intro to tcpip data communication
Post on 03-Jun-2018
220 Views
Preview:
TRANSCRIPT
-
8/13/2019 Intro to Tcpip data communication
1/13
Network Security
Introduction
Although the term e-commerce is fairly new, many large companies have been conducting a form of
e-commerce for decades, by networking systems together with those of their business partners and
clients. For example the banking industry uses Electronic Funds Transfer EFT! to transfer money
between accounts. "any companies also use Electronic #ata $nterchange E#$! in which business
forms , such as purchase orders and invoices are standardised so that companies can share information
with customers, vendors and business partners electronically. EFT, E#$ and e-mail have been around
for a long time. The $nternet has made it possible for even small businesses to compete because until
recently e-commerce was only feasible for large companies.
The infrastructure for e-commerce is networked computing, which is emerging as the standard
computing environment in business, home and government. %etworked computing connects several
computers and other electronic devices using telecommunications networks. This allows users to
access information stored in several places and to communicate and collaborate with others from a
desktop computer. &omputers connected to a global environment the $nternet! or its counterpart
within an organisation is called an intranet. An intranet is a corporate network that functions with$nternet technologies, such as browsers, using $nternet protocols. Another computer environment is an
extranet ' a network that links the intranets of business partners over the $nternet.
Brief History of Electronic CommerceE-commerce applications first appeared in the early ()*+s with EFT. imited to large corporations
and financial institutions. Then came E#$, which expanded from financial transactions to other
transaction processing, and enabled manufacturers, retailers and services to participate. ther
applications soon followed ' travel reservation systems, AT"s ()/+s!. 0ith commercialisation of
the $nternet in the early ())+s and its rapid growth millions of potential customers!, the term
electronic commerce was coined and E& applications expanded rapidly. ne reason for this rapid
expansion was the development of networks, protocols and software.
Definition
The term commerce is often defined as a transaction conducted between business partners. Electronic
commerce is the process of buying and selling or exchanging products, services and information via
computer networks, including the $nternet.
1ome statistics
/23 of 41 e-businesses do not deliver internationally. 5roblems include6- order tracking7
customs7 different prices need to be charged for deliveries overseas.
)83 of online revenue comes from their own national market
only 93 of E4 countries export outside Europe
within Europe 9+3 of foreign competition comes from the 41
Applications of e-commerce are divided into three categories6-
(. :uying and selling goods and services ' often referred to as electronic markets
9. Facilitating inter- and intra-organisation flow of information, communication and collaboration.
8. 5roviding customer service.
What is E-Commence?Electronic Markets
A market is a network of interactions and relationships where information, products, services andpayments are exchanged. 0hen a marketplace is electronic, the business centre is not a physical
building, but rather a network-based location where business interactions occur. $t is place where
-
8/13/2019 Intro to Tcpip data communication
2/13
shoppers and sellers meet. The market handles all the necessary transactions, including the transfer of
money between banks. $n electronic markets, the principle participants ' transaction handlers, buyers,
brokers and sellers are not only at different locations, but seldom know one another. The means of
interconnection varies.
y!es of ransactions found
:usiness to business :9:! ' most E& is of this type. $ncludes $1 and electronic market
transactions.
:usiness to consumer :9&! ' mainly retailing transactions with individual shoppers ' e.g.
Ama;on.com
&onsumer to consumer &9&! ' consumer sells directly to consumers ' e.g. classified ads, selling
cars or property etc www.classified9+++.com!. This also includes e-auctions.
&onsumer to business &9:! ' individuals who sell products or services to organisations.
%onbusiness E& ' nonbusiness organisations include academic institutions, charities, religious
organisations, government agencies etc are using E& to reduce their expenses e.g. improve
purchasing or customer services!
$ntrabusiness organisational! E& ' includes internal organisational activities, usually performed
on intranets that involve exchange of goods, services or information.
Interor"anisational Information Systems
An interorganisational information system is a unified systems encompassing several business
partners. Typically it will include a company and its suppliers and
-
8/13/2019 Intro to Tcpip data communication
3/13
The problems of communicating between different computers can be split up into a series of smaller
problems, hence there is a need to define the interfaces between layers. The aim is to use manufacturer
independent specifications so that components from a range of suppliers can be mixed and matched
freely. This allows greater range of choice when extending an installation. $t also avoids organisations
becoming locked into the product range of one manufacturer.
1$ "odel
Each layer adds its own header, before passing it down to the layer below.
Interfaces Between #ayers
The passing of data and network information down through the layers of the sending machine and
back up through the layers of the receiving machine is made possible by an interface between each
pair of ad=acent layers. Each interface defines what information and services a layer must provide for
the layer above. $t also defines the 5#4 protocol data unit! that is passed between layers. After
appending the header the upper layer passes the 5#4 to the layer immediately below.
0ell-defined interfaces and layer functions provide modularity to a network. As long as a layer
provides the expected services to the layer above it, the specific implementation of its functions can be
modified or replaced without re>uiring changes to the surrounding layers.
&ommunications between two different devices at the same level involves a logical peer-to-peer
relationship. Application messages are only sent to the other application layer, although the actual
route is through all the other layers. The higher layers are concerned with end-to-end communication.
$n a communication that involves a source node, an intermediate node and a destination node, all
?eaders added at each
layer
-
8/13/2019 Intro to Tcpip data communication
4/13
seven layers are used at the source and destination nodes. At the intermediate nodes only the bottom
three layers physicaluires handling these and other incompatibilities. $t also identifies the addresses
re>uired, for example if you want to access a package on a computer in &alifornia, or log onto the
000.
'resentation #ayer' ensures interoperability between communicating devices. @esolves differences
in formats among the various computers, terminals, databases and languages used in a network. Thefunctions of this layer make it possible for two computers to communicate even if their internal
representations of data differ e.g. when one device uses one type of code and the other uses another!.
$t provides code conversion as well as data formatting, data compression and encryption. &onverts
from the representation used inside the computer to the network standard representation and back.
This layer is not concerned with the informational content of the data.
Session #ayer ' establishes connections between users. 5rovides the means for co-operating
presentation entities to organise and synchronise their dialogue and manage their data exchange. ne
of the services is to handle dialogue control. $t co-ordinates the interaction between the end-user and
the application program. ?andles recovery from a communications problem without losing data, as
well as procedures needed to start and stop a task. For example a session may be created to transfer afile or allow a user to log onto a remote time-sharing service.
rans!ort #ayer- provides for the transfer of messages between users. This means that the users
need not be concerned with the manner in which reliable and cost-effective data transfers are achieved.
$solates the upper layers from changes in the hardware technology. $t provides for end-to-end integrity
and >uality of data.
Network #ayer' responsible for source to destination delivery of a packet. 0hile the data link layer
oversees node-to-node delivery, the network layer ensures that each packet gets from its point of
origin to its final destination successfully and efficiently. $t also breaks the messages from the higher
layers into packets, to pass to the data link layer, and reassembles the packets received from the datalink layer.
1witches and routes information between nodes on the network. $t is the highest layer involved in
point-to-point communications between ad=acent nodes. $t sets up routes for messages to travel, based
on the networks current status. @outes can be based on static tables that rarely change or they can be
highly dynamic, and reflect the current network load. The network layer sends control messages to the
other nodes on the network to maintain a knowledge of the status of the rest of the network. $t also
informs the network of its own status.
%etwork addresses are matched to the actual devices accessed by the end-users. $t also handles end-to-
end error detection and recovery. The transport layer creates a distinct network connection for each
transport connection re>uired by the session layer. The most popular type of transport connection is an
error-free point-to-point channel that delivers messages in the order in which they are sent. $t is a true
-
8/13/2019 Intro to Tcpip data communication
5/13
end-to-end layer, from source to destination. $n the lower layers the protocols are between each
machine and its immediate neighbours. The source and destination may be separated by many routers.
Data #ink #ayer- The unit of transport here is a frame and the function is to control the manipulation
of data frames. $t handles addressing of outgoing frames "A& address! and the decoding of incoming
frames. arge packets received from the %etwork ayer are broken into a number of frames and sent
out. 5roduces acknowledgement frames that tell the sender that it has arrived correctly.
5rovides error control and detection for data which has been corrupted. %oise on a line can destroy a
packet completely. Also deals with errors resulting from lost frames, duplication or loss of se>uencing.
&ontrols the rate of flow of data frames between nodes. 1tops a fast transmitter from drowning a slow
receiver, called flow control. A header and a trailer is added to each frame sent, which includes the
physical address of the destination node, called addressing.
Access control is re>uired when two or more devices are connected to the same link. The data link
layer protocol is used to determine which device has control over the line at any given moment.
'hysical #ayer ( co-ordinates the functions re>uired to transmit a bit stream over a physical medium.
#eals with the mechanical and electrical specifications of the connections, i.e. cables, connectors andsignalling options that physically link two nodes. $t is also the actual physical link between two
locations. &oncerned with transmitting raw bits over a communications channel - making sure that
when one side sends a ( bit, the other side receives a ( bit.
C')I'The $nternet is a collection of networks running the T&5uely identify a destination.
@outing ' the capacity to efficiently determine the path a particular packet is to traverse to reach
the destination.
The T&5
-
8/13/2019 Intro to Tcpip data communication
6/13
he rans!ort layer is responsible for providing services to the application layer as follows6-
(. &onnection-oriented or connectionless transport. For connection-oriented, once a connection is
established between two applications, the connection remains until one of the applications
terminates it. $n connectionless each packet contains the destination address.
9. @eliable or unreliable transport. $n reliable transport, the transport layer is responsible for ensuring
lost packets are retransmitted, i.e. guarantees reliable delivery. $n an unreliable connection, the
transport layer is not involved and it is up to the applications to handle packets lost or dropped by
the network.
8. 1ecurity. This is a relatively new service offered by the transport layer. 1ervices such as
authenticity, integrity and confidentiality are not widely supported, but will be in the future as part
of the protocol stack.
An application has to select the services it wants from the transport layer. 1ome combinations are not
allowed, e.g. connectionless and reliable transport are not available together. The protocols used here
are T&5 and 4#5.
T&5 Transmission &ontrol 5rotocol! provides the connection-oriented reliable data delivery service
with end-to-end error detection and correction. A logical end-to-end connection is established by
means of a three-way handshake, between the two endpoints. Also re>uires a three way handshake to
disconnect.
4#5 4ser #atagram 5rotocol! provides a low overhead, unreliable, connectionless datagram delivery
service. There is no error-correction, retransmission, or lost, duplicate or re-ordered packet detection
and error detection is optional.
Internet #ayer concerned with routing data from source to destination. 4ses the $nternet 5rotocol
$5!, which provides the basic packet delivery service on which T&5
-
8/13/2019 Intro to Tcpip data communication
7/13
C' In Detail
T&5 is connection oriented, which means it establishes an end-to-end connection between the two
communicating hosts. &ontrol information is exchanged between the two end points using a three-
way-handshake, to establish a dialogue before data is transmitted. After the data transfer, another
three-way handshake is re>uired to close the connection.
The data unit transmitted with a T&5 header! is called a segment. %ormally T&5 decides when a new
segment is transmitted. At the destination, the receiving T&5 buffers the data in a segment in a
memory buffer associated with the application and delivers it when the buffer is full. A segment may
consist of multiple user messages if short message units are being exchanged, or part of a single larger
message. The max. length of each segment is a function of T&5 which simply endeavours to ensure
that the total submitted octet stream associated with each direction is delivered to the other side in a
reliable way.
T&5 ?eader
The T&5 segment structure is shown above ' @ef Fig 8.9) from Gurose H @oss, p98(
1ource and destination ports - 9 octets each - indicate the end points of the logical connection
1e>uence number - I octets
?eader length field - I bits - number of 89-bit words used can change because of the options!
@eserved - for future use
&ode bits - J bits - set bits to indicate the validity of selected fields 4@K, A&G, 51?, @1T, 1L%,F$%!
0indow - sliding window flow control - number of octets relative to the current number that the
source is willing to accept relates to buffer space at destination!
&hecksum - verifies complete segment
4rgent pointer - indicates the amount of expedited data in the segment
ptions - max. number of octets in the user data field it is prepared to accept
4ser data - default max. is 28J - chosen on the assumption that 0A% will be in the route. $f a
A% only is used then a larger segment si;e can be used see ptions field!
C' Connection Esta*lishment
A connection starts in the &1E# state, and goes to either a passive open $1TE%! or an active
open &%%E&T!. $f a connection is established then both ends will become E1TA:$1?E#.
-
8/13/2019 Intro to Tcpip data communication
8/13
A client initiates a connection using the three-way handshake. A segment is sent with the Msynchronise
se>uence numbersM 1L%! bit set. This tells the receiving host that there is an incoming connection
and the se>uence number N! that will be used as the starting number of the segments. 1tarting
se>uence numbers are a random number between + and 989- ( and are used to maintain the data in the
correct order.
The receiver responds with a segment that has the AckN B (! and 1L% bits set and contains the
se>uence number L!, which is a different random number, that will be used by the destination host.
The sender acknowledges the receipt of the receivers segment AckL B (! and begins to transfer the
data.
C' Connection %elease
This can be initiated by either side, and both return to the &1E# state. This is caused by an
application executing a &1E primitive, which causes the local T&5 entity to send a T&5 segmentwith the F$% bit set and wait for an acknowledgement. 0hen the acknowledgement arrives a transition
is made to the F$% 0A$T 9 state and one direction of the connection is now closed. 0hen the other
side closes a F$% is also sent, which must be acknowledged. :oth sides are now closed, but T&5 waits
a time e>ual to the max. packet lifetime to guarantee that all packets from the connection have died
off. 0hen the timer expires T&5 deletes the connection record.
'ort &ddresses
A remote computer may be running several server programs at the same time. 1imilarly, a local
computer may have one or more client programs running. For a communication we must define6-
local host local $5 address!
local client program local port number!
remote host remote $5 address!
remote client program remote port number!
The local host and client are defined using $5 addresses. The client programs need an identifier called
a port number. $n T&5
-
8/13/2019 Intro to Tcpip data communication
9/13
98 Telnet Terminal %etwork
92 1"T5 e-mail
28 #%1 #omain %ame 1erver
/+ ?TT5 ?ypertext Transfer 5rotocol
II8 ?TT51 1ecure ?TT5
Internet #ayer$5 is the protocol that provides the basic packet delivery service on which T&5
-
8/13/2019 Intro to Tcpip data communication
10/13
Three bits - first is unused - second is #F dont fragment! - third is "F more fragments!
Fragment offset - where in the current datagram this fragment belongs. All fragments except the
last, must be a multiple of / bytes. 1ince (8 bits are provided there is a max of /()9 bytes per
datagram - giving a max datagram length of J2,28J bytes one more than the total length!
Time to live - counter used to limit packet lifetimes %o. of hops!
5rotocol field - tells $5 which transport process to give it to - e.g. T&5 ?eader checksum - verifies the header only
1ource and destination address - network number and host number
ptions - currently five defined security, strict source routing, loose source routing, record route,
timestamp!
I' &ddress Classes
riginally, the $5 address space was divided up into a few fixed-length address classes class A, class
: and class &!. :y examining the first few bits of an address, the class can easily be determined and
hence the structure of the address.
I' &ddresses
%outin"
To deliver data between any two $nternet hosts it is necessary to move the data across the network to
the correct host, and then within that host to the correct user or process. Kateways route data between
networks. Eventually the datagram finds its way to your local gateway.
4ser A 4ser :
Application Application
Transport Transport
%etwork %etwork %etwork %etwork
#atalink #atalink #atalink #atalink
5hysical 5hysical 5hysical 5hysical
Source node Intermediate node Destination node
1ource, $ntermediate and #estination nodes@ef6 &onverged %etwork Architectures - .&. $be
The $nternet ayer makes routing decisions based on the network portion of the address. This is done
-
8/13/2019 Intro to Tcpip data communication
11/13
by applying a network mask to the address. $f the destination network is the local network, then the
data is delivered to the local destination host. $f it is not local, the $5 module looks up the network in
the local routing table. All of the gateways that appear in the routing table are on networks directly
connected to the local system.
A host is typically connected to a router - the default router - which is the first hop in the path across
the network. The routing algorithm within a router will determine the next hop for a particular
source
-
8/13/2019 Intro to Tcpip data communication
12/13
&ddress %esolution
The $5 address and the routing table direct the datagram to a specific physical network, but when data
travels across the network, it must obey the physical layer protocols used by that network. An $5
address can not be used to transport T&5uest to translate an $5 address, it checks the table. $f the address
is found then it returns the "A& address. $f the address is not found then A@5 broadcasts a packet,
which contains the $5 address which needs a "A& address, to every host on the A%. A host will
identify the $5 address as its own and returns its "A& address. The response is then cached in the
A@5 table.
&omparison of 1$
and T&5
-
8/13/2019 Intro to Tcpip data communication
13/13
How does a com!uter send a re.uest to a We* ser+er on the other side of the world?
The user is located on a 5& connected to a A%, or a telephone line via a modem, while the web
server is located on the other side of the world on a completely different A%. 0hen the user clicks
on an icon or some text that points to a page located at a 4@ the steps that occur are as follows6-
(. The browser verifies that the 4@ typed by the user! is syntactically correct
9. :rowser makes a re>uest to the #%1 for the $5 address that corresponds to the 4@
8. #%1 replies with an $5 address or an error message
I. :rowser ?TT5 client! makes the T&5 connection to port /+ at the destination $5 address
2. The ?TT5 client sends a ?TT5 re>uest e.g. KET uest message via the socket associated with the connection,
retrieves the ?T" page, encapsulates it in a ?TT5 response message and sends the re>uestedfile index.html! via the socket
*. The ?TT5 server tells T&5 to close the T&5 connection T&5 does not close the connection
until it is sure that the client has received the message correctly!.
/. The ?TT5 client the browser! receives the response message and displays the page. T&5 now
terminates the connection.
). The browser then fetches and displays all the images in the ?T" page, by establishing a new
connection for each image ?TT5 (.+!
user
(! 9!
8!
I! 2! J!
J!
/! *!
)!
()8.J+.(98.*/
&lient
browser
running
on 5&
#%1
server
local
server
port
/+
0eb
server
$nternet
top related