APPLICATION LAYER APPLICATION LAYER : DNS, HTTP, , SMTP, Telnet, FTP, Security-PGP-SSH.

Similar documents
UNIT V Introduction to Application Layer HTTP Non persistent versus Persistent Connections Non persistent Connections

FTP,HTTP. By Nidhi Jindal

CS348: Computer Networks (SMTP, POP3, IMAP4); FTP

CS321: Computer Networks FTP, TELNET, SSH

CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols

Chapter 26 Remote Logging, Electronic Mail, and File Transfer 26.1

Electronic Mail Paradigm

6 Computer Networks 6.1. Foundations of Computer Science Cengage Learning

Computer Networks.. By Nidhi Jindal

Internet Architecture

Network Applications Principles of Network Applications

CCNA Exploration Network Fundamentals. Chapter 03 Application Functionality and Protocols

Application Layer: OSI and TCP/IP Models

CS321: Computer Networks ELECTRONIC MAIL

CCNA R&S: Introduction to Networks. Chapter 10: The Application Layer

CCNA Exploration Network Fundamentals. Chapter 3 Application Layer Functionality and Protocols

Chapter 19. Domain Name System (DNS)

Chapter 10: Application Layer CCENT Routing and Switching Introduction to Networks v6.0

Chapter 4. Internet Applications

CS 356 Internet Security Protocols. Fall 2013

INTERNET & WORLD WIDE WEB (UNIT-1) MECHANISM OF INTERNET

Unit 28 Website Production ASSIGNMENT 1

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials

2. Introduction to Internet Applications

06/02/ Local & Metropolitan Area Networks 0. INTRODUCTION. 1. History and Future of TCP/IP ACOE322

Computer Networking. Chapter #1. Dr. Abdulrhaman Alameer

FTP. FTP offers many facilities :

Internet Applications. Dr Steve Gordon ICT, SIIT

Different Layers Lecture 21

Chapter 10: Application Layer

Motivation For Networking. Information access Interaction among cooperative application programs Resource sharing

Application Level Protocols

Computer Network 1 1

6 Computer Networks 6.1. Foundations of Computer Science Cengage Learning

Computer Networks. More on Standards & Protocols Quality of Service. Week 10. College of Information Science and Engineering Ritsumeikan University

The OSI Model. Level 3 Unit 9 Computer Networks

CHAPTER 22 DISTRIBUTED APPLICATIONS ANSWERS TO QUESTIONS ANSWERS TO PROBLEMS

21.1 FTP. Connections

Objectives. Upon completion you will be able to:

CS 43: Computer Networks. 12: and SMTP September 28, 2018

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Electronic Mail. Prof. Indranil Sen Gupta. Professor, Dept. of Computer Science & Engineering Indian Institute of Technology Kharagpur

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Application: Electronic Mail

Electronic Mail

CCNA 1 v3.11 Module 11 TCP/IP Transport and Application Layers

Fig (1) sending and receiving s

CS 716: Introduction to communication networks th class; 11 th Nov Instructor: Sridhar Iyer IIT Bombay

Objective. Application Layer Functionality and Protocols. CCNA Exploration 4.0 Network Fundamentals Chapter 03. Universitas Dian Nuswantoro

The Data Link Layer. 32 PART I Networking Basics

Networking and Health Information Exchange: ISO Open System Interconnection (OSI)

Guide to Networking Essentials, 6 th Edition. Chapter 5: Network Protocols

Network+ Guide to Networks 6 th Edition. Chapter 4 Introduction to TCP/IP Protocols

Applications FTP. FTP offers many facilities :

Networking and Health Information Exchange Unit 1a ISO Open Systems Interconnection (OSI) Slide 1. Slide 2. Slide 3

Networking Applications

Chapter 16 Networking

Guide to TCP/IP, Third. Chapter 6: Basic TCP/IP Services

[Prof. Rupesh G Vaishnav] Page 1

PLEASE READ CAREFULLY BEFORE YOU START

The Application Layer: & SMTP

3. WWW and HTTP. Fig.3.1 Architecture of WWW

Electronic Mail (SMTP)

CSCI 466 Midterm Networks Fall 2013

CSC 4900 Computer Networks:

PLEASE READ CAREFULLY BEFORE YOU START

Networking Revision. TCP/IP Protocol Stack & OSI reference model. Basic Protocols. TCP/IP Model ANTHONY KAO NETWORKING FINAL EXAM SPRING 2014 REVISION

Electronic Mail. Three Components: SMTP SMTP. SMTP mail server. 1. User Agents. 2. Mail Servers. 3. SMTP protocol

BABU MADHAV INSTITUTE OF INFORMATION TECHNOLOGY, UTU 2017

13. Internet Applications 최양희서울대학교컴퓨터공학부

Data Communication & Computer Networks MCQ S

The Client Server Model and Software Design

Network Encryption Methods

Networking Applications

Business Data Communications and Networking

OSI Model. Teran Subasinghe MBCS, Bsc.(Hons) in Computer Science - University of Greenwich, UK

Significance of TCP/IP Model Divya Shree Assistant Professor (Resource Person), Department of computer science and engineering, UIET, MDU, Rohtak

CS321: Computer Networks TELNET, SSH

Internet Technology. 03r. Application layer protocols: . Paul Krzyzanowski. Rutgers University. Spring 2016

Foundations of Python

Concept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space that is provided.

is still the most used Internet app. According to some studies around 85% of Internet users still use for communication.

Introduction to TCP/IP

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Networking. Layered Model. DoD Model. Application Layer. ISO/OSI Model

WWW: the http protocol

Electronic Mail. Electronic Mailboxes

Innovation and Cryptoventures. Technology 101. Lee Jacobs and Campbell R. Harvey. February 22, 2017

TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the

Web Technology. COMP476 Networked Computer Systems. Hypertext and Hypermedia. Document Representation. Client-Server Paradigm.

Computer Network : Lecture Notes Nepal Engineering College Compiled by: Junior Professor: Daya Ram Budhathoki Nepal Engineering college, Changunarayan

CMPE 151: Network Administration. Servers

Concept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space provided.

DESCRIPTION OF TYPICAL NETWORK SERVICES ON SERVERS

UDP and TCP. Introduction. So far we have studied some data link layer protocols such as PPP which are responsible for getting data

Transport Layer TCP & UDP Week 7. Module : Computer Networks Lecturers : Lucy White Office : 324

Special expressions, phrases, abbreviations and terms of Computer Networks

Introduction to computer networking

Additional laboratory

Introduction to Networking

Transcription:

APPLICATION LAYER : DNS, HTTP, E-mail, SMTP, Telnet, FTP, Security-PGP-SSH. To identify an entity, the Internet used the IP address, which uniquely identifies the connection of a host to the Internet. However people prefer to use names instead of numeric addresses. Therefore a system is needed, that can map a name to an address or an address to a name. When the Internet was small, mapping was done using a host file. The host file had only two columns; one for the name and one for the address. Every host could store the host file on its disk and update it periodically from a master host file. When a program or a user wanted to map a name to an address, the host consulted the host file and found the mapping. Today it is impossible to have one single host file relate every address to a name, and vice versa. The host file will be too large to store in every host. In addition it would be difficult to update the data, whenever there is a change. One solution would be to store the entire host file in a single computer and allow access to this centralized information to every computer that needs a mapping. But this would create a huge amount of traffic on the Internet. Another solution, the one used today, is to divide this huge amount of information into smaller parts and store each part on a different computer. In this method, the host that needs mapping can contact the closest computer holding the needed information. This method is used by Domain Name System (DNS). NAME SPACE : The names assigned to machines must be carefully selected from a name space with complete control over the binding between the names and IP addresses. The names must be unique 1

because the addresses are unique. A name space that maps each address to a unique name can be organized in two ways: flat or hierarchical. FLAT NAME SPACE : A name is assigned to an address. A name in this space is a sequence of characters without structure. This names may or may not have a common section; if they do, it has no meaning. The main disadvantage of a flat name space is that it cannot be used in a large system such as the Internet because it must be centrally controlled to avoid ambiguity and duplication. Hierarchical Name Space : In HNS, each name is made of several parts. The first part can define the nature of the organization, the second part can define the name of an organization, the third part can define departments in the organization, and so on. In this case, the authority to assign and control the name spaces can be decentralized. A central authority can assign the part of the name that defines the nature of the organization and the name of the organization. The responsibility of the rest of the name can be given to the organization itself. The organization can add suffixes ( or prefixes) to the name to define its host or resources. The management of the organization need not worry that the prefix chosen for a host is taken by another organization because, even if part of an address is the same, the whole address is different. For eg. If two colleges and one company call one of their computers challenger. The first college is given a name by the central authority such as dmce.edu, the second college is given the name sp.edu, and the company is given the name smart.com. when these organizations add the name challenger to the name they have already been given, the end result is three distinguishable names : challenger.dmce.edu, challenger.sp.edu and challenger.smart.com. The names are unique without the need for assignment by a central authority. The central authority controls only part of the name, not the whole. 2

DOMAIN NAME SPACE : To have hierarchical name space, a domain name space was designed. In this design the names are defined in an inverted-tree structure with the root at the top. The tree can have only 128 levels : level 0 ( root) to level 127. Label : Each node in the tree has a label, which is a string with a maximum of 63 characters. The root label is a null string ( empty string ). DNS requires that children of a node ( nodes that branch from the same node) have different labels, which guarantees the uniqueness of the domain names. Domain Name : Each node in the tree has a domain name. A full domain name is a sequence of labels separated by dots (.). The domain names are always read from the node up to the root. The last label is the label of the root (null). This means that a full domain name always ends in a null label, which means the last character is a dot because the null string is nothing. Fully Qualified Domain Name : if a label is terminated by a null string, it is called a fully qualified domain name (FQDN). An FQDN is a domain name that contains the full name of a host. It contains all labels, from the post specific to the most general, that uniquely define the name of the host. For eg. Challenger.atc.fhda.edu.. Partially Qualified Domain Name : If the label is not terminated by a null string, it is called a partially qualified domain name (PQDN). A PQDN starts from a node, but it does not reach the root. It is used when the name to be resolved belongs to the same site as the client here the resolver can supply the missing part, called the suffix, to create an FQDN. Domain : It is a sub-tree of the domain same space. The name of the domain is the domain name of the node at the top of the sub-tree. Note 3

that a domain may itself be divided into domains ( or sub-domains as they are sometimes called ). Hierarchy of Name Space : It is very inefficient and also unreliable to have just one computer store such a huge amount of information. Because responding to requests from all over the world puts a heavy load on the system. Failure of the computer can lead to worst problem. The solution to these problems is to distribute the information among many computers called DNS servers. We let the root stand alone, and create as many domains (subtrees) as there are first-level nodes. Because domains created in this way could be very large, DNS allows domains to be divided further into smaller domains (subdomains). Each server can be responsible for either a large or a small domain. In other words, we have a hierarchy of servers in the same way that we have a hierarchy of names. DNS in the Internet : DNS is a protocol that can be used in different platforms. In the Internet, the domain name space (tree) is divided into three different sections : generic domains, country domains, and the inverse domain. 4

Generic Domains : It defines registered hosts according to their generic behavior. Each node in the tree defines a domain, which is an index to the domain name space database. Country Domains : It uses two character country abbreviations. ( eg., us for United States ). Second labels can be organizational, or they can be more specific national designations. The United States can use state abbreviations as a subdivision of us. (eg. ny.us.). Inverse Domain : It is used to map an address to a name. This may happen when a server has received a request from a client to do a task. Although the server has a file hat contains a list of authorized clients, only the IP address of the client is listed. The server asks its resolver to send a query to the DNS server to map an address to a name to determine if the client is on the authorized list. This type of query is called inverse or pointer (PTR) query. T E L N E T : It is an abbreviation for TErminaL NETwork. It enables the establishment of a connection to a remote system in such a way that the local terminal appears to be a terminal at the remote system. TELNET is a general-purpose client-server application program. Time-Sharing Environment : TELNET was designed at a time when most operating system, such as UNIX, were operating in a timesharing environment. In such an environment, a large computer supports multiple users. The interaction between a user and the computer occurs through a terminal, which is usually a combination of keyboard, monitor and mouse. Even a microcomputer can simulate a terminal with a terminal emulator. 5

Logging : Each authorized user has an identification and probably a password. The user identification defines the user as part of the system. To access the system, the user logs into the system with a user id or log-in name. The system also includes password checking to prevent an unauthorized user from accessing the resources. When a user wants to access an application program or utility located on a remote machine, it performs remote log-in. Here the TELNET client and server programs come into use. The user sends the keystrokes to the terminal driver, where the local operating system accepts the characters, but does not interpret them. The characters are sent to the TELNET client, which transforms the characters to a universal character set called network virtual terminal (NVT) characters and delivers them to the local TCP/IP protocol stack. 6

The commands or text, in NVT form, travel through the Internet and arrive at the TCP/IP stack at the remote machine. Here the characters are delivered to the operating system and passed to the TELNET server, which changes the characters to the corresponding characters understandable by the remote computer. The characters cannot be passed directly to the operating system because the remote operating system is not designed to receive characters from a TELNET server. It is designed to receive the characters from a terminal driver. The solution is to add a piece of software called a pseudo-terminal driver which pretends that the characters are coming from a terminal. The operating system them passes the characters to the appropriate application program. TELNET uses only one TCP connection. The server uses the well known port 23, and the client used an ephemeral port. ELECTRONIC MAIL : It is one of the most popular Internet services in electronic mail ( email). At the beginning of the Internet era, the message sent by electronic mail were short and consisted of text only : they let people exchange quick memos. Today electronic mail is much more complex. It allows a message to the include text, audio and video. It also allows one message to be sent to one or more recipients. It contains three main components : user agent; message transfer agent ; and message access agent. 7

Here two users, are connected to their mail server by a WAN or a LAN. A user prepares a message using user agent, and then sends the message through the LAN or WAN. This can be done by message transfer agent. The MTA client establishes a connection with the MTA server on the system, which is running all the time. It transfers all the messages to the MTS server. (i.e. mailbox). The other user is connected to the mail server. After the message has arrived the other ends mailbox, the second user can retrieve it. Here it needs message access agents (MAA s). The second user uses an MAA client to retrieve his message. The client sends a request to the MAA s server, which is running all the time, and requests the transfer of the messages. 8

MTA client/server program is a push program. The client pushes the message to the server. The user also needs a pull program. The client needs to pull the message from the server. Message Transfer Agent : SMTP : The actual transfer is done through message transfer agents. To send mail, a system must have the client MTA ( Mail Transfer Agent ), and to receive mail, a system must have a server MTA. The formal protocol that defines the MTA client and server in the Internet is called the Simple Mail Transfer Protocol ( SMTP ). Two pairs of MTA client/server programs are used in the most common situation. SMTP is used two times, between the sender and the sender s mail server and between the two mail servers. Another protocol is needed between the mail server and the receiver. SMTP simply defines how commands and responses must be sent back and forth. Each network is free to choose a software package for implementation. SMTP uses commands and responses to transfer messages between an MTA client and an MTA server. 9

Each command or reply is terminated by a two-character( carriage return and line feed ) end-of-line token. Commands are sent from the client to server. It consists of a keyword followed by zero or more arguments. SMTP defines 14 commands. The first five are mandatory; every implementation must support these five commands. The next three are often used and highly recommended. The last six are seldom used. Responses are sent from the server to the client. A response is a threedigit code that may be followed by additional textual information. [ 211 system status, 220 service ready, 421 service not available, 450 mailbox not available etc. ] Mail Transfer Phases : The process of transferring a mail message occurs in three phases : connection establishment, mail transfer, and connection termination. 10

Message Access Agent : POP and IMAP : The first and the second stages of mail delivery use SMTP. However, SMTP is not involved in the third stage because SMTP is a push protocol; it pushes the message from the client to the server. In other words, the direction of the bulk data (messages) is from the client to the server. On the other hand, the third stage needs a pull protocol; the client must pull messages from the server. The direction of the bulk data is from the server to the client. The stage uses a message access agent. Currently two message access protocols are available. Post Office Protocol, version 3 (POP3) and Internet Mail Access Protocol, version 4 (IMAP4). POP3 is simple and limited in functionality. The client POP3 software is installed on the recipient computer; the server POP3 software is installed on the mail server. Mail access starts with the client when the user needs to download e-mail from the mailbox on the mail server. The client opens a connection to the server on TCP port 110. It then sends its user name and password to access the mailbox. The user can then list and retrieve the mail messages, one by one. POP3 has two modes: the delete mode and the keep mode. In the delete mode, the mail is deleted from the mailbox after each retrieval. In the keep mode, the mail remains in the mailbox after retrieval. 11

The IMAP4 is similar to POP3, but it has more features, more powerful and more complex. POP3 doesn t allow the user to organize her mail on the server; the user cannot have different folders on the server. ( user cannot have different folders on the computer ). File Transfer Protocol : FTP : Transferring files from one computer to another is one of the most common tasks excepted from a networking or internetworking environment. It is a standard mechanism provided by TCP/IP for copying a file from one host to another. It seems to be simple and straightforward, some problems must be dealt with first. For example, two systems may use different file name conventions, may have different directory structures or may have different ways to represent text and data. All these problems have been solved by FTP in a very simple and elegant approach. FTP differs from other client/server applications, in that it establishes two connections between the hosts. One connection is used for data transfer, the other for control information ( commands and responses). Separation of commands and data transfer makes FTP more efficient. The control connection uses very simple rules of communication. Only a line of command or a line of response has to be transferred at a time. The data connection, on the other hand, needs more complex rules due to the variety of data types transferred. However the difference in complexity is at the FTP level, not TCP. For TCP, both connections are treated the same. FTP uses TCP port no. 21, for control connection, and port 20 is used for the data connection. 12

In the above figure, the client has 3 components : user interface, client control process, and the client data transfer process. The server has two components : the server control process and the server data transfer process. The control connection is made between the control processes. The data connection is made between the data transfer processes. The control connection remains connected during the entire interactive FTP session. The data connection is opened and then closed for each file transferred. It opens each time commands that involve transferring files are used, and it closes with the file is transferred. In other words, when a user starts an FTP session, the control connection opens. While the control connection is open, the data connection can be opened and closed multiple times if several files are transferred. The purpose of data connection is different from that of the control connection. File transfer occurs over the data connection under the control of the commands sent over the control connection. Hypertext transfer Protocol : HTTP : It is a protocol used mainly to access data on the world wide web. It functions as a combination of FTP and SMTP. It is similar to FTP, because it transfers files and uses the services of TCP. However it is much simpler than FTP, because it uses only one TCP connection. There is no separate 13

control connection; only data are transferred between the client and the server. HTTP is like SMTP because the data transferred between the client and the server look like SMTP messages. In addition, the format of the messages is controlled by MIME-like headers. [ MIME - is a electronic mail, having a simple structure. It can send the message in 7 bit ASCII format. It can not send the messages in other language which doesn t support 7-bit ASCII character. ( French, German, Russian, Hebrew, Chinese and Japanese). Also it cannot be used to send binary files or video or audio data. MIME is a supplementary protocol that allows non-ascii data to be sent through e-mail. MIME transforms non- ASCII data at the sender slot to NVT ASCII data and delivers them to the client MTA, to be sent though the Internet. The message at the receiving side is transformed back to the original data. So MIME is a set of software functions that transforms non-ascii data (stream of bits) to ASCII data and vice versa.] Unlike SMTP, the HTTP messages are not destined to be read by humans; they are read and interpreted by the HTTP server and HTTP client (browser). SMTP messages are stored and forwarded, but HTTP messages are delivered immediately. The commands from the client to the server are embedded in a request message. The contents of the requested file or other information are embedded in a response message. HTTP uses the services of TCP on well-known port 80. HTTP Transaction : HTTP uses the servic3es of TCP on well-known port 80. Figure shows the transaction between the client and server. Although HTTP uses the services of TCP, HTTP itself is a stateless protocol. The 14

client initializes the transaction by sending a request message. The server replies by sending a response. Messages: The format of the request and response messages are similar as shown below : A request message consists of a request line, a header, and sometimes a body. A response message consists of a status line, a header, and sometimes a body. The first line in a request message is called a request line; the first line in the response message is called the status line. This field is used in the request message. In version 1.1 of HTTP several request types are defined. The request type is categorized into methods as given below : 15

The most current version of HTTP is 1.1. Status code : This field is used in the response message. The status code is field is similar to those I the FTP and the SMTP protocols. It consists of three digits. [ code 100 continue, 200 the request is ok, 202 the request is accepted, 400- bad request, 500- internal server error.]. The body can be present in a request or response message. Usually its contains the document to be sent or received. PGP : [ PRETTY GOOD PRIVACY ] : It is one of the protocols to provide security at the application layer is Pretty Good Privacy (PGP). It is designed to create authenticated and confidential e-mails. Figure shows the position of PGP in the TCP/IP protocol suite. 16

Sending an e-mail is a one-time activity. The nature of this activity is different from those we have seen in the previous two sections. In IPsec (IP Security) [ It is a collection of protocols designed by the Internet Engineering Task Force (IETF), to provide security for a packet at the network level. It helps to creae4 authenticated and confidential packets for the IP layer. ]. or SSL (Secure Socket Layer), [ Netscape developed SSL in 1994. It is designed to provide security at Transport layer],we assume that the two parties create a session between themselves and exchange data in both directions. In e-mail, there is no session. Both end users cannot create a session. Security parameters: If e-mail is a one-time activity, how can the sender and receiver agree on the security parameters to use for e-mail security? It there is no session and no handshaking to negotiate the algorithms for encryption and authentication, how can the receiver know which algorithm the sender has chosen for each purpose? How can the receiver know the values of the keys used for encryption and authentication? Phil Zimmerman, the designer and creator of PGP, has found a very elegant solution to the above questions. In PGP, the sender of the message needs to include the identifiers of the algorithms used in the message as well as the values of the keys. Services : PGP can provide several services based on the requirements of the user. An e-mail can use one or more of these services. Plaintext : The simplest case is to send the e-mail message in plaintext ( no service ). The sender, composes a message and sends it to the other user, the receiver. The message is stored in the receivers mailbox, until it is retrieved by him. Message Authentication : Probably the next improvement is to let the sender sign the message. The sender creates a digest o the message and signs it with her private key. When the receiver receives the message, it 17

verifies the message by using senders public key. Two keys are needed for this scenario. The sender needs to know his private key; and the receiver needs to know senders public key. Compression : A further improvement is to compress the message and digest to make the packet more compact. This improvement has no security benefit, but it eases the traffic. Confidentiality with One-Time Session Key : Confidentiality in an e-mail system can be achieved by using conventional encryption with a one-time session key. The sender can create a session key, use the session key to encrypt the message and the digest and send the key itself with the message. However, to protect the session key, the sender encrypts it with receivers public key. Code Conversion : another service provided by PGP is code conversion. Most e-mail systems allow the message to consist of only ASCII characters. To translate other characters not in the ASCII set, PGP uses Radix 64 conversion. Each character to be sent (after encryption) is converted to Radix 64 code. Segmentation : PGP allows segmentation of the message after it has been converted to Radix 64 to make each transmitted unit the uniform size allowed by the underlying e-mail protocol. ==== X 0 X ======= X 0 X ======= X 0 X ======= X 0 X ======= X 0 X ==== 18

19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback