Session Layer

The session layer is Layer 5 layer from the bottom in the OSI model. The job of the
session layer is to control and maintain connections between systems to share data. It
establishes, maintains, and ends sessions across all channels. In case of a network error,
it checks the authenticity and provides recovery options for active sessions. It manages
sessions and synchronizes data flow.

Basically, this layer regulates when computers can send data and how much data they
can send. Essentially it coordinates communication between devices.

Functions of the Session Layer:

o Session Establishment: The session layer establishes connections between
devices which is known as sessions. The session which is created allows users to
share data, remote access, and file management. When the session is released,
the transport connection is mapped. The ways in which transport connection
maps are one-to-many, one-to-one, and many-to-one.
o Data Transfer: It is the very basic function of the session layer, which handles
the exchange of data between systems in a full-duplex or half-duplex mode of
 transmission. The session layer allows only one user to transmit data in half-
duplex as well as exchange data in full-duplex mode.
o Dialog Management: The session layer keeps log data on which connections
are established to transmit and receive data, which is called dialog
management. It is accountable for establishing, synchronizing, preserving, and
ending the conversation between the sender and the receiver. It uses a token
mechanism in which the user sharing the data is given a token in case of half
duplex mode and, after the exchange, transfers it to another device. The token
method maintains the efficiency of the connection.
o Synchronization: The session maintains proper connectivity between systems,
and if any error occurs, then it provides a recovery option which is called a
known state. The session layer adds synchronization bits to the message to use
the known state in the event of an error. These bits can be used as checkpoints.
It adds synchronization points or checkpoints to the data stream for longer
communication. It ensures that the data streams are successfully received and
acknowledged up to the checkpoints. In case of any failure, only the stream
needs to be retransmitted after the checkpoints.
o Authentication: The process of identification is known as authentication. It
takes a guarantee from the user to permit them access to the data.
Authentication is very important because it provides security.
o Authorization: It grants privileges after authentication of the user.
Authorization means providing access to the data that is authorized to the
specific user.

Protocols of the Session Layer:

The session layer offers many network protocols for the safety, security, and efficiency
of communication between devices.

Some of these protocols are discussed below:

o RTCP: It is an abbreviation for Real-time Transport Control Protocol. It is used

to provide audio and video over the Internet. Basically, it periodically transmits
control packets to all participants in the session. It provides feedback on QoS
(Quality of Service) to all participants in the session. It is used in video
conferencing, television services, etc.
o PPTP: It is the full form of Point-to-Point Tunneling Protocol. This is the
technology used to implement VPN. With the help of PPTP, data can be
transmitted securely from one node to another through a tunnel.
o PAP: It is an abbreviation for Password Authentication Protocol. The point-to-
point protocol uses it to authenticate the user. It takes care of whether the user
is authentic or not and then grants access. It works in such a way that the user
will enter the id and password, then after the authentication, the server will reply
with a confirmation. It is a weak type of authentication system as it is highly
vulnerable to attackers.
o ADSP: It is an abbreviation for AppleTalk Data Stream Protocol. It is a
networking protocol that was introduced 38 years ago, in 1985, and was created
for Apple Macintosh networks. It allows users to share printers and folders for
access by other network users.
o RPC: It is an abbreviation for Remote Procedure Call Protocol. It helps in
communication between processes that are residing in different systems
connected over a network. It helps one program to request a service from
another program located on another computer on a network. The processes
that are communicating do not need to comprehend the details of the network.
o iSNS: It is an abbreviation for Internet Storage Name Service. It manages and
configures Fibre Channel and iSCSI devices. This protocol is used by many
platforms.
o SDP: It is an abbreviation for Sockets Direct Protocol. It is a standard wire
protocol that supports stream sockets on RDMA (Remote Direct Memory
Access) fabrics.
 Presentation Layer
o The presentation layer is the 6th layer from the bottom in the OSI model. This
layer presents the incoming data from the application layer of the sender
machine to the receiver machine. It converts one format of data to another
format of data if both sender and receiver understand different formats; hence
this layer is also called the translation layer. It deals with the semantics and
syntax of the data, so this layer is also called the syntax layer. It uses operations
such as data compression, data encryption & decryption, data conversion, etc.

Functions of the presentation layer:

o Translation: Data is sent from sender to receiver, but what if the sender device
and receiver device understand different formats of code? For example,
suppose one device understands ASCII code and another device understands
EBCDIC code. In that case, the data must be translated into a code that the
recipient understands to determine what data has been sent. The presentation
layer is responsible for translating ASCII codes to EBCDIC or vice versa. With the
help of the presentation layer, the receiver understands the data effectively and
uses it efficiently.
o Encryption and Decryption: Whatever data is being transmitted between the
sender and the receiver, that data must be secure because an intruder can hack
 the data passing between the sender and the receiver. Hackers can modify the
data and send the modified data to the receiver to create false communication.
The presentation layer is responsible for encrypting and decrypting data to
avoid data leakage and data modification.
The plaintext data at the source is encrypted into ciphertext (unreadable
format), then it is sent to the receiver, where the ciphertext is decrypted into
plaintext. Now, if the hacker tries to hack the data, the hacker receives an
encrypted, unreadable form, and if the hacker tries to send modified data, the
receiver can detect the modification during decryption; thereby, the data
remains safe.
o Compression and Decompression: If the file size is large, it becomes difficult
to transmit the large file over the network. File size can be decreased by
compressing the file for easy transmission of data. Compression is the method
of diminishing the size of a file to transmit data easily in less time. When the
compressed data reaches the receiver, the data is reconstructed back to the
original size, and this process is called decompression.

Protocols of the Presentation layer:

o Independent Computing Architecture (ICA): It is a presentation layer protocol

in the OSI model, which was formed by Citrix Systems. It is used for transferring
 data from server to client. It is a very thin protocol as it does not require much
overhead in order to transmit data from the server over to the client. It is well-
optimized for the WAN.
o Network Data Representation (NDR): It is the protocol that is used to
implement the presentation layer of the OSI model. It provides different kinds
of data representation, such as images, video, audio, numbers, etc. It is used for
Microsoft Remote Procedure Call (Microsoft RPC) and Distributed Computing
Environment (DCE) / Remote Procedure Calls (RPC).
o Apple Filing Protocol (AFP): It is a communication protocol that was
specifically designed for macOS by Apple, Inc. It provides file services for Classic
Mac OS and macOS. This protocol is used to share files over the network.
o NetWare Core Protocol (NCP): It is a protocol that is associated with the
client-server operating system. The user can access the directory, print,
message, file, clock synchronization, etc., with the help of this protocol. It
supports many platforms, such as Linux, Classic Mac OS, Windows NT, Mac OS
X, and Microsoft Windows.
o Packet Assembler/Disassembler Protocol (PAD): It is a telecommunications
equipment that splits a stream of data into separate packets and formats packet
headers for asynchronous communication on X.25 networks. It receives packets
from the network and converts them into a stream of data. The PAD provides
many asynchronous terminal connectivities to a host computer.
o eXternal Data Representation (XDR): It is a computer network protocol that
is used to transfer data between two systems. It was first published in 1987. XDR
is used by various systems such as NDMP, Network File System, NetCDF, ZFS,
Open Network Computer Remote Procedure Call, and others.
o Lightweight Presentation Protocol (LPP): It is a protocol that offers ISO
presentation services over TCP/IP based networks. This protocol explains an
approach to provide stream-line support for OSI over TCP/IP based networks.
Application Layer
The application layer in the OSI model is the closest layer to the end user which
means that the application layer and end user can interact directly with the
software application. The application layer programs are based on client and
servers.

Services of Application Layers

o Network Virtual terminal: An application layer allows a user to log on to a
remote host. To do so, the application creates a software emulation of a
terminal at the remote host. The user's computer talks to the software terminal,
which in turn, talks to the host. The remote host thinks that it is communicating
with one of its own terminals, so it allows the user to log on.
o File Transfer, Access, and Management (FTAM): An application allows a user
to access files in a remote computer, to retrieve files from a computer and to
manage files in a remote computer. FTAM defines a hierarchical virtual file in
terms of file structure, file attributes and the kind of operations performed on
the files and their attributes.
o Addressing: To obtain communication between client and server, there is a
need for addressing. When a client made a request to the server, the request
contains the server address and its own address. The server response to the
client request, the request contains the destination address, i.e., client address.
To achieve this kind of addressing, DNS is used.
o Mail Services: An application layer provides Email forwarding and storage.
o Directory Services: An application contains a distributed database that
provides access for global information about various objects and services.
o Authentication: It authenticates the sender or receiver's message or both.
DNS
An application layer protocol defines how the application processes running on
different systems, pass the messages to each other.

o DNS stands for Domain Name System.

o DNS is a directory service that provides a mapping between the name of a host
on the network and its numerical address.
o DNS is required for the functioning of the internet.
o Each node in a tree has a domain name, and a full domain name is a sequence
of symbols specified by dots.
o DNS is a service that translates the domain name into IP addresses. This allows
the users of networks to utilize user-friendly names when looking for other
hosts instead of remembering the IP addresses.
o For example, suppose the FTP site at EduSoft had an IP address of
132.147.165.50, most people would reach this site by specifying
ftp.EduSoft.com. Therefore, the domain name is more reliable than IP address.

DNS is a TCP/IP protocol used on different platforms. The domain name space is
divided into three different sections: generic domains, country domains, and inverse
domain.
Generic Domains
o It defines the registered hosts according to their generic behavior.
o Each node in a tree defines the domain name, which is an index to the DNS
database.
o It uses three-character labels, and these labels describe the organization type.

Label Description

aero Airlines and aerospace companies

biz Businesses or firms

com Commercial Organizations

coop Cooperative business Organizations

edu Educational institutions

gov Government institutions

info Information service providers

int International Organizations

mil Military groups

museum Museum & other nonprofit organizations

name Personal names

net Network Support centers

org Nonprofit Organizations

pro Professional individual Organizations

Country Domain
The format of country domain is same as a generic domain, but it uses two-character
country abbreviations (e.g., us for the United States) in place of three character
organizational abbreviations.

Inverse Domain
The inverse domain is used for mapping an address to a name. When the server has
received a request from the client, and the server contains the files of only authorized
clients. To determine whether the client is on the authorized list or not, it sends a query
to the DNS server and ask for mapping an address to the name.
SNMP
o SNMP stands for Simple Network Management Protocol.
o SNMP is a framework used for managing devices on the internet.
o It provides a set of operations for monitoring and managing the internet.

SNMP Concept

o SNMP has two components Manager and agent.

o The manager is a host that controls and monitors a set of agents such as routers.
o It is an application layer protocol in which a few manager stations can handle a
set of agents.
o The protocol designed at the application level can monitor the devices made
by different manufacturers and installed on different physical networks.
o It is used in a heterogeneous network made of different LANs and WANs
connected by routers or gateways.

Managers & Agents

o A manager is a host that runs the SNMP client program while the agent is a
router that runs the SNMP server program.
o Management of the internet is achieved through simple interaction between a
manager and agent.
 o The agent is used to keep the information in a database while the manager is
used to access the values in the database. For example, a router can store the
appropriate variables such as a number of packets received and forwarded
while the manager can compare these variables to determine whether the
router is congested or not.
o Agents can also contribute to the management process. A server program on
the agent checks the environment, if something goes wrong, the agent sends a
warning message to the manager.

Management with SNMP has three basic ideas:

o A manager checks the agent by requesting the information that reflects the
behaviour of the agent.
o A manager also forces the agent to perform a certain function by resetting
values in the agent database.
o An agent also contributes to the management process by warning the manager
regarding an unusual condition.

World Wide Web

o The idea of the Web was first proposed by Tim Berners-Lee in 1989 at CERN†,
the European Organization for Nuclear Research, to allow several researchers at
different locations throughout Europe to access each other’s research. The
commercial Web started in the early 1990s.
o The Web today is a repository of information in which the documents, called
web pages, are distributed all over the world and related documents are linked
together. The popularity and growth of the Web can be related to two terms in
the above statement: distributed and linked.
o Distribution allows the growth of the Web. Each web server in the world can
add a new web page to the repository and announce it to all Internet users
without overloading a few servers.
o Linking allows one web page to refer to another web page stored in another
server somewhere else in the world. The linking of web pages was achieved
using a concept called hypertext, which was introduced many years before the
advent of the Internet. The idea was to use a machine that automatically
retrieved another document stored in the system when a link to it appeared in
 the document. The Web implemented this idea electronically to allow the linked
document to be retrieved when the link was clicked by the user.
o Today, the term hypertext, coined to mean linked text documents, has been
changed to hypermedia, to show that a web page can be a text document, an
image, an audio file, or a video file.

Architecture
The WWW today is a distributed client-server service, in which a client using a browser
can access a service using a server. However, the service provided is distributed over
many locations called sites. Each site holds one or more web pages. Each web page,
however, can contain some links to other web pages in the same or other sites. In other
words, a web page can be simple or composite. A simple web page has no links to
other web pages; a composite web page has one or more links to other web pages.
Each web page is a file with a name and address.

Example
Assume we need to retrieve a scientific document that contains one reference to
another text file and one reference to a large image. Figure 26.1 shows the situation.

o The main document and the image are stored in two separate files (file A and
file B) in the same site; the referenced text file (file C) is stored in another site.
 Since we are dealing with three different files, we need three transactions if we
want to see the whole document.
o The first transaction (request/response) retrieves a copy of the main document
(file A), which has references (pointers) to the second and third files. When a
copy of the main document is retrieved and browsed, the user can click on the
reference to the image to invoke the second transaction and retrieve a copy of
the image (file B). If the user needs to see the contents of the referenced text
file, she can click on its reference (pointer) invoking the third transaction and
retrieving a copy of file C.
o Note that although files A and B both are stored in site I, they are independent
files with different names and addresses. Two transactions are needed to
retrieve them. A very important point we need to remember is that file A, file B,
and file C in Example 26.1 are independent web pages, each with independent
names and addresses. Although references to file B or C are included in file A,
it does not mean that each of these files cannot be retrieved independently. A
second user can retrieve file B with one transaction. A third user can retrieve file
C with one transaction.

Web Client (Browser)

o A variety of vendors offer commercial browsers that interpret and display a web
page, and all of them use nearly the same architecture. Each browser usually
consists of three parts: a controller, client protocols, and interpreters. (see Figure
26.2).
 o The controller receives input from the keyboard or the mouse and uses the
client programs to access the document.
o After the document has been accessed, the controller uses one of the
interpreters to display the document on the screen.
o The client protocol can be one of the protocols described later, such as HTTP
or FTP.
o The interpreter can be HTML, Java, or JavaScript, depending on the type of
document.
o Some commercial browsers include Internet Explorer, Netscape Navigator, and
Firefox.

Web Server
o The web page is stored at the server. Each time a request arrives, the
corresponding document is sent to the client.
o To improve efficiency, servers normally store requested files in a cache in
memory; memory is faster to access than a disk.
o A server can also become more efficient through multithreading or
multiprocessing. In this case, a server can answer more than one request at a
time. Some popular web servers include Apache and Microsoft Internet
Information Server.

HTTP
o HTTP stands for HyperText Transfer Protocol.
o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency
that allows us to use in a hypertext environment where there are rapid jumps
from one document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to another
host. But, HTTP is simpler than FTP as HTTP uses only one connection, i.e., no
control connection to transfer the files.
 o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The
HTTP differs from the SMTP in the way the messages are sent from the client to
the server and from server to the client. SMTP messages are stored and
forwarded while HTTP messages are delivered immediately.

Features of HTTP:
o Connectionless protocol: HTTP is a connectionless protocol. HTTP client
initiates a request and waits for a response from the server. When the server
receives the request, the server processes the request and sends back the
response to the HTTP client after which the client disconnects the connection.
The connection between client and server exist only during the current request
and response time only.
o Media independent: HTTP protocol is a media independent as data can be
sent as long as both the client and server know how to handle the data content.
It is required for both the client and server to specify the content type in MIME-
type header.
o Stateless: HTTP is a stateless protocol as both the client and server know each
other only during the current request. Due to this nature of the protocol, both
the client and server do not retain the information between various requests of
the web pages.
HTTP Transactions

The above figure shows the HTTP transaction between client and server. The client
initiates a transaction by sending a request message to the server. The server replies
to the request message by sending a response message.

Messages
HTTP messages are of two types: request and response. Both the message types follow
the same message format.

Request Message: The request message is sent by the client that consists of a request
line, headers, and sometimes a body.
Response Message: The response message is sent by the server to the client that
consists of a status line, headers, and sometimes a body.

Uniform Resource Locator (URL)

o A client that wants to access the document in an internet needs an address and
to facilitate the access of documents, the HTTP uses the concept of Uniform
Resource Locator (URL).
o The Uniform Resource Locator (URL) is a standard way of specifying any kind of
information on the internet.
o The URL defines four parts: method, host computer, port, and path.
 o Method: The method is the protocol used to retrieve the document from a
server. For example, HTTP.
o Host: The host is the computer where the information is stored, and the
computer is given an alias name. Web pages are mainly stored in the computers
and the computers are given an alias name that begins with the characters
"www". This field is not mandatory.
o Port: The URL can also contain the port number of the server, but it's an
optional field. If the port number is included, then it must come between the
host and path and it should be separated from the host by a colon.
o Path: Path is the pathname of the file where the information is stored. The path
itself contain slashes that separate the directories from the subdirectories and
files.

FTP
o FTP stands for File transfer protocol.
o FTP is a standard internet protocol provided by TCP/IP used for transmitting the
files from one host to another.
o It is mainly used for transferring the web page files from their creator to the
computer that acts as a server for other computers on the internet.
o It is also used for downloading the files to computer from other servers.

Objectives of FTP
o It provides the sharing of files.
o It is used to encourage the use of remote computers.
o It transfers the data more reliably and efficiently.

Why FTP?
Although transferring files from one system to another is very simple and
straightforward, but sometimes it can cause problems. For example, two systems may
have different file conventions. Two systems may have different ways to represent text
and data. Two systems may have different directory structures. FTP protocol
overcomes these problems by establishing two connections between hosts. One
connection is used for data transfer, and another connection is used for the control
connection.

Mechanism of FTP

The above figure shows the basic model of the FTP. The FTP client has three
components: the user interface, control process, and data transfer process. The server
has two components: the server control process and the server data transfer process.

There are two types of connections in FTP:

o Control Connection: The control connection uses very simple rules for
communication. Through control connection, we can transfer a line of
command or line of response at a time. The control connection is made between
 the control processes. The control connection remains connected during the
entire interactive FTP session.
o Data Connection: The Data Connection uses very complex rules as data types
may vary. The data connection is made between data transfer processes. The
data connection opens when a command comes for transferring the files and
closes when the file is transferred.

FTP Clients
o FTP client is a program that implements a file transfer protocol which allows
you to transfer files between two hosts on the internet.
o It allows a user to connect to a remote host and upload or download the files.
o It has a set of commands that we can use to connect to a host, transfer the files
between you and your host and close the connection.
o The FTP program is also available as a built-in component in a Web browser.
This GUI based FTP client makes the file transfer very easy and also does not
require to remember the FTP commands.

Advantages of FTP:

o Speed: One of the biggest advantages of FTP is speed. The FTP is one of the
fastest way to transfer the files from one computer to another computer.
o Efficient: It is more efficient as we do not need to complete all the operations
to get the entire file.
o Security: To access the FTP server, we need to login with the username and
password. Therefore, we can say that FTP is more secure.
o Back & forth movement: FTP allows us to transfer the files back and forth.
Suppose you are a manager of the company, you send some information to all
the employees, and they all send information back on the same server.

Disadvantages of FTP:

o The standard requirement of the industry is that all the FTP transmissions should
be encrypted. However, not all the FTP providers are equal and not all the
providers offer encryption. So, we will have to look out for the FTP providers
that provides encryption.
 o FTP serves two operations, i.e., to send and receive large files on a network.
However, the size limit of the file is 2GB that can be sent. It also doesn't allow
you to run simultaneous transfers to multiple receivers.
o Passwords and file contents are sent in clear text that allows unwanted
eavesdropping. So, it is quite possible that attackers can carry out the brute
force attack by trying to guess the FTP password.
o It is not compatible with every system.

ELECTRONIC MAIL
o Electronic mail (or e-mail) allows users to exchange messages. The nature of
this application, however, is different from other applications discussed so far.
o In an application such as HTTP or FTP, the server program is running all the
time, waiting for a request from a client. When the request arrives, the server
provides the service. There is a request and there is a response.
o In the case of electronic mail, the situation is different. First, e-mail is
considered a one-way transaction. When Alice sends an email to Bob, she may
expect a response, but this is not a mandate. Bob may or may not respond. If
he does respond, it is another one-way transaction. Second, it is neither feasible
nor logical for Bob to run a server program and wait until someone sends an e-
mail to him. Bob may turn off his computer when he is not using it. This means
that the idea of client/server programming should be implemented in another
way: using some intermediate computers (servers). The users run only client
programs when they want and the intermediate servers apply the client/server
paradigm, as we discuss in the next section.
Architecture
To explain the architecture of e-mail, we give a common scenario, as shown in Figure
26.12.

In the common scenario, the sender and the receiver of the e-mail, Alice and Bob
respectively, are connected via a LAN or a WAN to two mail servers. The administrator
has created one mailbox for each user where the received messages are stored. A mail
box is part of a server hard drive, a special file with permission restrictions. Only the
owner of the mailbox has access to it. The administrator has also created a queue
(spool) to store messages waiting to be sent. A simple e-mail from Alice to Bob takes
nine different steps, as shown in the figure. Alice and Bob use three different agents: a
user agent (UA), a message transfer agent (MTA), and a message access agent (MAA).
When Alice needs to send a message to Bob, she runs a UA program to prepare the
message and send it to her mail server. The mail server at her site uses a queue (spool)
to store messages waiting to be sent. The message, however, needs to be sent through
the Internet from Alice’s site to Bob’s site using an MTA. Here two message transfer
agents are needed: one client and one server. Like most client-server programs on the
Internet, the server needs to run all the time because it does not know when a client
will ask for a connection. The client, on the other hand, can be triggered by the system
when there is a message in the queue to be sent. The user agent at the Bob site allows
Bob to read the received message. Bob later uses an MAA client to retrieve the
message from an MAA server running on the second server.