Professional Documents
Culture Documents
Application layer Transport layer Network layer Link layer Physical layer
Application Layer
The goal today: Conception and implementation of application protocols
Transport layer service model Client-server paradigm
Client-Server Paradigm
A typical network application consists of two parts: Client Starts contact to Server demands services Examples: Email Reader, Web Browser Server Provides services to the client Example: Mail Server delivers emails to the client , a Web Server sends requested web pages
request
reply
application transport network data link physical
Communicating Processes
Process sends and receives protocol messages from its socket Socket layer is an interface between application layer and transport layer (ISO/OSI) Is also called API (Application Programming Interface): Transport protocol can be chosen Parameter of transport protocol can be set like buffer size
Controlled by OS
Internet
Client
Server
7
Process Addressing
Address consists of two parts: Name or IP-address of the destination (unique identifier) Process identifier to specify the destination process Allocation of Ports
Examples: HTTP server: Mail server: 80 25
Example:
http://www.tu-dresden.de resolves to 141.30.61.152:80
Web page consists of Objects like: HTML file, JPEG image, Java applet, audio file, Web page contains a basic HTML-file, which references other objects Every object is addressed by an URI (Uniform Resource Identifier) : Example URL (Uniform Resource Locator): URL: http://www.whatis.com/bluelaser.htm
File Address Service (ftp, etc)
= string identifying a resource = URI + description of primary access mechanism = Uniform Resource Name, URI identifying a resource by name in a particular namespace (e.g. ISBN ID)
htt p
t es u eq e Web-Server r p ns t o t p h es r p htt
10
GET /somedir/page.html HTTP/1.0 Host: somehost.com User-agent: Mozilla/4.0 header Accept: text/html, image/gif,image/jpeg lines Accept-language:de (extra carriage return, line feed)
11
header
HTTP/1.0 200 OK Date: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 ... Content-Length: 6821 Content-Type: text/html data data data data data ...
HTTP: stateless protocol (but cookies) Server sends cookie to client as a response message Set-cookie: 1678453 Client sends/uses cookie in following requests cookie: 1678453 Server compares sent cookies with serversided cookies Authentification User actions
server
Set-cookie: #
usual http request msg
cookie: #
cookie: #
usual http response msg
13
HTM L
SV G
L M T H c i m a n y D
VRML
XML
SOAP XHTML
I D D U
TCP
/IP
I RM
S CS
HTTP
XML-RPC
14
Web-Development
XML
gy o l o /IP n h CP c T e T
H T ML
Presentation Programmability
FTPConnectivity , E-m
W eb Page s
Web Serv i ce s
Web programming
15
16
17
User
HTTP
CGIscript
18
User
Web server
19
Web Services
What are web services: Standards for Interfaces between applications and content services in the Internet New: a web service may request another, using its functions, like system intern modules Based on new standards of the W3C: XML (data description), SOAP (data transfer), WDSL (Web Service Description Language), UDDI (Universal Description, Discovery and Integration; central register) Why web services: interaction of application much more easier Changing of client-server to peer-to-peer web application Examples: Authentification: e.g. Microsoft Passport. E-Government (web forms) Online shops
20
Service Requestor: Request central UDDI directory service (Broker) for service needed Receives document in WSDL format, containing address and statement instruction of service Service request to Provider. Service Broker: Provides service (& descriptions). Service Provider: Provides availability of service with help of a registry provides E-Business service
Service Provider
Find (WSDL)
21
FTP FTP user client interface user at host local file system
file transfer
Transfers data from/to destination host Client/Server model: Client requests transfer Server (destination host) ftp: RFC 959 ftp server: port 21
22
FTP Client
FTP Server
FTP statements are transmitted over control connection in ASCII: USER username: Identification for server PASS password: Sends Password to server LIST: request Server to send file list of an actual directory RETR filename: (retrieve) get Data STOR filename: (store) put Data
23
24
25
http://www.ietf.org/rfc/rfc1034.txt http://www.ietf.org/rfc/rfc1035.txt
26
root org net ucb cse www edu ogi ece com uk bu de mit
gwu
27
28
Authoritative DNS servers: organizations DNS servers, providing authoritative hostname to IP mappings for organizations servers (e.g., Web and mail).
Can be maintained by organization or service provider
29
30
root NS 2 3 4 7 local NS 1
intermediate NS dns.umass.edu
Has not to know authoritative NS But knows intermediate name server: who has to be contacted for resolving the address? Fault-tolerance: several Root NS
Example:
dns.eurecom.fr
surf.eurecom.fr requests connection to gaia.cs.umass.edu Contact locale DNS Server locale DNS contacts root NS Root contacts authoritative NS (or NS of higher level)
surf.eurecom.fr gaia.cs.umass.edu
31
Request
authoritative NS dns.cs.umass.edu
32
33
DNS Critics
DNS is very important, therefore also a good target for a attacker. Cache Poisoning Uses UDP for requests (RFC 2136: UDP and TCP) because of smaller overhead -> faster Trustiness TCP Has only one validation field: 16bit ID-field Very easy Spoofing RRs are not protected in zone files
34
Easy Conceptions: Publik key encryption based Every DNS-Zone has a pair of cryptographic keys (private/public) DNS server sends information signed with the private key of its zone. DNSsec-services: Verificated source of data Trusted distribution of public keys Requests and transmissions are authenticated New RR Entries: KEY: public key SIG: Signature for RR entry
35
Summary
First insight in network applications Client-Server paradigm Specific protocols: HTTP, FTP, TELNET, DNS Complexity at the network edge! Security is a major issue with traditional services and protocols Coming next: Content Distribution and P2P networks
36