Web-enabled Database Development

Background

Exactly what is a 'web-enabled database'? Considering the widespread use of the Internet and Web Browser technology to deliver marketing messages, promotional and informational material, it's surprising that we still see very little use of what the Web is best at - providing interactive access to business information, making queries, placing orders and updating records via Net and browser services. In other words, standard database facilities but accessed remotely. That's what we call a web-enabled database.

It's particularly surprising because it's usually not a huge task to make it work (though circumstances vary a lot). Since GBdirect was founded in 1995 we've been convinced that the future of business use of Internet/Intranet technology lies in this direction and we see no reason to change our opinion.

The situation is slowly changing - instead of typical web sites being little more than reproductions of corporate brochures, we do see the first stirrings of innovation. As ever, the US-based sites lead the way, but there are encouraging signs in the UK too. Amongst our favourites at the moment are the sites run by Railtrack and National Express (links at the bottom of the page). These provide real customer value by linking Web technology into the underlying business systems. Whether this is easy or hard to do dependends on the services provided by the technical systems within a business, but in many cases it is surprisingly easy to implement a Web-based front-end to a traditional database system. Most industrial-strength database systems offer 'client-server' modules and these can be employed to build applications delivered via the Web.

The show-stopper for most companies is not technical - technical problems can usually be overcome - but one of cost and buy-in. In the US, costs are lower and in general the management layer is less awed by technology. Costs are lower because a key component (the Internet connection) tends to cost a third to a quarter as much as in the UK. Many US companies will already have a connection suitable for use, but in the UK even those companies which use email extensively tend to use dial-up rather than permanent connections. There are often concerns in UK companies about security (mostly unfounded) and an unwillingness to take what's seen as a risk. In the US, it's common for companies to innovate then milk the situation for PR value whilst their competitors play catch-up. In the UK the attitude is typically to distrust innovative or imaginative proposals and hope that the competitors take the same approach.

For those who do want to take the step, the technical solution will typically look something like the picture below, although by no means all setups will be alike. This illustrates a common situation, no more or less.

Diagram

The existing business database (DBMS above) is usually already connected to the company's internal network. The internal network may already be using the Internet-related TCP/IP protocol, but that isn't always the case. Where it is, the inner 'firewall' is likely to be important as an extra layer of security. In typical configurations, the 'server' will be running an Internet Web server, delivering Web pages through the outer firewall to the public Internet. For Intranets the configuration will be able to dispense with the firewalls and is considerably simpler. (The section of network labelled DMZ above - the demilitarized zone to use the jargon - allows controlled public access to the server whilst prohibiting any external access at all to the internal network).

Web pages can be delivered by the server in the traditional way - static, unchanging, pre-written pages, as found in most current web sites. This may be appropriate for parts of the overall content, especially for textual background information; this page itself is partially an example. However, it's equally possible for the server to generate pages based on the content of either data which it stores itself, or, most interesting of all, based on the results of data extracted from the database.

The basic components of a web-enabled database like the one in the diagram are:

  1. A permanent link to the Internet
  2. A webserver
  3. A firewall
  4. Web pages and software to deliver the active application

Let's look at the approximate costs of each in turn.

1. Permanent Link to Internet

Your company may already use a permanent link for email and web-browsing, and be in a position to exploit it further for a web-enabled database. If not, a budgetary figure will be in the region of £10,000 per annum to install and run one (which can then also be used for email and web-browsing if desired) - but the exact figure will depend very much on the amount of traffic you expect your site to generate. This figure is the lower limit and for high-volume sites more will have to be spent to obtain the right levels of responsiveness for your customers.

2. Webserver

Webservers may sound like high-tech whizz-bang stuff but in fact are nothing of the sort. Beware, vendors will try to tell you otherwise. There are essentially two kinds - those which support secure transactions and those which don't. You will only need secure transactions if you plan to take credit card details or other sensitive information from your customers. The market leader in webservers is Apache which is extremely robust, provides high performance and is, astonishingly, free of charge. More than 50% of all web sites use Apache, much to the disgust of companies who try to charge money for their products. The secure version of Apache does require the use of an authenticated security certificate, these cost around US $100 per year.

The most likely choice of system to run the webserver is either a variant of Unix, or Microsoft NT (though there are specialised solutions for companies using AS/400 throughout or systems such as Lotus Notes). Our experience of using NT in these environments rapidly calls to mind a phrase involving 'bargepole'. That said, you can build a website with NT if you aren't put off by its reputation for unreliability. The support tools for NT look attractive for building smaller sites and its performance is less of a problem for low-volume solutions. We feel that the correct approach here is not to consider the webserver as a piece of strategic architecture but an appliance. Pick the one that's right for the job - it can always be changed later. Surprisingly, 5,000 is hard to spend on a webserver unless you have very special requirements or like to bring a smile to a sales rep's face.

3. Firewall

Your firewall is your security against probes and prying eyes from the outside world. Like its counterpart in structural engineering, 'firewall' is a descriptive term. Real-world firewalls can be built in many ways and from many materials depending on the threat and consequent risk; a hospital next to a fuel dump needs a thicker firewall than a grain store next to an office. Software firewalls are similar. They come in many forms and there is no one-size-fits-all solution. Specialist advice is called-for here; don't take the word of generalists. There are many commercial products. 5,000 is a generous budget, though consultancy for configuration may push the price up well beyond the basic component cost.

4. Web Pages and Software

A number of issues are involved here. The obvious first step is to define what you want to achieve - but your customers will probably have other ideas, so you must expect to change your mind when the feedback arrives. In essence you are building a standard software application, but one which can be delivered with the graphics and imagery that Web users now expect. The art is to get the core functionality as close to right as possible, then ensure that the delivery is attractive and - crucially - fast enough to prevent the users from becoming impatient.

Building these types of applications generally involves using Web 'forms' to capture information and submit requests. You may think that technology like Java and Javascript can ease the process - unfortunately, they also suffer from severe disadvantages. Javascript offers a lot of promise but incompatitibilities between browsers means it cannot be relied upon to work, so it's best used in a cosmetic role only (unless you are designing for an Intranet where the browsers are more strictly controlled). Java is an excellent tool for building database applications, but is essentially useless for this task on the public Internet; again, it's only really usable in Intranets. We are still left with basic plain forms for input and tables for output if the site is to reach its widest possible audience with confidence.

It's not especially hard to build form-based interactive web sites, but there is a degree of specialist skill involved. You will probably want to track visitors over more than one visit to your site, employ techniques like 'shopping trolleys' or personalisation (so the site can present information the way your customer wants to view it, not just the way it was first designed) and most ordinary software developers take time to learn the tricks and tactics. Here at GBdirect, we believe that we have a first-rate understanding of what it takes to build this kind of site. We'd be pleased to hear from you if you are interested!

Costs will vary dramatically for this component. A basic deployment might be done for somewhere between 5,000 to 50,000 - but a serious project like one of the on-line bookshops is another matter again. We can provide advice in this area for those who wish to consider it further.

Links