DMET 602: Networks and Media Lab Amr El Mougy Yasmeen EssamAlaa Tarek.

Slides:



Advertisements
Similar presentations
HTTP Cookies. CPSC Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.
Advertisements

EEC-484/584 Computer Networks Lecture 4 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
HyperText Transfer Protocol (HTTP)
Application Layer-11 CSE401N: Computer Networks Lecture-4 Application Layer Overview HTTP.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
2: Application Layer1 Chapter 2: Application Layer Our goals: r conceptual, implementation aspects of network application protocols m transport-layer service.
EEC-484/584 Computer Networks Lecture 4 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Chapter 2: Application Layer
HyperText Transfer Protocol (HTTP) Computer Networks Computer Networks Spring 2012 Spring 2012.
Secure Remote Access: SSH. K. Salah 2 What is SSH?  SSH – Secure Shell  SSH is a protocol for secure remote login and other secure network services.
9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.
Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July.
Week 11: Application Layer1 Week 11: Application layer r 2.1 Principles of network applications r 2.2 Web and HTTP r 2.3 FTP r 2.4 Electronic Mail  SMTP,
Web, HTTP and Web Caching
2: Application Layer1 Chapter 2: Application Layer Our goals: r conceptual, implementation aspects of network application protocols m transport-layer service.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
1 K. Salah Module 2.1: Application Layer Application-level protocols provide high-level services –Web and HTTP –DNS –Electronic mail –Remote login –FTP.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
EEC-484/584 Computer Networks Lecture 4 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
PL-IV- Group A HTTP Request & Response Header
2: Application Layer World Wide Web (WWW). Introduction 1-2 Internet protocol stack (recap) r application: supporting network applications m FTP,
CS 3830 Day 7 Introduction : Application Layer 2 Processes communicating Process: program running within a host. r within same host, two processes.
FTP (File Transfer Protocol) & Telnet
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
Mail (smtp), VoIP (sip, rtp)
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.
Application Layer 2 Figures from Kurose and Ross
Rensselaer Polytechnic Institute Shivkumar Kalvanaraman, Biplab Sikdar 1 The Web: the http protocol http: hypertext transfer protocol Web’s application.
20-1 Last time □ NAT □ Application layer ♦ Intro ♦ Web / HTTP.
2: Application Layer1 Internet apps: their protocols and transport protocols Application remote terminal access Web file transfer streaming multimedia.
Week 11: Application Layer1 Web and HTTP First some jargon r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,…
CS 372 – introduction to computer networks* Wednesday June 30
Introduction 1 Lecture 6 Application Layer (HTTP) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
2: Application Layer1 Web and HTTP First some jargon Web page consists of base HTML-file which includes several referenced objects Object can be HTML file,
2: Application Layer1 Chapter 2 Application Layer Part 2: Web & HTTP These slides derived from Computer Networking: A Top Down Approach, 6 th edition.
1 Computer Communication & Networks Lecture 28 Application Layer: HTTP & WWW p Waleed Ejaz
Secure Remote Access: SSH. 2 What is SSH?  SSH – Secure Shell  SSH is a protocol for secure remote login and other secure network services over an insecure.
Sockets process sends/receives messages to/from its socket
1 HTTP EECS 325/425, Fall 2005 September Chapter 2: Application layer r 2.1 Principles of network applications m app architectures m app requirements.
Application Layer 2-1 Chapter 2 Application Layer 2.2 Web and HTTP.
CIS679: Lecture 13 r Review of Last Lecture r More on HTTP.
2: Application Layer1 Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross.
Lecture 23 Application Layer ELEN E6761: Communication Networks Instructor: Javad Ghaderi Slides adapted from “Computer Networking: A Top Down Approach”
Dr. Philip Cannata 1 The Web and HTTP. Dr. Philip Cannata 2 Application Layer 2-2 Chapter 2 Application Layer Computer Networking: A Top Down Approach.
Application Layer 2-1 Lecture 4: Web and HTTP. Web and HTTP First, a review… web page consists of objects object can be HTML file, JPEG image, Java applet,
2: Application Layer 1 Application layer  Principles of network applications  Web and HTTP  FTP, TFTP  TELNET  Electronic Mail  SMTP, POP3, IMAP.
Important r There will be NO CLASS on Friday 1/30/2015! r Please mark you calendars 1.
2: Application Layer 1 Chapter 2: Application layer r 2.1 Principles of network applications  app architectures  app requirements r 2.2 Web and HTTP.
2: Application Layer1 Chapter 2 Application Layer Computer Networking: A Top Down Approach, 4 th edition. Jim Kurose, Keith Ross Addison-Wesley, July 2007.
Advance Computer Networks Lecture#05 Instructor: Engr. Muhammad Mateen Yaqoob.
IT 424 Networks2 IT 424 Networks2 Ack.: Slides are adapted from the slides of the book: “Computer Networking” – J. Kurose, K. Ross Chapter 2: Application.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 7 Omar Meqdadi Department of Computer Science and Software Engineering University of.
EEC-484/584 Computer Networks Lecture 4 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
Week 11: Application Layer 1 Web and HTTP r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,… r Web page consists.
27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CSEN 404 Application Layer I Amr El Mougy Lamia Al Badrawy.
Lecture 5 Internet Core: Protocol layers. Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP 
2: Application Layer 1 Chapter 2 Application Layer These ppt slides are originally from the Kurose and Ross’s book. But some slides are deleted and added.
DMET 602: Networks and Media Lab
Application Layer Dr. Adil Yousif Lecture 2 CS.
Block 5: An application layer protocol: HTTP
Internet transport protocols services
Introduction to Networks
Computer Communication & Networks
لایه ی کاربرد مظفر بگ محمدی 2: Application Layer.
CS 5565 Network Architecture and Protocols
Chapter 2 Application Layer
Presentation transcript:

DMET 602: Networks and Media Lab Amr El Mougy Yasmeen EssamAlaa Tarek

Exp 7: Higher Layer Protocols

2: Application Layer3 Classifying Application Protocols  Method of communication  Stateful or stateless  Type of encoding (binary or text)  In-band or out-of-band

Method of Communication 1-4  Communication between devices either involve message passing, or request/response  Request/response is the most prevalent type. Uses client/server model to describe the roles of hosts  Has the advantage of being simple. However, only two machines are involved  Other patterns include spanning tree, broadcast, P2P

N-Tier Request/Response 1-5  Layered system. Each tier provides a service for the higher level  Advantages include: information hiding, scalability, better management

Stateful Vs. Stateless 1-6  Stateful: server knows which step (state) has been reached – Individual messages need to carry less data – Server does not have to re-establish context every time  Stateless: – Client remembers the state, sends to server each time  simpler architecture – Server processes each request independently  requests have to be more self-describing – More scalable, facilitates load balancing  Can vary with level – Many systems like Web run stateless protocols (e.g. HTTP) over streams…at the packet level, TCP streams are stateful – HTTP itself is mostly stateless, but many HTTP requests (typically POSTs) update persistent state at the server

Type of Encoding 1-7  Text: messages are encoded characters  Binary: any bit patterns  Pros and cons quite similar to those for text vs. binary file formats  When sending between compatible machines, binary can be much faster because no conversion needed  Most Internet-scale application protocols (HTTP, SMTP) use text for protocol elements and for all content except photo/audio/video  HTTP 2.0 moving to binary (for msg size and parsing speed)

In-Band vs Out-of-Band 1-8  In-band: control data and application data coexist on the same connection (same transport layer port numbers)  HTTP and SMTP are in-band protocols  Out-of-band: control data is on a separate connection  Typically the control connection establishes the data exchange  FTP is an out-of-band protocol

2: Application Layer 9 Web and HTTP  Web page consists of objects  Object can be HTML file, JPEG image, Java applet, audio file,…  Web page consists of base HTML-file which includes several referenced objects  Each object is addressable by a URL  Example URL: host name path name

Resource Identification 1-10  Resources are identified by a Uniform Resource Locator (URL), Uniform Resource Identifier (URI), or Uniform Resource Name (URN)  URI can be a URL or URN  URL tells you the name of the resource, and how to retrieve it  has to specify the protocol used to retrieve this resource - [scheme]://[Domain]:[port]/[path]?[QueryString]#[FragmentId] -  URN is only a name give to a resource - urn:[namespace identifier]:[namespace specific string] - urn:isbn:

2: Application Layer11 HTTP overview HTTP: hypertext transfer protocol  Web’s application layer protocol  client/server model  client: browser that requests, receives, “displays” Web objects  server: Web server sends objects in response to requests PC running Explorer Server running Apache Web server Mac running Navigator HTTP request HTTP response

2: Application Layer12 HTTP overview (continued) Uses TCP:  client initiates TCP connection (creates socket) to server, port 80  server accepts TCP connection from client  HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server)  TCP connection closed HTTP is “stateless”  server maintains no information about past client requests Protocols that maintain “state” are complex! rpast history (state) must be maintained rif server/client crashes, their views of “state” may be inconsistent, must be reconciled aside

2: Application Layer13 HTTP connections Nonpersistent HTTP  At most one object is sent over a TCP connection Persistent HTTP  Multiple objects can be sent over single TCP connection between client and server

2: Application Layer14 Nonpersistent HTTP Suppose user enters URL (contains text, references to 10 jpeg images) 1a. HTTP client initiates TCP connection to HTTP server (process) at on port HTTP client sends HTTP request message (containing URL) into TCP connection socket. Message indicates that client wants object someDepartment/home.index 1b. HTTP server at host waiting for TCP connection at port 80. “accepts” connection, notifying client 3. HTTP server receives request message, forms response message containing requested object, and sends message into its socket time

2: Application Layer15 Nonpersistent HTTP (cont.) 5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects 6. Steps 1-5 repeated for each of 10 jpeg objects 4. HTTP server closes TCP connection time

2: Application Layer 16 Non-Persistent HTTP: Response time Definition of RTT: time for a small packet to travel from client to server and back Response time:  one RTT to initiate TCP connection  one RTT for HTTP request and first few bytes of HTTP response to return  file transmission time total = 2RTT+transmit time time to transmit file initiate TCP connection RTT request file RTT file received time

2: Application Layer17 Persistent HTTP Nonpersistent HTTP issues:  requires 2 RTTs per object  OS overhead for each TCP connection  browsers often open parallel TCP connections to fetch referenced objects Persistent HTTP  server leaves connection open after sending response  subsequent HTTP messages between same client/server sent over open connection  client sends requests as soon as it encounters a referenced object  as little as one RTT per referenced object

2: Application Layer 18 HTTP request message  two types of HTTP messages: request, response  HTTP request message:  ASCII (human-readable format) GET /somedir/page.html HTTP/1.1 Host: User-agent: Mozilla/4.0 Connection: close Accept-language:fr (extra carriage return, line feed) request line (GET, POST, HEAD commands) header lines Carriage return, line feed indicates end of message

2: Application Layer 19 HTTP request message: general format

2: Application Layer20 Uploading form input Post method:  Web page often includes form input  Input is uploaded to server in entity body GET (URL) method:  Uses GET method  Input is uploaded in URL field of request line:

2: Application Layer21 Method types HTTP/1.0  GET  POST  HEAD  asks server to leave requested object out of response HTTP/1.1  GET, POST, HEAD  PUT  uploads file in entity body to path specified in URL field  DELETE  deletes file specified in the URL field

2: Application Layer 22 HTTP response message HTTP/ OK Connection close Date: Thu, 06 Aug :00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data... status line (protocol, status code, status phrase) header lines data, e.g., requested HTML file

2: Application Layer23 HTTP response status codes 200 OK  request succeeded, requested object later in this message 301 Moved Permanently  requested object moved, new location specified later in this message (Location:) 400 Bad Request  request message not understood by server 404 Not Found  requested document not found on this server 505 HTTP Version Not Supported In first line in server->client response message. A few sample codes:

2: Application Layer24 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP response message 2) cookie header line in HTTP request message 3) cookie file kept on user’s host, managed by user’s browser 4) back-end database at Web site Example:  Susan always access Internet always from PC  visits specific e-commerce site for first time  when initial HTTP requests arrives at site, site creates:  unique ID  entry in backend database for ID

2: Application Layer25 Cookies: keeping “state” (cont.) client server usual http response msg cookie file one week later: usual http request msg cookie: 1678 cookie- specific action access ebay 8734 usual http request msg Amazon server creates ID 1678 for user create entry usual http response Set-cookie: 1678 ebay 8734 amazon 1678 usual http request msg cookie: 1678 cookie- spectific action access ebay 8734 amazon 1678 backend database

2: Application Layer26 Cookies (continued) What cookies can bring:  authorization  shopping carts  recommendations  user session state (Web e- mail) Cookies and privacy: rcookies permit sites to learn a lot about you ryou may supply name and to sites aside How to keep “state”: rprotocol endpoints: maintain state at sender/receiver over multiple transactions rcookies: http messages carry state

2: Application Layer27 Web caches (proxy server)  user sets browser: Web accesses via cache  browser sends all HTTP requests to cache  object in cache: cache returns object  else cache requests object from origin server, then returns object to client Goal: satisfy client request without involving origin server client Proxy server client HTTP request HTTP response HTTP request origin server origin server HTTP response

2: Application Layer28 More about Web caching  cache acts as both client and server  typically cache is installed by ISP (university, company, residential ISP) Why Web caching?  reduce response time for client request  reduce traffic on an institution’s access link.  Internet dense with caches: enables “poor” content providers to effectively deliver content (but so does P2P file sharing)

2: Application Layer29 Conditional GET  Goal: don’t send object if cache has up-to-date cached version  cache: specify date of cached copy in HTTP request If-modified-since:  server: response contains no object if cached copy is up-to- date: HTTP/ Not Modified cache server HTTP request msg If-modified-since: HTTP response HTTP/ Not Modified object not modified HTTP request msg If-modified-since: HTTP response HTTP/ OK object modified

FTP 1-30  Purpose: To Transfer files between two computers  Goals of FTP Service Promote sharing of files (programs and/or data) Encourage indirect/implicit use of remote computers Shield users from variations in file storage among hosts Transfer data reliably and efficiently  Why is it needed, file transfer seems simple?  Answer: Heterogeneous systems use different operating systems, character sets, naming conventions, directory and file structures  FTP addresses this heterogeneity

FTP Connection 1-31

TCP Connections 1-32 Control Connection Combined Connection

FTP Commands 1-33 CommandDescription get filename Retrieve file from server mget filename* Retrieve multiple files from server* put filename Copy local file to server mput filename* Copy multiple local files to server* open server Begin login to server bye / close / exit Logoff server ls / dir List files in current remote dir on server lcd Change local directory cd Change remote directory rhelp / remotehelp Lists commands the server accepts

Secure Shell (SSH) 1-34  SSH is a protocol for secure remote login and other secure network services over an insecure network  SSH Transport Layer Protocol provides server authentication, confidentiality, and integrity services runs on top of any reliable transport layer (e.g., TCP)  SSH User Authentication Protocol provides client-side user authentication runs on top of the SSH Transport Layer Protocol  SSH Connection Protocol multiplexes the secure tunnel provided by the SSH Transport Layer and User Authentication Protocols into several logical channels. These logical channels can be used for a wide range of purposes  secure interactive shell sessions  TCP port forwarding  carrying X11 connections

SSH Security Features 1-35  Strong algorithms –uses well established strong algorithms for encryption, integrity, key exchange, and public key management  Large key size –requires encryption to be used with at least 128 bit keys –supports larger keys too  Algorithm negotiation –encryption, integrity, key exchange, and public key algorithms are negotiated –it is easy to switch to some other algorithm without modifying the base protocol

SSH TLP Protocol 1-36  SSH version string exchange –both side must send a version string of the following form: “SSH-protoversion-softwareversion comments” \CR \LF –used to indicate the capabilities of an implementation –triggers compatibility extensions –all packets that follow the version string exchange is sent using the Binary Packet Protocol –MAC = message authentication code. Used to check message integrity

Encryption 1-37  The encryption algorithm is negotiated during the key exchange  Supported algorithms –3des-cbc (required) (168 bit key) –blowfish-cbc (recommended) –twofish256-cbc (opt) / twofish192-cbc (opt) / twofish128-cbc (recomm) –aes256-cbc (opt) / aes192-cbc (opt) / aes128-cbc (recomm) –serpent256-cbc (opt) / serpent192-cbc (opt) / serpent128-cbc (opt) –arcfour (opt) (RC4) –idea-cbc (opt) / cast128-cbc (opt)  Key and IV are also established during the key exchange  All packets sent in one direction is considered a single data stream –IV is passed from the end of one packet to the beginning of the next one  Encryption algorithm can be different in each direction

Message Authentication Code (MAC) 1-38  MAC algorithm and key are negotiated during the key exchange  Supported algorithms –hmac-sha1 (required) [MAC length = key length = 160 bits] –hmac-sha1-96 (recomm) [MAC length = 96, key length = 160 bits] –hmac-md5 (opt) [MAC length = key length = 128 bits] –hmac-md5-96 (opt) [MAC length = 96, key length = 128 bits]  MAC algorithms used in each direction can be different  MAC = mac( key, seq. number | clear packet ) –sequence number is implicit, not sent with the packet –sequence number is represented on 4 bytes –sequence number initialized to 0 and incremented after each packet –it is never reset (even if keys and algs are renegotiated later)

SSH Authentication Protocol 1-39  The protocol assumes that the underlying transport protocol provides integrity and confidentiality (e.g., SSH Transport Layer Protocol)  The protocol has access to the session ID  The server should have a timeout for authentication and disconnect if the authentication has not been accepted within the timeout period –recommended value is 10 minutes  The server should limit the number of failed authentication attempts a client may perform in a single session –recommended value is 20 attempts  Three authentication methods are supported –Public key –Password: most widely used (user name and password) –Host-based

Public Key Method 1-40  All implementations must support this method  Authentication is based on demonstration of the knowledge of the private key (the client signs with the private key)  The server verifies that –the public key really belongs to the user specified in the authentication request –the signature is correct

Host-based Method 1-41  Authentication is based on the host where the user is coming from  This method is optional  The client sends a signature that has been generated with the private host key of the client  The server verifies that –the public key really belongs to the host specified in the authentication request –the signature is correct

SSH Connection Protocol 1-42  Provides –interactive login sessions –remote execution of commands –forwarded TCP/IP connections –forwarded X11 connections  All these applications are implemented as “channels”  All channels are multiplexed into the single encrypted tunnel provided by the SSH Transport Layer Protocol  Channels are identified by channel numbers at both ends of the connection  Channel numbers for the same channel at the client and server sides may differ