2. What is network?
A computer network, often referred to as a network, is a
collection of hardware components interconnected by
communication channels that allow sharing of resources and
information concerning certain rules/protocols via OS/software.
Elements of Computer Network;
Hardware equipment's
Network OS/software
Communication channel
Information / Data / Recourse
Protocols
3. Computer networks allow users to access remote programs and
databases from the same organization, other enterprises, or public
sources.
Computer networks provide communication possibilities faster than
other facilities.
cost reduction by sharing hard- and software resources
high reliability by having multiple sources of supply
cost reduction by downsizing to microcomputer-based networks
instead of using mainframes
greater flexibility because of possibility to connect devices from
various vendors
Reasons for networks
4. Network architectures
Network architecture refers to the combination of network
topology, communication method, hardware components, and access
method used to construct a particular network.
guide the design and implementation of networks.
two of the most widely referenced architectures are—the
OSI(Open Systems Interconnection) architecture and the
Internet/TCP/IP architecture.
Network Criteria
A network must be able to meet a certain number of criteria. The most
important of these are performance, reliability, and security.
Performance
Performance can be measured in many ways, including transit and
response times.
Transit time is the time required for a message to travel from one
device to another.
5. Response time is the elapsed time between an inquiry and a response.
The performance of a network depends on a number of factors,
including
the number of users,
the type of transmission medium,
the capabilities of the connected hardware, and
the efficiency of the software.
Reliability
The frequency of failure measures network reliability, the time it takes a
link to recover from a failure, and the network's robustness in a
catastrophe.
Security
Network security issues include
protecting data from unauthorized access,
Protecting data from damage and development, and
implementing policies and procedures for recovery from breaches and data
losses.
6. Personal Area Network(PAN)
A Personal Area Network (PAN) is the smallest network which is very
personal to a user.
This may include Bluetooth-enabled devices or infrared-enabled devices.
PAN has a connectivity range of up to 10 meters.
PAN may include a wireless computer keyboard and mouse, Bluetooth-
enabled headphones, wireless printers, and TV remotes.
Categories of Networks
Primary categories of networks:-personal area networks, local-area
networks, Metropolitan area networks, and wide-area networks.
7. Local Area Network(LAN)
a network for single office, building, or campus
is usually privately owned
LAN size is limited to a few kilometers.
a LAN can be as simple as two PCs and a printer in someone's home office, or it can
extend throughout a company and include audio and video peripherals.
LANs are designed to allow resources to be shared between personal
computers or workstations.
The resources to be shared can include hardware (e.g., a printer),
software(e.g., an application program), or data.
Figure An isolated IAN connecting 12 computers to a hub in a closet
8. Metropolitan Area Networks(MAN)
Metropolitan Area Networks (MANs) are a type of computer network that
covers a larger geographic area than Local Area Networks (LANs), but smaller
than Wide Area Networks (WANs). MANs are typically used to interconnect
LANs within a city or a metropolitan region.
Metropolitan Area Networks bridge the gap between LANs and WANs, providing
high-speed data connectivity across a metropolitan region.
They are an essential infrastructure for cities and metropolitan areas, enabling
the interconnection of various organizations and facilitating the exchange of
information and resources.
9. Wide Area Network(WAN)
A network that connects two or more geographically distinct LANs or
MANs
such networks carry data over longer distances than LANs,
WANs require slightly different transmission methods and media
The largest and most varied WAN in the world is the Internet.
Figure a simple WAN
10. Internetwork
A network of networks is called internetwork, or
simply the internet.
The internet hugely connects all WANs and can
connect to LANs and Home networks.
Internet uses TCP/IP protocol suite and uses IP as its
addressing protocol
Present day, the Internet is widely implemented using
IPv4.
Because of a shortage of address spaces, it is
gradually migrating from IPv4 to IPv6.
11. The Internet enables its users to share and access an enormous
amount of information worldwide.
It uses WWW, FTP, email services, audio and video streaming, etc.
At a huge level, the internet works on a Client-Server model.
Internet uses a very high-speed backbone of fiber optics.
To interconnect various continents, fibers are laid under the sea
known to us as submarine communication cables.
Wireless Network
Wireless transmission is a form of unguided media.
Wireless communication involves no physical link established
between two or more devices, communicating wirelessly.
Wireless signals are spread over in the air and are received and
interpreted by appropriate antennas.
When an antenna is attached to the electrical circuit of a computer or wireless
device, it converts the digital data into wireless signals and spreads all over within
its frequency range.
The receptor on the other end receives these signals and converts them back to
digital data.
12. Network Topologies
The topology defines how the devices (computers, printers..etc.)
are connected and how the data flows from one device to another.
is the physical layout, or pattern, of the nodes on a network.
Before you design a network, you need to understand physical
topologies
because they are
integral to the type of network (for example, Ethernet),
cabling infrastructure, and transmission media you use.
You must also understand a network’s physical topology to
troubleshoot its problems or change its infrastructure.
13. There are two conventions when representing the topologies
The physical topology defines how the devices are physically
wired.
The logical topology defines how the data flows from one
device to another.
Topologies are broadly categorized into i) Bus ii ) Ring iii)
Star iv) Mesh
14. Mesh Topology :
In a mesh topology, every device has a dedicated point-to-point link to
every other device.
The term dedicated means that the link carries traffic only between the
two devices it connects.
A mesh offers several advantages over other network topologies.
The use of dedicated links
guarantees that each connection can carry its data load, thus
eliminating the traffic problems when multiple devices share
links.
A mesh topology is robust.
If one link becomes unusable, it does not incapacitate the
entire system
privacy or security
When every message travels along a dedicated line, only the
intended recipient sees it.
15. point-to-point links make fault identification and fault
isolation easy.
Disadvantages of a mesh
installation and reconnection are difficult.
The bulk of the wiring
the hardware required to connect each link (I/O ports and
cable) can be prohibitively expensive.
16. Star Topology
In a star topology, each device has a dedicated point-to-point link only
to a central controller, usually called a hub.
The devices are not directly linked to one another
a star topology does not allow direct traffic between devices.
The controller acts as an exchange: If one device wants to send data
to another, it sends the data to the controller, which then relays the
data to the other connected device.
In a star, each device needs only one link and one I/O port to connect
it to any number of others.
Star topologies are usually built with twisted pair or fiber-optic
cabling.
Single-star networks are commonly interconnected with other
networks through switches or routers to form more complex
topologies.
17. Most Ethernet networks are based on the star topology.
Advantages
because each node is separately connected to a central connectivity
device, they are more fault tolerant.
A single malfunctioning workstation cannot disable an entire star
network.
star topologies can easily be moved, isolated,
or interconnected with other networks; they are, therefore,
scalable.
The disadvantage of a star topology is the dependency of the whole
topology on one single point, the hub.
Figure star topology
18. Bus topology
A bus topology consists of a single cable, called the bus, that connects
all nodes on a network without intervening connectivity devices.
all devices are connected to the transmission medium as the backbone.
A bus topology can support only one channel for communication; as a
result, every node shares the bus’s total capacity.
Most bus networks—for example, Thinnet and Thicknet—use coaxial
cable as their physical medium.
In bus topology when one node wants to transmit data to another node,
it broadcasts an alert to the entire network, informing all nodes that a
transmission is being sent; the destination node then picks up the
transmission.
Nodes other than the sending and receiving nodes ignore the message.
At the ends of each bus network are 50-ohm resistors known as
terminators. Terminators stop signals after they have reached the end
of the wire.
19. Advantages of a bus topology
Easy to install
uses less cabling
Disadvantages of bus topology
difficulties in reconnection and fault isolation
difficult to add new devices.
Fig:- Bus topology
20. Ring Topology :
In a ring topology, each node is connected to the two nearest
nodes so that the entire network forms a circle.
Data is transmitted clockwise, in one direction (unidirectionally),
around the ring from device to device, until it reaches its
destination.
Each workstation acts as a repeater for the transmission.
When a device receives a signal intended for another device, its
repeater regenerates the bits and passes them along.
21. Advantages
relatively easy to install and configure - adding or deleting a
device requires changing only two connections
fault isolation is simplified (if one device does not receive a
signal within a specified period, it can issue an alarm)
Disadvantages
a break in the ring (such as a disabled station) can disable the
entire network
22. Network hardware and software
Network Hardware: all equipment/devices that may used on the
network and facilitate for resource sharing and data connectivity
like; router, switch, hub, bridge, repeater, NIC(network interface
card), gateway, etc.
NIC(network interface card)
NICs (network interface cards, also called network adapters or
network cards) are connectivity
devices that enable a workstation, server, printer, or other
node to receive and transmit data over the network media.
Nearly all NICs contain a data transceiver,
the device that transmits and receives data signals.
NICs belong to both the Physical layer and Data Link layer of the
OSI model because
they issue data signals to a wire or into the atmosphere and
assemble or disassemble data frames.
23. PCI (Peripheral Component Interconnect)NIC
Fig: A Card Bus NIC
USB NIC
wireless NIC
They also interpret physical addressing information to ensure data is
delivered to its proper destination
24. Repeaters
Repeaters are the simplest type of connectivity devices that
regenerate a digital signal.
Repeaters operate in the Physical layer of the OSI model and,
therefore, have no means to interpret the data they retransmit.
For example, they cannot improve or correct a bad or erroneous
signal; they merely repeat it. In this sense, they are not
“intelligent” devices.
Since they cannot read higher-layer information in the data
frames, repeaters cannot direct data to their destination.
Instead, repeaters simply regenerate a signal over an entire
segment. It is up to the receiver to recognize and accept its
data.
repeater contains one input port and one output port, so it is
capable only of receiving and repeating a single data stream.
repeaters are suited only to bus topology networks
26. The advantage of using a repeater is that it allows you to extend a network inexpensively.
However, because of repeaters’ limitations and the decreasing costs of other connectivity
devices, repeaters are rarely used on modern networks.
Hubs
is a repeater with more than one output port.
A hub typically contains multiple data ports into which the patch cables for network nodes are
connected.
Like repeaters, hubs operate at the Physical layer of the OSI model. A hub accepts signals from a
transmitting node and repeats those signals to all other connected nodes in a broadcast fashion.
Most hubs also contain one port, called an uplink port, that allows the hub to connect to another
hub or other connectivity device.
On Ethernet networks, hubs can serve as the central connection point for branches of a star or
star-based hybrid topology.
hubs can connect print servers, switches, file servers, or other devices to a network.
27. Types of hubs
They vary according to the type of media and data transmission
speeds they support.
Some hubs allow for multiple media connector types or multiple
data transmission speeds.
passive hubs
simplest type of hubs
do nothing but repeat signals.
Intelligent hubs.
possess internal processing capabilities.
they may permit remote management, filter data, or provide
diagnostic information about the network.
are also called managed hubs, because they can be managed
from anywhere on the network.
28. Stand-alone hubs
as their name implies, are hubs that serve a group of computers that are isolated
from the rest of the network or that form their own small network.
They can be passive or intelligent, and they are simple to install and connect for a
small group of users.
Stand-alone hubs may also be called workgroup hubs.
Bridges
are devices that connect two network segments by analyzing incoming frames and
making decisions about where to direct them based on each frame’s MAC address.
They operate at the Data Link layer of the OSI model.
Bridges look like repeaters, in that they have a single input and a single output
port.
They differ from repeaters in that they can interpret physical addressing
information.
29. Decision-making in bridges
If the destination device is on the same segment as the frame, the bridge blocks
the frame from going on to other segments. This process is known as filtering.
If the destination device is on a different segment, the bridge forwards the
frame to the appropriate segment.
If the destination address is unknown to the bridge, the bridge forwards the
frame to all segments except the one on which it was received. This process is
known as flooding.
** Bridge can use routing tables to reduce the traffic on the network by
controlling which packets get forwarded to other segments. This controlling of
the flow of network traffic is known as “segmenting network traffic**
31. Switches
are connectivity devices that subdivide a network into smaller logical
pieces, or segments.
Traditional switches operate at the Data Link layer of the OSI
model, while more modern switches can operate at Layer 3 or even
Layer 4.
switches interpret MAC address information.
24-port switch
high-capacity switch
32. Most switches have at least an internal processor, an operating system,
memory, and several ports that enable other nodes to connect to it.
The switch offers more direct network connection b/n the source and
destination computers
One characteristic of the switch is “ a switch doesn’t have a
switch(ON/OFF)
It can also seen as an intelligent hub- where as a hub pass all data to every
port while switch will pass data on to the port that it is intended for(to the
destination computer only)
It filter packets
It focuses on destination address not on a source address to forward data
The switch read destination address before forwarding data
Send a packet directly from the source computer to the destination
computer
As packet arrives at the switch it looks at the MAC address of the
destination device in the header
33. Routers
A router is a multiport connectivity device that directs data between
nodes on a network.
Routers can integrate LANs and WANs running at different
transmission speeds and using a variety of protocols.
when a router receives an incoming packet, it reads the packet’s logical
addressing information.
Based on this, it determines to which network the packet must be
delivered.
Then, it determines the shortest path to that network.
Finally, it forwards the packet to the next hop in that path.
Routers operate at the Network layer (Layer 3) of the OSI model.
A typical router has an internal processor, an operating system, memory,
input, and output jacks for different types of network connectors
(depending on the network type), and, usually, a management console
interface.
34. Router Characteristics and Functions
A router’s strength lies in its intelligence.
they can also determine the shortest, fastest path between two
nodes. For this reason, and because they can connect dissimilar
network types, routers are powerful, indispensable devices on large
LANs and WANs.
The Internet, for example, relies on a multitude of routers across
the world.
A router is a very flexible device. Although any one can be
specialized for a variety of tasks, all routers can do the following:
35. ……Router continued
Connect dissimilar networks.
Interpret Layer 3 addressing and other information (such as
quality of service indicators).
• Determine the best path for data to follow from point A to
point B.
• Reroute traffic if a primary path is down but another path is
available.
36. Gateway
Any device that translates one data format to another is called a
gateway.
Some examples of gateways include a router that translates
data from one network protocol to another, a bridge that
converts between two networking systems, and a software
application that converts between two dissimilar formats
The key point about a gateway is that only the data format is
translated, not the data itself. In many cases, the gateway
functionality is incorporated into another device.
Gateways can reside on servers, microcomputers, connectivity
devices (such as routers), or mainframes.
37. Popular types of gateways
E-mail gateway:-translates messages from one type of e-mail system
to another.
Internet gateway—A gateway that allows and manages access
between LANs and the Internet.
LAN gateway—A gateway that allows segments of a LAN running
different protocols or different network models to communicate with
each other
Continued gateway…….
38. Network Software
Specialize software / OS which may establish logical connectivity,
authentication, and management of the network, commonly built-in
with the operating system.
NOS (network operating system) enables a server to share
resource switch clients.
NOSs also facilitate other services, such as communications,
security, and user management.
NOS must do the following:
Centrally manage network resources, such as programs, data, and
devices (for example, printers).
Secure access to a network.
Allow remote users to connect to a network.
39. Allow users to connect to other networks (for example, the
Internet).
Back up data and make sure it’s always available.
Allow for simple additions of clients and resources.
Monitor the status and functionality of network elements
Distribute programs and software updates to clients.
Ensure efficient use of a server’s capabilities.
Provide fault tolerance in case of a hardware or software problem.
Windows Server 2022
Windows Server 2022 is the latest version of Microsoft’s NOS,
released in February 2022.
Windows-based NOSs are known for their intuitive graphical user
interface, multitasking capabilities, and compatibility with a huge
array of applications.
40. A GUI (graphical user interface; pronounced “gooey”) is a pictorial
representation of computer functions that, in the case of NOSs, enables
administrators to manage files, users, groups, security, printers, and so on.
Windows-based NOSs are popular because they address most of a
network administrator’s needs very well.
General benefits of the Windows Server 2022 NOSs
Support for multiple processors, multitasking, and symmetric
multiprocessing
A comprehensive system for organizing and managing network objects,
called Active Directory
Simple centralized management of multiple clients, resources, and services
Centralized management of all server functions through a single interface
known as the Server Manager.
41. Multiple, integrated Web development and delivery services that
incorporate a high degree of security and an easy-to-use
administrator interface
Support for modern protocols and security standards
Excellent integration with other NOSs and support for many different
client operating systems
UNIX and Linux
UNIX is one of the most popular NOSs. All of these operating systems
enable servers to provide resource sharing, but UNIX differs in
fundamental ways from Windows.
Researchers at AT&T Bell Laboratories developed UNIX in 1969; thus, it
is much older than Windows.
In fact, UNIX preceded and led to the development of the TCP/IP
protocol suite in the early 1970s.
Today, most Internet servers run Linux.
42. UNIX operating system shares the following features
The ability to support multiple, simultaneously logged-on users
The ability to coordinate multiple, simultaneously running tasks (or
programs)
The ability to mount—or to make available—disk partitions upon
demand
The ability to apply permissions for file and directory access and
modification
A uniform method of issuing data to or receiving data from hardware
devices, files, and running programs
The ability to start a program without interfering with a currently
running program
Hundreds of subsystems, including dozens of programming languages
Source code portability, or the ability to extract code from one UNIX
system and use it on another
44. Network Protocols
a protocol is a set of rules that governs data communications
a protocol defines what is communicated, how it is communicated,
and when it is communicated
For instance, for one computer to send a message to another
computer, the first computer must perform the following general
steps
break the data into small sections called packets
add addressing information to the packets identifying the source
and destination computers
deliver the data to the network interface card for transmission
over the network
The receiving computer must perform the same steps but in reverse
order
accept the data from the NIC
remove transmitting information that was added by the
transmitting computer
reassemble the packets of data into the original message
45. The key elements of a protocol are syntax, semantics, and
timing
syntax: refers to the structure or format of the data
semantics: refers to the meaning of each section of bits
timing: refers to when data should be sent and how fast
they can be sent
functions of protocols
Each device must perform the same steps the same way so that the
data will arrive and reassemble properly; if one device uses a
protocol with different steps, the two devices will not be able to
communicate with each other.
46. The following are categories of functions that form the basis of protocols
encapsulation
segmentation and reassembly
connection control
addressing
multiplexing
transmission services
1. Encapsulation
the inclusion of control information in data is called encapsulation.
Each frame contains not only data but also control information
such control information falls into three categories: address
(sender/receiver), error-detecting code, and protocol control
(information about protocol functions)
47. 2. Segmentation (by the sender also called fragmentation) and reassembly
(by the receiver)
a block of data for transmission is of some bounded size
at the application level, we refer to a logical unit of data transfer as a
message
lower level protocols may need to break the data up into blocks of
some bounded size
this process is called segmentation
Reasons for segmentation:
the communication network may only accept blocks of data up to
a certain size
error control may be more efficient with a smaller frame size;
fewer bits need to be retransmitted when a frame gets corrupted
facilitates more equitable access to shared transmission facilities
(for example, without maximum block size, one station could
monopolize a multipoint medium)
48. 3. Connection control
two types of protocols (services)
connectionless service
the packets are sent from one party to another with no need
for connection establishment or connection release
the packets are not numbered, they may be delayed, lost, or
arrive out of sequence; there is no acknowledgment either
UDP (User Datagram Protocol), one of the transport layer
protocols, is connectionless
connection-oriented service
in connection-oriented data transfer, a logical association or
connection is established between the communicating
computers (devices)
long sustained session
orderly and timely delivery of packets, e.g., FTP
TCP (Transport Control Protocol) is connection-oriented
49. 4. addressing
a unique address is associated with each end-system in a
configuration (e.g. workstation, server) and each intermediate system
(e.g. router)
an example is an IP address in a TCP/IP connection, but addressing
spans more layers: data link, network, transport
5. multiplexing
occurs when multiple connections share a single connection (multiple
access)
6. transmission services
a variety of additional services can be provided
priority: messages such as control messages may need to get through
to the destination station with minimum delay
security: security mechanisms, restricting access, may be invoked
50. Popular protocols
SSH: Secure Shell
FTP: File Transfer Protocol
commonly used application. It is the Internet standard for file
transfer.
SMTP: Simple Mail Transfer Protocol
Telnet: Telephone Network
HTTP: Hyper Text Transfer Protocol
Hypertext is structured text that uses logical links (
hyperlinks) between nodes containing text. HTTP is the
protocol to exchange or transfer hypertext.
51. HTTPs: Secure Hyper Text Transfer Protocol
is a protocol for secure communication over a
computer network which is widely used on the Internet.
HTTPS consists of communication over
Hypertext Transfer Protocol (HTTP) within a connection
encrypted by
Transport Layer Security or its predecessor, Secure Sockets L
ayer
. The main motivation for HTTPS is authenticate of the
visited website and to protect the privacy and integrity of
the exchanged data.
NTP: Network time protocol
PPP: Point-to-Point Protocol
NNTP: Network News Transfer Protocol
IMAP: Internet Message Access Protocol
Bitcoin Protocol: Protocol to transfer value on the web
53. Hierarchy
there are three different activities at the sender side and
another three at the receiver’s side
the tasks must be done in the order given in the hierarchy
Layers and Services
within a single machine, each layer uses the services
immediately below it and provides services for the layer
immediately above it
between machines, layer x on one machine communicates with
layer x on another machine
Two important network models or architectures
The ISO OSI (Open Systems Interconnection) Reference Model
The TCP/IP Reference Model
54. The OSI Reference Model
consists of 7 layers
was never fully implemented as a protocol stack, but a
good theoretical model
Open – to connect open systems or systems that are open
for communication with other systems
55. 1. Physical Layer
responsible for transmitting individual bits from one node to the next
design issues:
mechanical: the size and shape of the network connector, how
many pins the network connector has, and what each pin is used
for
electrical: how many volts represent a 1 and how many a 0
timing: how many nanoseconds a bit lasts
whether communication is one way or in both directions
simultaneously
56. 2. Data Link Layer
makes the line appear free of undetected transmission errors to the network
layer (flow and error control)
this layer was not required if the underlying transmission media were error-
free
how?
the sender breaks the input data into data frames and transmits them
sequentially (numbering them) by adding error-detecting codes
the receiver confirms correct receipt by sending back an acknowledgment
frame
Data Link Layer Responsibilities
• Framing: The data link layer divides the stream of bits received from the network
layer into manageable data units called frames.
• Physical addressing: If frames are to be distributed to different systems on the
network, the data link layer adds a header to the frame to define the sender and/or
receiver of the frame.
57. If the frame is intended for a system outside the sender‘s network, the
receiver address is the address of the device that connects the network
to the next one.
Flow control: If the rate at which the data are absorbed by the
receiver is less than the rate at which data are produced in the sender,
the data link layer imposes a flow control mechanism to avoid
overwhelming (overpowering) the receiver.
Error control: The data link layer adds reliability to the physical layer
by adding mechanisms to detect and retransmit damaged or lost
frames.
It also uses a mechanism to recognize duplicate frames.
Error control is normally achieved through a trailer added to the
end of the frame.
59. decides how packets are routed from source to destination – three
mechanisms
based on static tables,
can be determined at the start of each conversation,
can be highly dynamic by deciding a new route for each packet
control congestion
TCP/IP defines an official packet format and protocol called IP for
delivering IP packets and routing
not essential for LANs
permits hosts to inject packets into any network and have them
travel independently to their destination - possibly on a different
network
3.Network Layer (or Internet Layer)
60. allows heterogeneous networks to communicate - addressing,
packet size, protocol differences
arrival order of packets may not be respected - let higher
layers do the rearrangement if need be
When source and destination are in different networks, the
network layer must deal with these differences.
Whereas the data link layer oversees the delivery of the
packet between two systems on the same network, the
network layer ensures that each packet gets from its point
of origin to its final destination in different networks.
If two systems are connected to the same local network,
there is usually no need for a network layer.
61. The network layer is responsible for the delivery of individual packets from the source
host to the destination host.
62. Other responsibilities of the network layer include the following:
Logical addressing:- The physical addressing implemented by the data
link layer handles the addressing problem locally.
If a packet passes the network boundary, we need another addressing
system to help distinguish the source and destination systems.
The network layer adds a header to the packet coming from the
upper layer that, among other things, includes the logical addresses
of the sender and receiver.
Routing:- When independent networks or links are connected to create
internetworks (network of networks) or a large network, the
connecting devices (called routers or switches) route or switch the
packets to their final destination.
One of the functions of the network layer is to provide this
mechanism.
63. 4. Transport Layer
accepts data from above, splits it up into smaller units if need be,
passes them to the network layer, and ensures that the pieces all
arrive correctly at the other end
allows peer entities on the source and destination machines to
hold conversations
in the case of the OSI model, determines the types of services to
provide to the session layer
deliver messages in the order they were sent or without
guarantee of the order of delivery
broadcasting messages to multiple destinations
64. In the TCP/IP model, two end-to-end transport protocols have been
defined
i. TCP - Transmission Control Protocol
a reliable connection-oriented protocol that allows a byte
stream to be delivered without error
handles flow control to make sure that a fast sender does not
swamp a slow receiver
ii.UDP - User Datagram Protocol
an unreliable, connectionless protocol
for applications
that do not want TCP’s sequencing or flow control and
wish to provide their own
where prompt delivery is more important than accurate
delivery, e.g., audio and video
65. 5. Session Layer (OSI model)
allows users to establish sessions between them
services include
dialog control - keeping track of whose turn it is to transmit
token management - preventing two parties from attempting the
same critical operation at the same time
synchronization - check to point long transmissions to allow them
to continue from where they were after a crash
provides access rights, billing functions, etc.
6. Presentation Layer (OSI model)
concerned with the syntax and semantics of the information
transmitted
different data structures can be defined abstractly so that
computers with different data representations can communicate
providers character code conversion, data encryptions, data
compression
66. 7. Application Layer
contains all the higher level protocols that are commonly
needed by users; examples are
HTTP (Hypertext Transfer Protocol) - for fetching pages on
the WWW
TELNET - virtual terminal, to log on to a remote machine
FTP - file transfer protocol
SMTP - e-mail
DNS - for mapping host names onto their network addresses
67. Summary
Application (7): Network services to applications
Presentation (6): Data presentation to applications
Session (5): Managing sessions between applications
Transport (4): End-to-end connection and reliability
Network (3): Managing connections across the network
Data Link (2): Reliable data delivery across the link
Physical (1): Physical characteristics of the media
Host (upper) Layers
Media (lower) Layers
69. Topics to be discussed
LAN topologies (bus, ring, star)
LAN technologies (Ethernet, token Ring, Gigabit Ethernet)
Large networks and wide areas
Chapter Objectives
To briefly discuss the technology of dominant wired LANs, Ethernet,
including traditional, fast, gigabit, and ten-gigabit Ethernet.
To identify topologies of LAN technologies such as bus star and ring
To differentiate LAN technologies like Ethernet, token Ring, Gigabit
Ethernet
To understand WANS and their technologies
70. Local and wide area networks
A local area network (LAN) is a computer network that is designed for a
limited geographic area such as a building or a campus.
Although a LAN can be used as an isolated network to connect computers in an
organization for the sole purpose of sharing resources, most LANs today are
also linked to a wide area network (WAN) or the Internet.
A LAN can range from simple (two computers connected by a cable) to
complex (hundreds of connected computers and peripherals throughout a major
corporation).
The LAN market has seen several technologies such as Ethernet, token ring,
token bus, FDDI, and ATM LAN. Some of these technologies survived for a
while, but Ethernet is by far the dominant technology.
71. LAN topologies (bus, ring, star)
The term topology, or more specifically, network topology, refers to
the arrangement or physical layout of computers, cables, and other
components on the network. "Topology" is the standard term that
most network professionals use when they refer to the network's basic
design.
Four basic topologies that are used to construct LANs;
72. Bus Topology
A network that uses a bus topology usually consists of a single cable to which
computers are attached. Any computer attached to a bus can send a signal down
the cable, and all computers receive the signal.
Because all computers are attached directly to the cable, any computer can send
data to any other computer.
Of course, the computers attached to a bus network must coordinate to ensure that
only one computer sends a signal at any time
Computers on a bus topology network communicate by addressing data to a
particular computer and sending out that data on the cable as electronic signals.
73. To understand how computers communicate on a bus, you need to be
familiar with three concepts:
Sending the signal
Signal bounce
Terminator
Sending the signal
When sending a signal from one computer on the network to another,
data in the form of electronic signals is sent to all the computers on the
network.
However, only the computer whose address matches the address
encoded in the original signal accepts the information. All other
computers reject the data.
Because only one computer at a time can send data on a bus network,
the number of computers attached to the bus will affect network
performance.
74. Computers on a bus either transmit data to other computers on the network or
listen for data from other computers on the network.
They are not responsible for moving data from one computer to the next.
Consequently, if one computer fails, it does not affect the rest of the network.
Signal bounce
Because the data, or electronic signal, is sent to the entire network, it travels
from one end of the cable to the other. If the signal is allowed to continue
uninterrupted, it will keep bouncing back and forth along the cable and prevent
other computers from sending signals. Therefore, the signal must be stopped
after it has had a chance to reach the proper destination address.
Terminator
To stop the signal from bouncing, a component called a terminator is placed at
each end of the cable to absorb free signals. Absorbing the signal clears the
cable so that other computers can send data.
75. Network Expansion
As the physical size of the site grows, the network will need to grow as well.
Cable in the bus topology can be extended by one of the two following
methods:
A component called a barrel connector can connect two pieces of cable
together to make a longer piece of cable.
However, connectors weaken the signal and should be used sparingly.
One continuous cable is preferable to connecting several smaller ones with
connectors. Using too many connectors can prevent the signal from being
correctly received.
A device called a repeater can be used to connect two cables.
A repeater actually boosts the signal before it sends the signal on its way.
A repeater is better than a connector or a longer piece of cable because it
allows a signal to travel farther and still be correctly received
76. Star topology
In the star topology, cable segments from each computer are
connected to a centralised component called a hub.
Signals are transmitted from the sending computer through the
hub to all computers on the network.
77. Because each computer is connected to a central point, this topology
requires a great deal of cable in a large network installation.
Also, if the central point fails, the entire network goes down.
If one computer - or the cable that connects it to the hub - fails on a
star network, only the failed computer will not be able to send or
receive network data. The rest of the network continues to function
normally.
It has become very popular in contrast to the bus type, because of the
cost and the ease of troubleshooting.
.
78. Ring Topology
A network that uses a ring topology arranges for computers to be
connected in a closed loop — a cable connects the first computer to a
second computer, another cable
connects the second computer to a third, and so on, until a cable
connects the final computer back to the first.
The signals travel around the loop in one direction and pass through
each computer, which acts as a repeater to boost the signal and send it
to the next computer.
On a larger scale, multiple LANs can be connected to each other in a
ring topology by using Thicknet coaxial or Fiber-optic cable
Some technologies that use a ring topology require a computer to
connect to a small device that forms the ring.
79. The advantage of using a separate device lies in the ability of the ring to
continue operation even if some of the computers are disconnected.
The name ring arises because one can imagine the computers and the
cables connecting them arranged in a circle .
Instead, they run along hallways or rise vertically from one floor of a
building to another.
80. Token Passing
One method of transmitting data around a ring is called token
passing. (A token is a special series of bits that travels around a
token-ring network. Each network has only one token.)
The token is passed from computer to computer until it gets to a
computer that has data to send.
The sending computer modifies the token, puts an electronic
address on the data, and sends it around the ring.
The data passes by each computer until it finds the one with an
address that matches the address on the data.
The receiving computer returns a message to the sending
computer indicating that the data has been received.
After verification, the sending computer creates a new token and
releases it on the network. The token circulates within the ring
until a workstation needs it to send data.
81. Ethernet
UNDERSTANDING NETWORK ARCHITECTURE
Access Methods
The set of rules that defines how a computer puts data onto the network
cable and takes data from the cable is called an access method.
Once data is moving on the network, access methods help to regulate the
flow of network traffic.
Access methods need to be consistent in the way they handle data. If
different computers were to use different access methods, the network
would fail because some methods would dominate the cable.
LAN technologies (Ethernet, token Ring, Gigabit
Ethernet
82. Access methods prevent computers from gaining simultaneous
access to the cable.
By making sure that only one computer at a time can put data on
the network cable, access methods ensure that the sending and
receiving of network data is an orderly process.
Major Access Methods
The four methods designed to prevent simultaneous use of the
network media include:
Carrier-sense multiple access methods with collision detection
Carrier-sense multiple access methods with collision avoidance
Token-passing methods that allow only a single opportunity to send
data.
Demand-priority methods.
83. Carrier-Sense Multiple Access with Collision Detection (CSMA/CD)
Access Method
Using the method known as carrier-sense multiple access with collision
detection (CSMA/CD), each computer on the network, including clients
and servers, checks the cable for network traffic.
Only when a computer "senses" that the cable is free and that there is
no traffic on the cable can it send data.
Once the computer has transmitted data on the cable, no other
computer can transmit data until the original data has reached its
destination and the cable is free again.
Remember, if two or more computers happen to send data at exactly
the same time, there will be a data collision.
When that happens, the two computers involved stop transmitting for a
random period of time and then attempt to retransmit.
84. Each computer determines its own waiting period; this reduces the
chance that the computers will once again transmit simultaneously.
With these points in mind, the name of the access method—carrier-
sense multiple access with collision detection (CSMA/CD)—makes
sense.
Computers listen to or "sense" the cable (carrier-sense). Commonly,
many computers on the network attempt to transmit data (multiple
access); each one first listens to detect any possible collisions.
If a computer detects a possible collision, it waits for a random period
of time before retransmitting (collision detection).
.
85. Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)
Access
Carrier-sense multiple access with collision avoidance (CSMA/CA) is
the least popular of the major access methods.
In CSMA/CA, each computer signals its intent to transmit before it
actually transmits data.
In this way, computers sense when a collision might occur; this allows
them to avoid transmission collisions.
Unfortunately, broadcasting the intent to transmit data increases the
amount of traffic on the cable and slows down network performance
Token-Passing Access Method
In the access method known as token passing, a special type of
packet, called a token, circulates around a cable ring from computer to
computer.
86. When any computer on the ring needs to send data across the
network, it must wait for a free token.
When a free token is detected, the computer will take control of it
if the computer has data to send.
The computer can then transmit data. Data is transmitted in frames,
and additional information, such as addressing, is attached to the
frame in the form of headers and trailers.
Figure Token-passing access method
87. Demand Priority Access Method
In a demand-priority network, there is communication only between the
sending computer, the hub, and the destination computer.
This is more efficient than CSMA/CD, which broadcasts transmissions
to the entire network.
In demand priority, each hub knows only about the end nodes and
repeaters directly connected to it, whereas in a CSMA/CD environment,
each hub knows the address of every node in the network.
Demand priority offers several advantages over CSMA/CD
including:
The use of four pairs of wires. By using four pairs of wires, computers
can transmit and receive at the same time.
Transmissions through the hub. Transmissions are not broadcast to all
the other computers on the network. The computers do not contend on
their own for access to the cable, but operate under the centralized
control of the hub.
88. LAN Technologies (Ethernet, token
ring, Gigabit Ethernet)
LAN Technology Options
Ethernet
Fast Ethernet
Gigabit Ethernet
10 Gig Ethernet
89. Ethernet
Ethernet is a network technology originally developed by Xerox in the
1970s
Ethernet is, by far, the most popular network technology used on
modern LANs.
All Ethernet networks have at least one thing in common—their
access method, which is known as CSMA/CD.
CSMA/CD (Carrier Sense Multiple Access with Collision Detection) a
network’s access method is its method of controlling how network
nodes access the communications channel.
The institute of Electrical and Electronics Engineers (IEEE) a
professional standards organization defined the new standards for
Ethernet in Mid 1980s.
The first two of these standards were 802.3 which deal with physical
layer functions as well as part of data link layer.
90. 802.2 which deals with higher level data link layer functions.
Ethernet operation
Ethernet is a LAN technology operates the data link layer.
Ethernet implementation
IEEE splits the data link layer into two components Media access
control (MAC) and Logical Link Control(LLC).
The top part of the data link layer is (LLC) and its function is
performed at the software
The bottom part of the data link layer is (MAC) and its function is
performed at the hardware.
IEEE standard for LANs
91. Frame Format
The packet sent in an Ethernet LAN is called a frame.
The Ethernet frame contains seven fields: preamble, SFD, DA, SA,
length or type of data unit, upper-layer data, and the CRC.
Ethernet does not provide any mechanism for acknowledging received
frames, making it what is known as an unreliable medium.
Acknowledgments must be implemented at the higher layers.
92. Preamble. The first field of the 802.3 frame contains 7 bytes (56 bits) of
alternating 0s and 1s that alerts the receiving system to the coming frame
and enables it to synchronize its input timing.
The pattern provides only an alert and a timing pulse.
The 56-bit pattern allows the stations to miss some bits at the
beginning of the frame.
The preamble is actually added at the physical layer and is not
(formally)part of the frame.
Start frame delimiter (SFD).
The second field (1 byte: 10101011) signals the beginning of the
frame.
The SFD warns the station or stations that this is the last chance for
synchronization.
The last 2 bits are 11 and alert the receiver that the next field is the
destination address.
The SFD is also added at the physical layer.
93. Destination address (DA).
The DA field is 6 bytes and contains the physical address of the
destination station or stations to receive the packet.
Source address (SA).
The SA field is also 6 bytes and contains the physical address of the
sender of the packet.
Length or type.
This field is defined as a type field or length field.
The original Ethernet used this field as the type field to define the upper-
layer protocol using the MAC frame.
The IEEE standard used it as the length field to define the number of
bytes in the data field. Both uses are common today(IP, UDP, etc).
Data. This field carries data encapsulated from the upper-layer protocols.
It is a minimum of 46 and a maximum of 1500 bytes.
What is it that you are trying to send (text, JEPG, MP3, etc)
94. Type of Ethernet
Ethernet has several different variations, each of which uses
different cable types, topologies, and distance limitations.
The different types are:
10 Base-5 (Thick Ethernet)
10 Base-2 (Thin Ethernet)
10 Base-T (UTP Ethernet)
10 Base-FL
100 Base-T
100 Base-F
Gigabit Ethernet
10-Gigabit Ethernet
CRC. The last field contains error detection information, in this case
a CRC-32bit.
95. 10 Base-5 -- Thick Ethernet
Thick Ethernet, officially known as 10 Base-5
10 Base-5 is laid out in a bus topology, with a single coaxial cable
connecting all nodes together.
At each end of the coaxial cable there is a terminator.
Each node on the network physically connects to the coaxial cable through a
device called a transceiver and an AUI cable is connected between the
node and the transceiver connected to the Ethernet cable and handled
carrier detection, conversion of bits into appropriate voltages for
transmission, and conversion of incoming signals to bits.
A single 10 Base-5 segment may be up to 500 meters length
The length of the network can be extended by the use of repeaters
97. 10 Base-2 – Thin Ethernet
Thin Ethernet, officially known as 10 Base-2. Sometimes also known
as Thinnet or Cheapnet.
It uses a lighter and thinner coaxial cable and dispenses with the
external transceivers used with 10 Base-5.
10 Base-2 uses an RG-58A/U coaxial cable and is wired in a bus
topology.
Each device on the network is connected to the bus through a BNC
"T" adapter, and each end of the bus must have a 50 Ohm
terminator attached.
Each node on the bus must be separated by a minimum of 0.5
meters apart, and
the overall length of the bus must be less than 185 meters.
98. 10 Base-2 network is connected in a simple daisy chained format
with inexpensive coax cable and "T“ adapters.
There are usually no hubs, transceivers, or other devices used.
It was quite popular because its low cost and easy
implementation.
10 Base-T – Unshielded Twisted Pair
10 Base-T utilizes Category 3 (or higher) Unshielded Twisted Pair
(UTP) cable in a star topology.
Each node on the network has its own cable run back to a common
hub, and each of these cable runs may be up to 100 meters
99. 10 Base-T uses two pairs of wires: one pair for transmission and
the second pair for receive.
The physical connector used is an 8 position modular plug,
commonly referred to as an RJ-45.
10 Base-F
10 Base-F is basically a version of Ethernet which runs over fiber optic
cable. In physical topology, it is very similar to 10 Base-T
10 Base-F runs over 62.5/125 micron multimode fiber optic cable.
It supports distances up to 2000 meters
10 Base-F is wired in a star topology with all of the fiber optic runs
originating from a central hub.
It is also acceptable to connect a pair of 10 Base-F devices directly together
with a point to point link.
10 Base-FL is very useful for use in interconnecting buildings in a
campus environment where distances could be very long.
100. ETHERNET STANDARDS
10Base2 10Base5 10BaseT
Topology Bus Bus Star bus
Cable type Thinnet coaxial Thicknet coaxial
UTP
(Cat. 3 or higher)
Simplex/half/full
duplex
Half duplex Half duplex Half duplex
Data encoding
Manchester,
asynchronous
Manchester,
asynchronous
Manchester,
asynchronous
Connector BNC DIX or AUI RJ45
Max. segment length 185 metres 500 metres 100 metres
101. Fast Ethernet
100 Mbps bandwidth
Uses same CSMA/CD media access protocol and packet format
as in Ethernet.
100BaseTX (UTP) and 100BaseFX (Fiber) standards
Physical media :-
100 BaseTX - UTP Cat 5e
100 BaseFX - Multimode / Singlemode Fiber
Full Duplex/Half Duplex operations.
102. FAST ETHERNET STANDARDS
100BaseT4 100BaseTX 100BaseFX
Topology Star Bus Star Bus Star Bus
Cable type
UTP
(Cat. 3 or higher)
UTP
(Cat. 5 or higher)
Fibre-optic
Connector RJ45 RJ45
SC, ST or FDDI
MIC
Max. segment length 100 metres 100 metres 2000m
Communication type Half duplex Full duplex Full duplex
103. Gigabit Ethernet
1 Gbps bandwidth.
Uses same CSMA/CD media access protocol as in Ethernet and is
backward compatible (10/100/100 modules are available).
1000BaseT (UTP), 1000BaseSX (Multimode Fiber) and
1000BaseLX (Multimode/Single mode Fiber) standards.
Maximum Segment Length
1000 Base T - 100m (Cat 5e/6)
1000 Base SX - 275 m (Multimode Fiber)
1000 Base LX - 512 m (Multimode Fiber)
1000 Base LX - 20 Km (Single mode Fiber)
1000 Base LH - 80 Km (Single mode Fiber)
104. GIGABIT ETHERNET STANDARDS
1000BaseT 1000BaseCX
1000BaseSX 1000BaseLX
Topology Star Bus Star Bus Star Bus Star Bus
Cable type
UTP
(Cat. 5 or
higher)
Twinax
(shielded
copper wire)
Fibre-optic Fibre-optic
Connector RJ45 HSSC SC SC
Max. segment length 100m 25m 275m 316-550m
Communication type Full duplex Full duplex Full duplex Full duplex
105. Token Rings
A token ring network consists of a set of nodes connected in a ring
Data always flows in a particular direction around the ring, with
each node receiving frames from its upstream neighbor and then
forwarding them to its downstream neighbor.
the ring is viewed as a single shared medium; it does not behave
as a collection of independent point-to-point links that just happen
to be configured in a loop.
token, which is sequence of bits, circulates around the ring; each
node receives and then forwards the token.
When a node that has a frame to transmit sees the token, it takes
the token off the ring (i.e., it does not forward the special bit
pattern) and instead inserts its frame into the ring.
106. WAN is a network that connects two or more geographically distinct
LANs.
WAN technologies generally function at the lower three layers of the OSI
reference model: the physical layer, the data link layer, and the network
layer.
Similarities to LANs
Interconnect computers.
Use some form of media for the interconnection.
Support network applications.
Differences to LANs
Include both data networks, such as the Internet, and voice networks,
like telephone systems.
Interconnect more workstations, so that any one workstation can
transfer data to any other workstation.
Cover large geographic distances.
Wide Area networks
107. A node is a device that allows one or more stations to access the physical
network and is a transfer point for passing information through a
network.A node is often a computer, a router, or a telephone switch.
Types of WAN Network
A switched network consists of a series of interlinked nodes, called
switches. Switches are devices capable of creating temporary
connections between two or more devices linked to the switch. In a
switched network, some of these nodes are connected to the end
systems (computers or telephones, for example). Others are used only
for routing.
A network categorized by the way it transfers information from one
node to another as
Circuit switched network
Packet switched network
108. 1. Circuit switched network - a network in which a dedicated circuit is
established between sender and receiver and all data passes over this
circuit. The connection is dedicated until one party or another
terminates the connection.The telephone system is a common example.
2. Packet switched network - a network in which all data messages are
transmitted using fixed-sized packages, called packets (datagram and
virtual-switched network).
Packet-switched networks can further be divided into two
subcategories-virtual-circuit networks and datagram networks
A virtual-circuit network is a cross between a circuit-switched
network and a datagram network. It has some characteristics of both.
109. WAN Hardware Devices
Router - An electronic device that connects a local area network (LAN) to a
wide area network (WAN) and handles the task of routing messages between
the two networks. Operates at layer 3, and makes decisions using IP addresses.
Switch (layer 3 switch) - A switch is a network device that selects a path or
circuit for sending a unit of data to its next destination. Operates at layer 2 (and
3), and uses MAC addresses/IP Addresses to send data to correct destination.
(LAN switches are not this type)
Modem - Short for modulator/demodulator, a modem enables a computer to
communicate with other computers over telephone lines. Operates at layer 1,
where signals are converted from digital to analogue and vice versa for
transmission and receiving.
110. WAN Technology Options
Dial-up
Leased Line
ISDN
DSL
X.25 technology
Frame relay and virtual circuit
ATMTechnology
Cable Modem
Microwave Point-to-Point Link
VSAT
111. Dial-up
Uses POTS (Plain OldTelephone System)
Provides a low cost need based access.
Bandwidth 33.6 /56 Kbps.
On the Customer End: Modem is connected to aTelephone Line
On the Service Provider End: Remote Access Server (RAS) is connected
to Telephone Lines (33.6 Kbps connectivity) or E1/R2 Line (56 Kbps
connectivity)
RAS provide dial in connectivity, authentication and metering.
Achievable bandwidth depends on the line quality.
114. X.25 is an analog, packet-switched technology designed for long-distance
data transmission and standardized by the International
Telecommunications Union (ITU) in the mid-1970s.
The original standard for X.25 specified a maximum of 64-Kbps
throughput,
The X.25 standard specifies protocols at the Physical, Data Link, and
Network layers of the OSI model.
It provides excellent flow control and ensures data reliability over long
distances by verifying the transmission at every node
X.25
115. Frame Relay
Frame Relay, was designed to accept and deliver blocks of data, where
each block can contain up to 8 octets of data.
The name is derived from the fact that data is separated into frames,
which are then relayed from one node to another without any verification
or processing.
operate at the Data Link layer of the OSI model and can support multiple
different Network andTransport layer protocols.
Frame Relay running at speeds between 4 and 100 Mbps (the speed of
LANs when Frame Relay was created).
116. ISDN (Integrated Service Digital Network)
Another alternative to using analog telephones lines to establish a
connection is ISDN.
It is a set of communications standards for simultaneous digital
transmission of voice, video, data, and other network services over the
traditional circuits of the public switched telephone network.
Speed is one advantage ISDN has over telephone line connections.
ISDN network is a switched digital network consisting of ISDN
Switches.
ISDN user accesses network through a set of standard interfaces
provided by ISDN User Interfaces.
118. Web technologies:
Server-side programs;
Socket programs;
Server sockets;
Client sockets;
multithreading concepts;
119. Introduction
The client–server model of computing is a distributed application structure that
partitions tasks or workloads between the providers of a resource or service, called
servers, and service requesters, called clients.
Client/server communication is a programmatic relationship in which one program
(the client) requests a service or resource from another program (the server).
In this case, the client establishes a connection to the server over a local area network
(LAN) or wide-area network (WAN), such as the Internet.“Client/Server
Computing” can be defined in many ways.
Client/server computing is a software engineering technique often used within
distributed computing that allows two independent processes to exchange information,
through a dedicated connection, following an established protocol.
Once the server has fulfilled the client's request, the connection is terminated.Your
Web browser is a client program that requests a service from a server.
120. Server: The Server is responsible for serving the web pages depending
on the client/end user requirement. It can be either static or dynamic.
Client: A client is a party that requests pages from the server and
displays them to the end user. In general a client program can be a web
browser which requests and displays result for users.
Server-side programs
Server-side programming is the general name for the kind of program that runs
directly on the server; or we can say that server-side programming must deal
with dynamic content. It runs on the server.
Most web pages are not static since they deal with searching databases.
121. Server-side programs use for the following applications:
It processes the user input
Displays the requested pages
Structure web applications
Interaction with servers/storages
Interaction with databases
Querying the database
Encoding of data into HTML
122. Operations over databases like delete, update.
There are several languages which can be used for server-side
programming: server side programs can be written using either of the
following languages like:
• PHP
• ASP.NET (C# ORVisual Basic)
• C++
• Java and JSP
• Python
• Ruby on Rails and so on.
123. Client-side Programming
Similarly to server-side programming, client-side programming is also the name
of the entire program that runs on the client.
Or we can say that client-side programming mostly deals with the user interface
with which the user interacts in the web.
It is mostly a browser, in the user's machine, that runs the code and is mainly
done in any scripting language like JavaScript (or we can use Flash instead of
JavaScript orVNScript).
124. Client-side programs use for the following applications
Makes interactive web pages
Make stuffs work dynamically
Interact with temporary storage
Works as an interface between user and server
Sends requests to the server
Retrieval of data from Server
Interact with local storage
Provides remote access for client server program
125.
Client-side programming development Languages There are
many client-side scripting languages too.
JavaScript
VBScript
HTML (Structure)
CSS (Designing)
AJAX
jQuery etc.
126. A program that creates a listening socket is sometimes said to be a server,
and the socket is called a server socket .
A program that connects to a server is called a client , and the socket that
it uses to make a connection is called a client socket .
The idea is that the server is out there somewhere on the network,
waiting for a connection request from some client.The server can be
thought of as offering some kind of service, and the client gets access to
that service by connecting to the server.This is called the client/server
model of network communication
When a client connects to a server’s listening socket, that socket does not
stop listening. Instead, it continues listening for additional client
connections at the same time that the first client is being serviced.To do
this, it is necessary to use threads.
127. On the other side server program is a program that accepts a
connection request from the URL object, reads a request from that object
for some particular file on the server computer, and responds by
transmitting the contents of that file over the network back to the URL
object.
After transmitting the data, the server closes the connection.A client
program has to have some way to specify which computer, among all those
on the network, it wants to communicate with.
Every computer on the Internet has an IP address which identifies it
uniquely among all the computers on the network. Many computers can
also be referred to by domain names such as www.bhu.edu.gov.et
128. To implementTCP/IP connections, the communication package provides two major
communication classes, ServerSocket and Socket.
A ServerSocket represents a listening socket that waits for connection requests
from clients.A Socket represents one endpoint of an actual network connection.
A Socket can be a client socket that sends a connection request to a server. Socket is
combination of IP address & port number.
socket is where client “plugs in” to server, creating connection for flow of information
and it also provide facilities for creating I/O streams. But a Socket can also be created
by a server to handle a connection request from a client.This allows the server to create
multiple sockets and handle multiple connections.
129. A Server Socket does not participate in connections; it just listens for
connection requests and creates Sockets to handle the connections.
When a Server Socket is created, it starts listening for connection
requests.The accept() method in the Server Socket class accepts such a
request, establishes a connection with the client, and returns a Socket that
can be used for communication with the client.
130. Client socket VS. server socket set up
Client
– Create a Socket
– Determine server address and port number
– Connect to server
–Write/read data to connected socket
– Close connection by closing the socket
Server
– Create a socket
–Wait for connection from client
– Accept incoming client connection
– Read/write data to connected socket
– Close connection by closing the socket
131. Introduction to multi-threading
The ability of an operating system to execute different parts of a program,
called threads,simultaneously.
The programmer must carefully design the program in such a way that all
the threads can run at the same time without interfering with each other.
This is the method of client/server communication in which the server can
serve more than one client at a time or simultaneously.
Multi-threading includes the following concepts:
132. Program units that execute independently; multiple threads run
“simultaneously”
Virtual machine executes each thread for short time slice
Thread scheduler activates/deactivates threads
delusion of threads running in parallel
Multiprocessor computers: threads actually do run in parallel
134. Topics on this chapter
Fundamentals of secure networks; cryptography
Encryption and privacy
Authentication protocols
Firewalls
135. WHAT IS SECURITY?
Security is defined as “the quality or state of being secure—to be free
from danger.”
Is defined as the protection afforded to an automated information system
in order to attain the applicable objectives of preserving the integrity,
availability and confidentiality of information system resources (includes
hardware, software, firmware, information/data, and
telecommunications)
Security is often achieved by means of several strategies usually
undertaken simultaneously or used in combination with one another.
Network security, which addresses the protection of an organization’s
data, networking devices, connections, and contents, and the ability to use
that network to accomplish the organization’s data communication
functions
136. Information security includes the broad areas of information security management,
computer and data security, and network security.
Security Goals
Confidentiality
Concealment of information or resources
Integrity
Trustworthiness of data or resources
Availability
Ability to use information or resources
137. Confidentiality. Only the sender and intended receiver should be able to understand
the contents of the transmitted message.
Need for keeping information secret arises from use of computers in sensitive fields
such as government and industry
Access mechanisms, such as cryptography, support confidentiality
Example: encrypting income tax return
Integrity
protection against unauthorized modification or destruction of information;
Often requires preventing unauthorized changes Includes data integrity (content)
and origin integrity (source of data also called authentication)
Information needs to be changed constantly. In a bank, when a customer deposits or
withdraws money, the balance of her account needs to be changed.
Integrity means that changes need to be done only by authorized entities and through
authorized mechanisms.
Integrity violation is not necessarily the result of a malicious act; an interruption in the
system, such as a power surge, may also create unwanted changes in some information.
138. Availability
The third component of information security is availability. The
information created and stored by an organization needs to be available
to authorized entities.
Information is useless if it is not available. Information needs to be
constantly changed, which means it must be accessible to authorized
entities.
The unavailability of information is just as harmful for an organization as
the lack of confidentiality or integrity.
Imagine what would happen to a bank if the customers could not access
their accounts for transactions.
Attacks
Our three goals of security confidentiality, integrity, and availability can be
threatened by security attacks.
Although the literature uses different approaches to categorizing the attacks,
we divide them into three groups related to the security goals.
140. AttacksThreatening Confidentiality
In general, two types of attacks threaten the confidentiality of
information: snooping and traffic analysis.
Snooping
Snooping refers to unauthorized access to or interception of data. To
prevent snooping, the data can be made nonintelligible to the interceptor
by using encryption techniques.
Traffic Analysis Although encipherment of data may make it nonintelligible for the
interceptor, she/he can obtain some other type information by monitoring online
traffic.
AttacksThreatening Integrity
The integrity of data can be threatened by several kinds of attacks: modification,
masquerading,replaying, and repudiation.
141. Modification
After intercepting or accessing information, the attacker modifies the
information to make it beneficial to herself. Note that sometimes the attacker simply deletes or
delays the message to harm the system or to benefit from it.
Masquerading
Masquerading, or spoofing, happens when the attacker impersonates
somebody else. For example, an attacker might steal the bank card and PIN of a bank
customer and pretend that she is that customer. Sometimes the attacker pretends to be
the receiver entity. For example, a user tries to contact a bank, but another site pretends
that it is the bank and obtains some information from the user.
Replaying
Replaying is another attack.The attacker obtains a copy of a message sent
by a user and later tries to replay it. For example, a person sends a request to her bank
to ask for payment to the attacker, who has done a job for her.The attacker intercepts
the message and sends it again to receive another payment from the bank.
142. Repudiation
This type of attack is different from others because it is performed by one of the two
parties in the communication:
the sender or the receiver.
The sender of the message might later deny that she/he has sent the message; the
receiver of the message might later deny that he has received the message.
An example of denial by the sender would be a bank customer asking her bank to send
some money to a third party but later denying that she has made such a request..
143. AttacksThreatening Availability
We mention only one attack threatening availability: denial of service.
Denial of Service
Denial of service (DoS) is a very common attack. It may slow down or totally
interrupt the service of a system.
The attacker can use several strategies to achieve this. She might send so many bogus
requests to a server that the server crashes because of the heavy load.
The attacker might intercept and delete a server’s response to a client, making the
client believe that the server is not responding.
The attacker may also intercept requests from the clients, causing the clients to send
requests many times and overload the system.
144. Cryptography :
Cryptography, a word with Greek origins, means "secret writing."
However, we use the term to refer to the science and art of transforming messages to
make them secure and immune to attacks.
Plaintext and Cipher text
The original message, before being transformed, is called plaintext.
After the message is transformed, it is called cipher text.
An encryption algorithm transforms the plaintext into cipher text;
A decryption algorithm transforms the cipher text back into plaintext.
The sender uses an encryption algorithm, and the receiver uses a decryption
algorithm.
Cipher
We refer to encryption and decryption algorithms as ciphers. The term cipher is
also used to refer to different categories of algorithms in cryptography.
145. Categories of cryptography
We can divide all the cryptography algorithms (ciphers) into two groups:
Symmetric key (also called secret-key) cryptography algorithms
Asymmetric key (also called public-key) cryptography algorithms.
Symmetric-key cryptography
In symmetric-key cryptography, the same key is used by both parties.
The sender uses this key and an encryption algorithm to encrypt data; the
receiver uses the same key and the corresponding decryption algorithm to
decrypt the data.
146. The key is shared
Asymmetric-key cryptography
In asymmetric or public-key cryptography, there are two keys: a private
key and a public key.The private key is kept by the receiver.The public
key is announced to the public.
In Figure, imagine Alice wants to send a message to Bob.Alice uses the
public key to encrypt the message.When the message is received by Bob,
the private key is used to decrypt the message
147. In public-key encryption/decryption,
the public key that is used for encryption is different from the
private key that is used for decryption.
The public key is available to the public;' the private key is available only
to an individual.
148. we are dealing with three types of keys in cryptography:
the secret key,the public key,and the private key.
The first, the secret key, is the shared key used in symmetric-key
cryptography.
The second and the third are the public and private keys used in
asymmetric-key cryptography
Keys used in cryptography
149. Authentication
Authentication is the process of validating the identity of someone or something.
Authentication requires the presentation of credentials or items of value to really
prove the claim of who you are.
The process of verifying the identity of a user or computer
Questions:Who are you? How you prove it?
Authentication provides a way of identifying users, typically by having them
enter a valid password before granting access .
The process of identifying user based on username and password
authentication controls access by requiring valid user credentials.
150. Authentication credentials include :-
A user name and
password
Digital certificates
Token(visa cards)
There are three types of authentication method
1.Authenticating user by what he has
This may be any form of issued or acquired self identification such as: SecurID, Crypto
Card,Active card, SafeWord, badges and many other forms of cards and tags.
2. Authenticating user by what he is (unique characteristics)
This being a naturally acquired physical characteristic such as voice, fingerprint, iris
pattern and other biometrics.
3.Authenticating user based on what a user knows
This may be something you mentally possess.This could be a password, user ID,
PINs a secret word known by the user and the authenticator.
151. Firewall
A network device hardware, software, or a combination that determines
what traffic should be allowed or denied to pass in or out of network.
It comes either software host based or network hardware based.
A firewall is a device that filters all traffic between inside a network and
outside network.
Is a tool that provides a filter of both incoming and outgoing packets.
152. Most firewall perform two security functions
Packet filtering based on accept or deny policy that is itself based on
rules of security policy.This policies vary ranging from completely
disallowing some traffic to allowing some of the traffic .
Application proxy gateways that provide services to the inside users and
at the same time protect each individual host from the “bad” outside
users.
Packet-Filter Firewall
A firewall can be used as a packet filter. It can forward or block packets
based on the information in the network layer and transport layer
headers:
source and destination IP addresses, source and destination port
addresses, and type of protocol (TCP or UDP).
A packet-filter firewall is a router that uses a filtering table to decide
which packets must be discarded (not forwarded).
153. Proxy gateway
All incoming traffic is directed to firewall, all outgoing traffic appears to
come from firewall
Application-level: separate proxy for each application
Different proxies for SMTP (email), HTTP, FTP, etc.
Filtering rules are application-specific
Circuit-level: application-independent,“transparent”
Only generic IP traffic filtering (example: SOCKS)
