Information Network I: The Application and Upper Layers Youki Kadobayashi Doudou Fall Laboratory for Cyber Resilience Nara Institute of Science and Technology
Outline Domain Name System World Wide Web and HTTP Content Delivery Networks Presentation layer 2
OSI vs. TCP/IP Layers Application Presentation Application Session Transport Transport Network Internet Data Link Physical Network Access 3
Applications Application Programs that make use of the Internet: DNS, HTTP, SMTP, FTP, etc. Transport Network Data Link Physical 4
Application layer protocol challenges How do I interact with the other end? How do I find the other end? How do I send information? Can I directly use TCP? From: Prof To: TA Pls upload attachment.?? Copyright(C)2017 Youki Kadobayashi. All rights reserved. 5
How do I start interacting with the other end? Who will initiate the interaction? Who will be responder? I R request response query response Copyright(C)2017 Youki Kadobayashi. All rights reserved. 6
Initiator-Responder vs Client- Server Initiator can be either client or server Responder can be either server or client I R C S S C Consider an application-layer protocol for Chat app. If only Clients can be initiator, how do we deliver message to your friends? Copyright(C)2017 Youki Kadobayashi. All rights reserved. 7
How do I interact with the other end? What kind of information: Will be sent? Should be received? State transitions? receiver s0 Hello / Ok s1 Send / Ok sender s10 Ok / Send s11 Ok / End Essentially you are designing a protocol FSM: finite state machine. s2 s12 Protocol FSM may deadlock, without careful design. Copyright(C)2017 Youki Kadobayashi. All rights reserved. 8
Ensuring desirable protocol properties Liveness property Something good eventually happens e.g., completion of data transmission Safety property Something bad never happens e.g., starvation à model checker Copyright(C)2017 Youki Kadobayashi. All rights reserved. 9
Ensuring desirable protocol properties with model checker Appendix C: Verification model of a sliding window protocol For further study: - LTL - Model checking Source: The model checker SPIN, IEEE Trans. on Software Eng., May 1997 16/5/27 Copyright(C)2017 Youki Kadobayashi. All rights reserved. 10
Domain Name System 11
Domain Name System (DNS) Addresses are hard for human beings to remember Never ending updates in case a machine changes its IP address The organization's web server will be known as www.naist.jp regardless of the IP address Mechanisms to map names into numerical address Host.txt; not scalable Domain Name System (DNS) to the rescue, 1983 12
Initial problem Every device connected to the Internet has a unique Internet Protocol address How to resolve human-friendly machine names into IP addresses 13
Initial Solution /etc/hosts Periodical downloads from Network Information Center (NIC) at the Stanford Research Institute (SRI) Not sustainable with millions of host in the Internet Does not scale 14
DNS: RFCs 1034, 1035, 2181 Hierarchical, domain-based naming Distributed database system Name onto IP address mapping procedure: A program calls the resolver by passing the name as a parameter The resolver sends a query containing the name to a local DNS server The later retrieves the name and return a response containing the IP address to the resolver The resolver forwards the response to the caller 15
DNS Name Space Hierarchical system borrowed from postal services ICANN (Internet Corporation for Assigned Names and Numbers) Generic Countries com org net gov edu jp th ro us sn ac co 16
Top Level Domains cctld: country-code domains e.g.,.jp,.sn, IDN cctld: internationalized country-code domains e.g., 中国, gtld: generic top-level domains E.g.,.org,.com,.edu, Internet Assigned Numbers Authority (IANA) 1,239 top-level domains 17
Shared Registration Domain name registry: database Keeps track of all domain names registered in a top-level domain Domain name registry operator: organization that runs the DB Network information Center (NIC) Keeps the DB of domain names Domain name registrar: Company used for domain name registration 18
Domain Resource Records Format: Domain_name Time_to_live Class Type Value Type Meaning Value SOA Start of Authority Parameters for this zone A IPv4 address of a host 32-bit integer AAAA IPv6 address of a host 128-Bit integer MX Mail exchange Priority, domain willing to accept email NS Name server Name of a server for this domain CNAME Canonical name Domain name PTR Pointer Alias for an IP address SPF Sender policy framework Text encoding of mail sending policy SRV Service Host that provides it TXT Text Descriptive ASCII text 19
Name Servers Problems with a centralized approach Single point of failure Hard to maintain Does not scale Problems with a distributed approach Partial mapping for each server Multiple servers may handle queries Hard to update 20
Types of DNS Servers Authoritative Name Servers Sure to be able to perform a name-address translation for a particular zone Root Name Servers Caching Name Servers Ask queries and keep them in cache for later use Non authoritative 21
Root Servers https://www.iana.org/domains/root/servers 22
DNS Queries Finding the IP address for a given hostname is called resolution and is done with the DNS protocol. Resolution computer request local name server to resolve Local name server asks the root name server Root returns the name server for a lower zone Continue down zones until name server can answer DNS protocol Runs on UDP port 53, retransmits lost messages Caches name server answers for better performance 23
DNS Queries 2 3 Root DNS Server 1 4 8 5 Requesting host Local DNS Server 6 TLD DNS Server 7 Authoritative DNS Server 24
DNS Protocol 12 bytes Identification No. of Questions No. of Authority RRs Flags No. of Answer RRs No. of Additional RRs Name, type fields for a query RRs in response to query Records for authoritative servers Additional helpful info that may be used Questions (variable number of answers) Answers (variable number of resource records) Authority (variable number of resource records) Additional Info (variable number of resource records) 25
Hands on: observe DNS in action In the provided virtual machine: Run Wireshark Visit some websites Observe DNS protocol interactions Some DNS jargons: NS: name server A: address AAAA: IPv6 address 26
Web and HTTP 27
World Wide Web 1989, CERN: Conseil Européen pour la Recherche Nucléaire W3C: World Wide Web Consortium, 1994 Collection of content in the form of webpages Hypertext: one page points to another page 28
Communication in the Internet Copyright 2015 Pearson Education 29
Client/server architecture Client (browser) Determine the protocol Ask DNS for the IP address of server Make a TCP connection to server Send request for the page; server sends it back Fetch other URLs as needed to display the page Close idle TCP connections 30
Client/server architecture Server Accepts a TCP connection from client Get page request and map it to a resource Get the resource Send contents of the resource to the client Release idle TCP connections 31
Dynamic Pages Web Applications Pages generated by programs running at the server and the client E.g., PHP at server, JavaScript at client Pages vary each time Web applications; set of technologies that work together: AJAX HTML: present information as pages DOM: change parts of the page while they are viewed XML: let programs exchange data with the server JavaScript as a language to bind all this together 32
HTTP Basics HyperText Transfer Protocol (RFC 2616) Application layer protocol of the web Client-server model TCP-based protocol Client connects to port 80 on the server HTTP messages are exchanged Client closes the connection HTTP is stateless Server does not store state on previous requests Design simplification: easier failure recovery, load balancing 33
Evolution of HTML Item HTML 1.0 HTML 2.0 HTML 3.0 HTML 4.0 HTML 5.0 Hyperlinks ü ü ü ü ü Images ü ü ü ü ü Lists ü ü ü ü ü Active maps & images ü ü ü ü Forms ü ü ü ü Equations ü ü ü Toolbars ü ü ü Tables ü ü ü Accessibility features ü ü Object embedding ü ü Style sheets ü ü Scripting ü ü Video and audio Inline vector graphics XML representation Background threats Browser storage Drawing canvas ü ü ü ü ü ü 34
Uniform Resource Locator (URL) RFC 1738 Requests for objects are URLs http://domain_name:port/path/path/object protocol server Port # Path to object object http https ftp file mailto rtsp sip about hypertext With security File transfer protocol Local file Sending email Streaming media Multimedia calls Browser information 35
Types of connections Non-persistent HTTP (HTTP 1.0) At most one object is sent over a TCP connection Request/response Persistent HTTP (HTTP 1.1) Multiple objects can be sent over a single connection 36
Non-persistent HTTP: response time Round-trip time (RTT) Time for a small packet to travel from the client to the server and back to the client Response time One RTT to initiate the connection One RTT for request and start of response File transmission time Total time = #objects*(2*rtt + transit_time) 37
Persistent HTTP: response time Server leaves connection open after sending response Subsequent HTTP messages are sent over the same open connection One RTT for each referenced object once the connection is setup Response time One RTT to initiate the connection One RTT for request and start of response per object File transmission time per object Total time = RTT + #objects*(rtt + transit_time) 38
HTTP Request Methods Method GET HEAD POST PUT DELETE TRACE CONNECT OPTIONS Function Read a Web page Read a Web page s header Append to a Web page Store a Web page Remove the Web page Echo the incoming request Connect through a proxy Query options for a page Human-readable ASCII text 39
HTTP Response Codes 200 OK Request succeeded; request object is in the message 301 Moved Permanently Requested object moved; new location specified in a location: header in the list of headers 400 Bad Request The server could not understand the request 404 Not Found The requested content is not found on the server 505 HTTP Version Not Supported Unsupported version 40
Hands-on Hands-on material 41
Cookies in HTTP HTTP is stateless Cookies provide a mechanism for Web servers to store Four components Cookie header line in the HTTP response message Cookie header line in subsequent HTTP request messages Cookie file stored on user s host and managed by browser Back-end database at the web server host 42
How to cookie rakuten.co.jp: 1984 Client HTTP request HTTP response Set-cookie: 1984 server rakuten.co.jp Creates an ID 1984 For the request HTTP request Cookie: 1984 Cookie-specific action DB Future session rakuten.co.jp: 1984 HTTP request Cookie: 1984 Cookie-specific action 43
Maintaining state with cookies Cookies help servers store: Shopping cart info Login name, authorization credentials Preferences Session state History of web pages First-party cookies Third-party cookies 44
Web Caches (proxy servers) User sets browser: web access via cache Browser sends all HTTP requests to cache Advantages: Reduce response time if proxy is closer/faster Reduce traffic on the web server Reduce traffic on the organization s link 45
HTTP Headers Function Browser capabilities (client -> server) Caching related (mixed directions) Browser context (client -> server) Content delivery (server -> client) Example Headers User-Agent, Accept, Accept-Charset, Accept-Encoding Accept-Language If-Modified-Since, If-None-Match, Date, Last-Modified, Expires, Cache-Control, ETag Cookie, Referer, Authorization, Host Content-Encoding, Content-Length, Content-Type, Content- Language, Content-Range, Set-Cookie 46
HTTP Conditional GET Request an object but do not send it if the cache has an up-to-date version HTTP Request GET /index.html HTTP/1.1 Host: somesite.sn HTTP Response HTTP/1.1 200 OK Date: Wed, 25 May 2016 11:05:15 JST Server: Apache/2.4 (CentOS) Last-Modified: Mon, 23 May 2016 09:36:49 JST ETag: 4d1658-28eg-5e59c778g4e11 Accept-Ranges: bytes Content-Length: 6111 Vary: Accept-Encoding Content-Type: text/html 47
Content Delivery Networks 48
Content Delivery Delivery of content (video, image, audio, etc.) to users is a major component of Internet traffic. Content and Internet traffic Server farms Content delivery networks 49
Server Farms Server Farms enable large-scale Web servers Front-end load-balances requests over servers Server access the same backend database Internet Load balancer Front end Backen d DB servers 50
Content Delivery Networks (CDNs) (1/3) CDNs scale Web servers by having clients get content from a nearby CDN node (cache) CDN origin server Distribution of content Beijing Tokyo Dakar Page fetch Clients 51
Content Delivery Networks (CDNs) (2/3) Directing clients to nearby nodes with DNS: Client query returns local CDN node as response Local CDN node caches content for nearby clients and reduces load on the origin server Tokyo CDN node 1: distribute content CDN origin server Dakar CDN node 4: fetch page 2: query DNS CDN DNS server Tokyo client 3: Contact Tokyo contact Dakar Dakar client 52
Content Delivery Networks (CDNs) (3/3) Origin server rewrites pages to serve content via CDN Traditional web page CDN configured page <html> <head> <title> Viral Videos </title> </head> <body> <h1> List of the videos </h1> <p> Click below for free samples </p> <a href= dancingcat.mpg > Cool cats </a> <a href= roflbaby.mpg > Baby laughing out loud </a> <a href= shootingmonkey.mpg > Monkey with AK47 </a> </body> </html> <html> <head> <title> Viral Videos </title> </head> <body> <h1> List of the videos </h1> <p> Click below for free samples </p> <a href= http://www.cdn.com/viralvideos/dancingcat.mpg >...</a> <a href= http://www.cdn.com/viralvideos/roflbaby.mpg > </a> <a href= http://www.cdn.com/viralvideos/shootingmonkey.mpg ></a> </body> </html> 53
More Applications Electronic Mail: SMTP Streaming audio and video Peer-to-peer applications IoT applications Al-Fuqaha, Ala, et al. "Internet of things: A survey on enabling technologies, protocols, and applications." Communications Surveys & Tutorials, IEEE 17.4 (2015): 2347-2376. 54
Presentation Layer 55
How do I send information? Numeric 1 can be represented in many ways: 00000001 65 (ASCII code) U+0041 (Unicode) Type=1 Length=2 Value=1 These are encoding practices defined in the Presentation layer Copyright(C)2017 Youki Kadobayashi. All rights reserved. 56
Established encoding practices in the presentation layer Binary 00000001 ASCII 65 TLV Type=1 Length=2 Value=1 ASN.1 à network management XML Copyright(C)2017 Youki Kadobayashi. All rights reserved. 57
Trade-offs in data representation Encoding/decoding overhead XML ASN.1 ASCII TLV Packed binary wire efficiency Copyright(C)2017 Youki Kadobayashi. All rights reserved. 58
Encoding application protocols Design choices Packed binary ASCII TLV JSON XML ASN.1 impacting: Efficiency Extensibility Readability Ease of definition Ease of parsing Ease of mixing Ease of validation Copyright(C)2017 Youki Kadobayashi. All rights reserved. 59
Packed binary Define bit boundaries Define semantics associated with each bit IP header (RFC791), TCP header (RFC793) Same technique can be employed in application layer, e.g., for sensor networks 16bit source port 16bit destination port 32bit sequence number 32bit acknowledgment number 20 octets 4bit hlen reserved flags 16bit window size 16bit TCP checksum 16bit urgent pointer Copyright(C)2017 Youki Kadobayashi. All rights reserved. 60
ASCII Consider byte-stream of ASCII characters as a protocol Point: make it human readable and writable ASCII protocols in the Internet Mixture of machine-parseable status code and humanreadable strings FTP (RFC959), SMTP (RFC2821) etc. 3-digit status code, followed by greetings 4-character command, followed by arguments Copyright(C)2017 Youki Kadobayashi. All rights reserved. 61
TLV Type, Length, Value Pros: Compact, yet extensible Cons: All data types have to be defined in protocol spec RADIUS (RFC2138), OSPF (RFC2328) etc. Bit representation of TLV Copyright(C)2017 Youki Kadobayashi. All rights reserved. 62
A taxonomy of application layer protocols TLV OSPF RADIUS Encoding ASCII Binary FTP SMTP HTTP DNS Copyright(C)2017 Youki Kadobayashi. All rights reserved. 63
XML: Extensible data types Data types (static / dynamic typing) Definition of namespace Data that describes itself Rich set of tools and libraries Copyright(C)2017 Youki Kadobayashi. All rights reserved. 64
XML: Reuse of data types Your data type Order Composite data types Date Product ID Basic data types Time Timezone String You don t need to redefine Date type in order to define your own type Copyright(C)2017 Youki Kadobayashi. All rights reserved. 65
XML: Modular data types XML document Standard header Your type Digital signature You can reuse existing standard for document structures, digital signature, etc. Copyright(C)2017 Youki Kadobayashi. All rights reserved. 66
XML message format <?xml version = "1.0"?> <tag attribute="value"> <another-tag another-attribute="value" /> </tag attribute="value"> Copyright(C)2017 Youki Kadobayashi. All rights reserved. 67
Management of namespace through XML Namespace <?xml version='1.0' encoding='utf-8'?> <soap:envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/' xmlns:xsi='http://www.w3.org/1999/xmlschema-instance' xmlns:xsd='http://www.w3.org/1999/xmlschema' xmlns:soapenc='http://schemas.xmlsoap.org/soap/encoding/' soap:encodingstyle='http://schemas.xmlsoap.org/soap/encoding/'> <soap:body> <n:getquoteresponse xmlns:n='urn:xmethods-delayed-quotes'> <Result xsi:type='xsd:float'>7.92</result> </n:getquoteresponse> </soap:body> </soap:envelope> Copyright(C)2017 Youki Kadobayashi. All rights reserved. 68
Describing data types in XML: XML Schema <?xml version="1.0" encoding="utf-8"?> <SOAP-ENV:Envelope xmlns:xsi="http://www.w3.org/1999/xmlschema-instance" xmlns:soap-enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/1999/xmlschema SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Body> <namesp1:getquote xmlns:namesp1="urn:xmethods-delayed-quotes"> <symbol xsi:type="xsd:string">akam</symbol> </namesp1:getquote> </SOAP-ENV:Body> </SOAP-ENV:Envelope> Copyright(C)2017 Youki Kadobayashi. All rights reserved. 69
XML: other features Self-descriptive: XML Schema Transformation tools: XPath, XSLT, etc. Rich set of API: DOM, SAX, etc. Message integrity and confidentiality: XML Digital Signature XML Encryption Copyright(C)2017 Youki Kadobayashi. All rights reserved. 70
JSON RFC 4627: The application/json Media Type for JavaScript Object Notation A text format for the serialization of structured data Four primitive types: string, number, boolean, null Two structured types: object, array JSON object: { "Image": { "Width": 800, "Height": 600, "Title": "View from 15th Floor", "Thumbnail": { "Url": "Height": 125, "Width": "100" "http://bit.ly/", }, "IDs": [116, 943, 234, 38793] } Copyright(C)2017 Youki Kadobayashi. All rights reserved. 71 } JSON array
Presentation layer summary: a birds-eye view Approach binary Fixed Packed binary Statically typed TLV Extensible Dynamically typed ASN.1 string ASCII XML, JSON Copyright(C)2017 Youki Kadobayashi. All rights reserved. 72
The End 73