Scribd
Upload
2 views9 pages

Lecture 6 - Secure Communications in Practice_Handouts

The document provides an overview of network communications, detailing the network stack and the role of TCP in ensuring reliable data transfer. It discusses the Sockets API for network programming and the integration of TLS for secure communications, highlighting its implementation at the application layer. Additionally, it addresses considerations for embedded systems and includes a tutorial and laboratory section focused on practical applications of TLS.

Uploaded by

pallavofficial101
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2 views9 pages

Lecture 6 - Secure Communications in Practice_Handouts

The document provides an overview of network communications, detailing the network stack and the role of TCP in ensuring reliable data transfer. It discusses the Sockets API for network programming and the integration of TLS for secure communications, highlighting its implementation at the application layer. Additionally, it addresses considerations for embedded systems and includes a tutorial and laboratory section focused on practical applications of TLS.

Uploaded by

pallavofficial101
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Secure Communications

in Practice

© 2024 Swinburne University of Technology 1

6.1 Overview of Network


Communications

© 2024 Swinburne University of Technology 2


Refresher
The Network Stack
Network Access Layer
• Implemented within the OS
• Drivers developed by hardware
manufacturers

Internet Layer
• Implemented within the OS
• Manages getting packets from
PC to PC

Transport Layer
• Implemented within the OS
• Manages getting data from
application to application

Application Layer
• Implemented by programmer
• Handles messaging
© 2024 Swinburne University of Technology 3

TCP – Transmission Control Protocol


Pipe Model – How does TCP appear to the application

TCP in practice:

• TCP code in OS manages handshake and establishing connection


• TCP code ensures retransmission of lost data and re-ordering
• Application receives data in exact order it was transmitted

Can model TCP as a pipe

Data enters pipe at one end – comes out the other end in the same
order with nothing missing
© 2024 Swinburne University of Technology 4
Open Standards
Sockets API – Interfacing with the OS

OS/Kernel Sockets Kernel API Sockets Application API


• The kernel hosts the • Formal interface allowing • Common library to
hardware drivers, and application layer to make access network
the IP and TCP Stack requests on the network functionality
• Manages the detail and functions within the • Manages connection
all actual kernel tracking and segregation
communications • Allows for data transfer • C only. Needs a wrapper
to protected (kernel) for other languages
layers
© 2024 Swinburne University of Technology 5

Network Programming
Basic Socket API Functions (establishment)
socket()
• Create a socket in OS and return a handle to
newly created socket
bind()
• Attach socket to nominated IP address and Port
number on host
listen()
• Tell the OS to start accepting connections on
this TCP socket

accept()
• Accept a pending connection on a TCP listening socket
• Call will block until there is a connection pending as complete by the OS
connect()
• Attempt to establish a connection to a remote application
close()
• Closes the socket so no more data can be sent/received
© 2024 Swinburne University of Technology 6
Network Programming
Basic Socket API Functions (data transfer)
send()
• Send data over connected socket
• Blocks if no buffer space left
sendto()
• For unconnected UDP sockets to send to nominated remote IP
address and Port number

recv()
• Retrieve data from connected socket
• Blocks if no data available within OS
recvfrom()
• For unconnected UDP sockets, retrieve UDP datagram AND
provide information on the remote IP address and port
number so you can send a reply

© 2024 Swinburne University of Technology 7

6.2 Fitting TLS/SSL into this


Model

© 2024 Swinburne University of Technology 8


TLS Support
How is TLS Support Implemented

• Like the Sockets API, TLS is implemented at


the application layer
• Provided as a single library – write once, use
often
• Library is a C library, like with Python
sockets, a wrapper library is used for other
languages

© 2024 Swinburne University of Technology 9

TLS Support
Programmer View
Library provides a modules that sits
between the application and the
Sockets API:
• Validates Certificates
• Establishes session
• Selects encryption algorithms and keys
• Encrypts data

Hiding the details


• This mechanism hides all the details from
the programmer
• Minimal changes to application

© 2024 Swinburne University of Technology 10


6.3 Embedded Systems

© 2024 Swinburne University of Technology 11

Embedded Systems
Network Programming from TNE20003
Not all embedded systems are
capable of supporting Python
In this case you may need to use the
C Sockets Library

Not all embedded systems run a full Operating System


If network support is available, it is typically a socket-like
library that you can call directly
Need to be more careful how you code as the OS is not
multi-tasking, you will need to ensure the library is called
often enough to check for network data

© 2024 Swinburne University of Technology 12


Embedded Systems
TLS Programming
Same issues:
• TLS Library required
• Need to consider speed/power of
CPU

Not an asynchronous model – if you do not regularly call functions you may lose data and/or lose
the TLS connection
Consider whether/where TLS is important
• Is your network secure?
• Are you running data comms and a local web server?
• Who may see the device?
• Where are transmissions reaching?

© 2024 Swinburne University of Technology 13

6.4 Tutorial and Laboratory

© 2024 Swinburne University of Technology 14


Week 6
Tutorial – TLS in Practice

Part 1: Questions relating to TLS usage in a practical context


• Please attempt prior to class
• Class discussion of correct answers
Part 2: An example and overview of the TLS functionality within Python
• Demonstration by tutor

© 2024 Swinburne University of Technology 15

Week 6
Lab – Securing a Web Server

In this lab, you will complete the following objectives:


• Convert an existing HTTP web site to support HTTPS (encrypted communications)
• Create a self-signed certificate
• Modify an existing HTTP web site to use that certificate
• Verify secure communications via web-browser

© 2024 Swinburne University of Technology 16

You might also like