central office and overall bandwidth tends to decrease the further from that office.  Overall, with increased bandwidth and costs less than ISDN, DSL offers a relatively decent cost vs. benefits.
         
         

      2. Cable Modems - Considered direct competition in cost and value with DSL, cable modems offer high speed connections and uploads around 3Mbps (depending on line traffic).  One concern for modem services is that your cable company must provide the service which reduces your options regarding Internet Service Provider choices.
         
         

      3. Leased T1/T3 Lines - These are phone lines with constant open circuits and like ISDN, these circuits must be installed by your phone company.  T1 lines, for example, are quite fast reaching bandwidth levels of around 24 standard analog modems.  Quite expensive and primarily used in corporate settings, leased lines offer around 400Kbps - 2Mbps in bandwidth and upwards of 45Mbps in Full T3 form.  As monthly costs can rise to around $20000 not including your routing equipment, you can see why this network situation is usually left to corporate applications.
         
         

      4. Wireless Connections - Many experts suggest that this is the ultimate destiny for webcasting.  Currently, this technology provides speeds around 128Kbps to 1.5Mbps, depending on whether or not the system is line-of-sight or not (the signals are not allowed to bend around obstacles in a line-of-sight system), and has the advantage of mobility.  Unfortunately, for the mean time, the user areas tend to be based in major metropolitan areas and don't allow access when you leave your area.  In addition, even at the low end of bandwidth, it tends to cost consumers around $60 to $90 per month not including the special modems required for this service which run around $300.
         
         

      Note: Video streams can get bogged down not just at the "last mile" to the home user, where faster broadband modems and digital lines speed streaming, but they also can bottleneck at many other locations on the Internet and at the broadcaster's own server.  Basically, don't assume because you invested in high speed internet access that all webcasts will be high quality. 

Technology	Classification	Symmetrical	Speed(s)	Time to Download 2minute video clip
14.4K Analog modem	Narrowband	Yes	14.4 Kbps	5 hours
56K Analog	Narrowband	Yes	56Kbps	1.25 hours
ISDN	Narrowband	Yes	128Kbps	30 minutes
ADSL	Broadband	NO	128Kbps-384Kbps	20 minutes
Satellite	Broadband	NO	384Kbps	10 minutes
Wireless	Broadband	Yes	128Kbps-1.5Mbps	2.8 minutes
SDSL	Broadband	Yes	384Kbps-8Mbps	30 seconds
Cable Modem	Broadband	Yes	128Kbps-10Mbps	25 seconds

6. Viewing a Webcast
   
   

   1. Equipment Requirements - In order to view a webcast the viewer will need an Internet connection, Browser and a PC with minimum a MMX Pentium with at least 120Mhz, or PowerMac 25MHz or faster, Windows 95, a hard drive and a decent AGP graphics card.
      
      

   2. Video Players - Webcasts can be played through stand alone players such as Quicktime and Real Player which depend on a client having particular software packages.  In addition, there are available browser plug-ins which allow a webcast to be viewed within a browser.  These, of course require additional software for which the client must download rather than a Java Applet that downloads a player directly.  The data stream is in the form of a metafile which uses a specific instructions on how a player must utilize the stream.  
      
      

      1. RealVideo - RealVideo was added with Version 4.0 in 1997. Real has just introduced
         Version 8.0, an incremental, but substantial, upgrade from the major improvements of G2 in 2000. Its big changes are better decoding performance, improved encoding technologies, and a full player makeover as you can see below.   The native file format for RealMedia is a RealMedia file, or .rm.  Secondly, you may recall seeing .ram files, these tell the player where on the media server to find the .rm data. 
         
         
         
         
         
         RealPlayer Version 8.0 is in full release for Win32 and in beta for Mac OS 8.1 or greater. While the original version of G2 had rather poor performance on the Mac (it had difficulty playing broadband content without dropped frames even on a G3/400), the Version 8.0 Mac beta is much better, and is good enough for daily use. Real historically has supported the various UNIX platforms, but doesn't have a more current version than Version 5.0.  Real also has the capabilities of playing some QuickTime and AVI files, but it does not have the capabilities of using Sorensen codecs or .asf for that matter.
         
         

      2. Quicktime - Quicktime is the oldest digital video architecture around and has been doing video on the Web, albeit only as progressive streaming, for many years. QuickTime has actually only supported real streaming since about a year ago.  Current versions of Quicktime support SMIL, the same rich media that's at the core of RealMedia. Second, it now supports streaming through an HTTP connection (in addition to RealTime Streaming Protocol), which makes QuickTime as capable of getting through corporate firewalls as Real and Windows Media. Last, the Mac version has added Apple Script support, which makes it much easier to do automated media creation.  The native QuickTime file format is a QuickTime file, generally .mov, but sometimes .qt or .qti.  Below is a screenshot of their latest version.

         
         
         
         
         
         QuickTime v4.1 runs well on any Win32 system or PowerPC-based Macintosh. The biggest difference among platforms is the lack of MPEG-1 playback on QuickTime for Windows. This isn't generally a big deal because Windows Media Player handles these files fine.  In addition, QuickTime does a fairly decent job of playing AVI files, but fails to play the .asf files created by Windows Media.
         
         

      3. Windows Media - Windows Media, formerly known as NetShow, is Microsoft's entry into the streaming Web video market. The newest of the three, Microsoft is using its endless resources to force this media player onto the webcasting market. Windows Media is a much simpler solution than either QuickTime or Real because Microsoft doesn't position it as a complete platform, but rather the streaming audio and video component of a Web browser. However, it does that quite well. Recent innovation has focused on codec improvement and implementation of pay-per-view and authentication features through the Windows Media Rights Manager.  The native file format of Window Media is the Advanced Streaming Format, or .asf.  Note that Microsofts ASF includes three formats, the video portion is usually compressed to MPEG 4, the audio MPEG 3 and a control file. When the ASF file is streamed to a Windows Media Player the compressed information contained in the file is decompressed by the software and then viewed by the user.  Note below, the screenshot of the Windows Media that is a standard addition to the Windows operating systems.
         

         
         
         
         
         Windows Media runs great on Windows 98/NT/2000. Unfortunately, that's the only viable platform right now since none of the Microsoft beta players for Mac have been stable or high quality enough for even occasional use. Microsoft promises to have complete Mac and UNIX versions available in the future.
         

         View These Players in Action!!
         
         

      4. Note the market use of the three major video players from a Jan. '00 Nielsen/NetRatings survey report:
         
         
         

         Market Use of Media Players
         Player	Unique Audience	Reach
         RealPlayer	8,973,331	12.1 percent
         QuickTime	5,461,303	7.4 percent
         Windows Media	2,376,191	3.2 percent

         
         

7. Webcasting Standards
   
   

   1. SMIL - The growth of webcasting also has an increased need for standards consolidation.  This has been a desire of the World Wide Web Consortium through Synchronized Multimedia Integration Language (SMIL), which is a markup language for streaming media first released in  June 1998.  This is a simple language, which is similar to HTML with an added concept of time, is great for doing two things: assembling simple slide shows from still images and adding "wrappers" or links to existing video and audio sequences.  For example, you can place an ad at the beginning or end of a video sequence that's a link to a site.
      
      

   2. Benchmarking Webcasts - The first effort to set a benchmark in the Webcasting industry comes from the well respected performance measuring company, Keynote Systems.  It works on a 1 to 10 scale and the bar is set high.  No streaming website has reached a solid 10 (DVD quality) and, in fact, the best streaming today would receive around a six, which is around the same quality as a home VHS video.  See below the results of recent tests from Keynote Systems:  Keynote Streaming 20 Streaming Media Performance Index (See Footnotes for more information on the Benchmark).  Note the relative low quality of today's popular webcasting websites.
      
      
      

      	Week of October 29 to November 04
      Category	Best Site	Stream Quality*	Rendering Score*	Availability*
      Index		1.66	82.5%	59.0%
      Audio E-commerce Broadcast Radio Financial Audio Cable Television	Barnes & Noble WUSL Radio ON24 MTV	1.89 2.09 1.89 3.97	99.0 % 100 % 99.0 % 90.0 %	48.4 % 49.1 % 54.1 % 54.4 %
      	Week of October 22 to October 28
      Category	Best Site	Stream Quality*	Rendering Score*	Availability*
      Index		1.74	78.8%	73.6%
      Audio E-commerce Broadcast Radio Financial Audio Cable Television	Barnes & Noble WUSL Radio ON24 MTV	1.89 2.06 1.87 3.55	99.0 % 98.4 % 98.7 % 80.4 %	60.2 % 72.9 % 70.6 % 84.3 %

8. Security Issues 
   

   Virtually all businesses, most government agencies, and many individuals now have web sites. The number of individuals and companies with Internet access is expanding rapidly, and all of these have graphical Web browsers. As a result, businesses are enthusiastic about setting up facilities on the web for electronic commerce. But the reality is that the Internet and the Web are extremely vulnerable to compromises of various sorts. As businesses wake up to this reality, the demand for secure Web services grows.
   
   

   1. Considerations
      

      The Internet is two way. Unlike traditional publishing environments, the web is vulnerable to security attacks on the servers where web sites are stored. The Web is increasingly serving as a highly visible outlet for corporate and product information and as the platform for business transactions. Reputations can be damaged and money can be lost if the Web servers are subverted in any way. The importance of security in an online automobile auction is extraordinarily important due to the level of monetary transactions.  The complex software that runs these online servers and commerce may hide many potential security flaws. We have been shown from reports on yahoo.com be shut down and attacks on e-bay.com, that the internet is filled with examples of websites vulnerable to a variety of security attacks. Once a web server is subverted, an attacker may be able to gain access to data and systems such as user information at the local site. Below are examples of security threats:
      
      

      	Threats	Consequences	Countermeasures
      Integrity	Modification of user data Trojan horse browser Modification of memory Modification of message traffic in transit	Loss of information Compromise of machine Vulnerability to all other threats	Cryptographic checksums
      Confidentiality	Eavesdropping on the Net Theft of info from server Theft of data from client Info about network configuration Info about which client talks to server	Loss of information Loss of privacy	Encryption, Web proxies
      Denial of Service	Killing of user threads Flooding machine with bogus threats Filling up disk or memory Isolating machine by DNS attacks	Disruptive Annoying Prevent user from getting work done	Difficult to prevent
      Authentication	Impersonation of legitimate users Data forgery	Misrepresentation of user Belief that false information is valid	Cryptographic techniques

      
      There are two different ways you can categorize these threats:   one way to group these threats is in terms of passive and active attacks. Passive attacks include eavesdropping on network traffic between browser and server and gaining access to information on a Web site that is supposed to be restricted. Active attacks include impersonating another user, altering messages in transit between client and server, and altering information on a Web site.  Another way to classify Web security threats is in terms of the location of the threat: Web server, Web browser, and network traffic between browser and server. 
      
      
      

   2. Approaches
      

      A number of approaches to providing Web security are possible. The various approaches that have been considered are similar in the services they provide and in the mechanisms that they use, but they differ with respect to their scope of applicability and their relative location within the TCP/IP protocol stack.  Notice the difference:
      
      
      

      
      

       

      One way to provide Web security is to use IP Security at the Network Level. The advantage of using IPSec is that it is transparent to end users and applications and provides a general-purpose solution. Further, IPSec includes a filtering capability so that only selected traffic need incur the overhead of IPSec processing.  Another solution is to implement security just above TCP at the Transport Level. The best example of this approach is the Secure Sockets Layer (SSL) and the follow-on Internet standard of SSL known as Transport Layer Security (TLS). There are two implementation choices at the Transport Level. They are:  SSL provided as transparent to applications and in a less general sense and SSL embedded in specific applications (i.e. Netscape and Microsoft Explorer browsers come equipped with SSL).  Lastly, there can be security services embedded within an application at the Application Level. The advantage of this approach is that the service can be tailored to the specific needs of a given application. In the context of Web security, an important example of this approach is Secure Electronic Transaction (SET), which will also be discussed further below.
      
      

      1. Secure Socket Layer (SSL) - SSL was originated by Netscape. Version 3 of the protocol was designed with public review and input from industry and was published as an Internet draft document. Subsequently, when a consensus was reached to submit the protocol for Internet standardization, the TLS working group was formed within IETF to develop a common standard.  SSL is designed to make use of TCP to provide a reliable end-to-end secure service. SSL is not a single protocol but rather two layers of protocols, as shown below:
         
         
         
         
         

         The SSL Record Protocol provides basic security services to various higher-layer protocols. In particular, the hypertext transfer protocol (HTTP), which provides the transfer service for Web client/server interaction, can operate on top of SSL. Three higher-layer protocols are defined as part of SSL: the Handshake Protocol, the Change Cipher Spec Protocol, and the Alert Protocol. These SSL-specific protocols are used in the management of SSL exchanges and are will be discussed in further below.

         Two important SSL concepts are the SSL session, which is defined as an association between a client and a server that are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections. Sessions are used to avoid the expensive negotiation of new security parameters for each connection. And, in addition, the SSL connection, which is a transport that provides a suitable type of service in a peer-to-peer relationships. The connections are transient and every connection is associated with one session.

         Between any pair of parties (applications such as HTTP on client and server), there may be multiple secure connections. In theory, there may also be multiple simultaneous sessions between parties, but this feature is not used in