MODULE 4

TRANSPORT LAYER
Process To Process Delivery
The transport layer is responsible for process-to process
delivery—the delivery of a packet, part of a message, from one
process to another.
Types of data deliveries
Addressing
Data Link layer – MAC address
Network Layer – IP Address
Transport layer – Port Number (16 bit)
Socket Address – Combination of IP and Port Number
Multiplexing and Demultiplexing
Connectionless Vs Connection oriented Service

Connectionless service – no need for connection establishment or

connection release, no acknowledgement.

Connection oriented service – establish connection, data transfer,

connection release.
Reliable Vs Unreliable
Reliable – Implementing flow and error control at the transport
layer. Slower and complex service.

Unreliable – It uses its own flow and error control mechanism. Fast
service.
Error Control
Three Protocols
User Datagram Protocol (UDP)
Connectionless, unreliable transport protocol.
UDP packets, called user datagram.
Source port number – port number used by the process running on
the source host.

Destination port number – Port number used by the process running

on the destination host.

Length – total length of the user datagram header plus data

UDP length=IP length - IP header’s length.

Checksum – used to detect errors.

UDP Operation
Connectionless services – no relationship between the different datagrams even
they are coming from same source and going to same destination. Data gram
are not numbered. No connection establishment and no connection termination.

Flow and error control – no flow and error control mechanisms. The receiver
may overflow with incoming messages. Sender does not know if a message has
been lost or duplicated.

Encapsulation and decapsulation – send message from one process to another,

UDP protocol encapsulates and decapsulates messages in an IP datagram.
Queuing
Use of UDP

Simple request-response communication with little concern for flow

and error control.

It is suitable for a process with internal flow and error control

mechanisms.

It is suitable for multicasting. It is used for management processes.

It is used for some route updating protocols

Transmission Control Protocol (TCP)
Process to process protocol.

Connection oriented

Reliable

Flow and error control mechanisms.

TCP Services
1. Process to process communication – using port numbers.
2. Stream delivery service
3. Full-Duplex communication

4. Connection oriented service- establish connection, data exchange,

Connection terminated.

5. Reliable service – Acknowledgement mechanisms

TCP Features
Numbering System

1. Byte number - The bytes of data being transferred in each connection are
numbered by TCP.

2. Sequence number - The value in the sequence number field of a segment

defines the number of the first data byte contained in that segment.

3. Acknowledgement number - The value of the acknowledgment field in a

segment defines the number of the next byte a party expects to receive.

Flow control
Error control
Congestion control
Segment – Packet in TCP
Control fields
A TCP Connection
Stream Control Transmission Protocol (SCTP)
SCTP is a message-oriented, reliable protocol that combines the best
features of UDP and TCP.
SCTP Services
1. Process to process communication
2. Multiple streams
3. Multihoming- connected to more than one physical address with
multiple IP address.
4. Full duplex communication

5. Connection oriented services

6. Reliable service
SCTP Features
Transmission Sequence number – Data unit in SCTP is data Chunk.
So it is numbered using TSN.

Stream identifier – To distinguish between different streams

Packets – TCP has segments, but SCTP has packets

Acknowledgement number- acknowledge the data chunks

Flow control

Error control

Congestion control
Packet format
General header

Chunks - Control information or user data are carried in chunks

An SCTP Association – Connection in SCTP
Association establishment
Data transfer
Association Termination
CONGESTION CONTROL
It refers to techniques and mechanisms that can either prevent congestion,
before it happens, or remove congestion, after it has happened.
Open loop congestion control
1. Retransmission Policy – If the sender feel that a sent packet is lost ,
the packet needs to be retransmitted.

2. Window Policy – Selective repeat is better than Go back n window.

3. Acknowledgement policy – If the receiver doesn’t acknowledge

every packet it receives, it may slow down the sender.

4. Discarding Policy – discard less sensitive packet

5. Admission policy – first check the resource requirement of a flow

before admitting it to the network.
Closed loop congestion control
1. Back pressure

2. Choke packet
3. Implicit Signaling – no communication between congested node and the
source.

4. Explicit Signaling – The node that experiences congestion can explicitly

send a signal to the source or destination. It can occur in 2 ways:

Backward Signaling – A bit can be set in a packet moving in the direction

opposite to the congestion.

Forward Signaling – A bit can be set in a packet moving in the direction

of the congestion.
QUALITY OF SERVICE
It is an internetworking issue that has been discussed more than
defined.
Reliability – characteristic that a flow need.

Delay – source to destination delay

Jitter – variation in delay for packet belonging to the same flow.

Bandwidth – different application needs different bandwidth.

Techniques to improve QoS
Scheduling
1. FIFO Queuing

2. Priority Queuing
3. Weighted fair Queuing
 Traffic Shaping
1. Leaky Bucket
A leaky bucket shapes algorithm bursty traffic into fixed-rate traffic
by averaging the data rate. It may drop the packets if the bucket is
full.
2. Token Bucket
The token bucket allows bursty traffic at a regulated maximum rate.
3. Resource reservation – The QoS is improved if the resources(buffer,
bandwidth, CPU time etc) are reserved beforehand.

4. Admission control – it refers to the mechanism used by a router or a

switch to accept or reject a flow based on predefined parameters
called flow specification.
APPLICATION LAYER
The application layer is responsible for providing services to the user.
Domain Name System
Three common applications in the Internet – Remote login, Email, File
Transfer Protocol(FTP)
World Wide Web
Http
Network Management-SNMP
Network Security
Cryptography
Domain Name System

DNS Automatically Convert the names we type in our web browsers

address bar to the IP addresses of web servers hosting those sites.
NAME SPACE
To be unambiguous, the names assigned to machines must be carefully
selected from a name space with complete control over the binding
between the names and IP addresses.

Flat Name Space – It is a sequence of characters without structure.

Hierarchal Name Space – Each name is made up of several parts.

Eg: challenger.fhda.edu, berkeley.edu, smart.com

DOMAIN NAME SPACE
To have a hierarchical name space, a domain name space was designed. In
this design the names are defined in an inverted-tree structure with the root
at the top. The tree can have only 128 levels: level 0 (root) to level 127.
Label – Each node has label, which is a string with a maximum of 63
characters. The root label is a null string.

Domain Name – A full domain name is a sequence of labels separated by

dots (.). It is read from the node up to the root.

Fully Qualified Domain Name (FQDN) – A label terminated by a null

string.

Partially Qualified Domain Name (PQDN) – A label is not terminated by a

null string.
Domain – It is a sub tree of the domain name space.
Remote logging
It would be impossible to write a specific client/server program for each
demand. The better solution is a general-purpose client/server program that
lets a user access any application program on a remote computer.

Telnet (TErminaL NETwork ) - TELNET is a general-purpose client/server

application program. It establish a connection to a remote system.

Time sharing environment

Logging
Local and remote log-in

26.58
Local log-in
A user types at a terminal, the keystroke are accepted by the terminal driver. It
passes the character to the OS. The OS interprets the combination of characters
and invokes the desired application program or utility.
Remote log-in
The user sends the keystrokes to the terminal driver, the local OS accepting the
character but not interpret them.
Characters are send to the TELNET client, which transforms the character to a
universal character called Network Virtual Terminal (NVT) and delivers to local
TCP/IP protocol stack.
The NVT travel through the internet and arrive at the TCP/IP stack at the remote
machine. Then it pass to the TELNET server, which change the character to the
corresponding characters understandable by the remote computer. Then travel this
in to pseudo terminal driver. The OS then passes the character to the appropriate
application program.
Concept of NVT (Network Virtual Terminal)

26.60
Some NVT control characters
 ELECTRONIC MAIL

•One of the most popular Internet services is electronic mail (e-mail).

•General architecture of an email system including the three main
components:
1. User Agent
2. Message Transfer Agent
3. Message Access Agent.

26.62
First scenario in electronic mail

26.63
When the sender and the receiver of an e-mail are on the same system,
we need only two user agents.

26.64
Second scenario in electronic mail

26.65
When the sender and the receiver of an e-mail are on
different systems, we need two UAs and a pair of
MTAs (client and server).

26.66
Third scenario in electronic mail

26.67
When the sender is connected to the mail server via a LAN or a WAN, we
need two UAs and two pairs of MTAs (client and server).

26.68
Fourth scenario in electronic mail

26.69
Push versus pull in electronic email

26.70
When both sender and receiver are connected to the mail server via a
LAN or a WAN, we need two UAs, two pairs of MTAs and a pair of
MAAs.
This is the most common situation today.

26.71
Services of user agent

26.72
User Agent types
1) Command driven – It normally accepts a one-character command from
the keyboard to perform its task. For e.g.: If user type r, at the command
prompt, to reply to the sender of the message, or type the character R to
reply to the sender and all recipients. Some examples of command-driven
user agents are mail, pine, and elm.

2) GUI based – They contain the Graphical User Interface components that
allow the user to interact with the software by using both the keyboard
and the mouse. Some examples of GUI-based user agents are Eudora,
Outlook, and Netscape.
Format of an e-mail

26.74
Addresses

Mailing list – Email allows one name to represent several different

e-mail addresses.

MIME – Multipurpose Internet Mail Extensions is a supplementary

protocol that allows non-ASCII data to be sent through email.
MIME
MIME header
Message Transfer Agent: SMTP
The formal protocol that defines the MTA client and server in the
internet is called SMTP (Simple Mail Transfer Protocol).
SMTP range.
Mechanisms of mail transfer by SMTP
Commands and Responses

Format of commands
commands
Responses
Mail transfer Phases
Connection establishment

Mail transfer

Connection termination
Message Access Agent: POP and IMAP
The first and second stages of mail delivery use SMTP. SMTP is a Push
protocol. The third stage needs a pull protocol. So it uses a message access
agent.
Post Office Protocol version 3 (POP 3)
Internet mail Access Protocol version 4 (IMAP4)
POP3

The POP3 software is installed on the recipient computer.

POP3 has two modes: The delete mode and keep mode.
The exchange of commands and responses in POP3

26.85
IMAP4-Internet Mail Access Protocol
POP3 is deficient in several ways:

1. It does not allow the user to organize her mail on the server.

2. It does not allow the user to partially check the contents of the mail
before downloading.
IMAP4 provides the following extra functions:
A user can check the email header prior to downloading.

A user can search the contents of the email for a specific string of
characters prior to downloading.

A user can partially download e mail.

A user can create, delete or rename mailboxes on the mail server.

A user can create a hierarchy of mailboxes in a folder for email

storage.
File Transfer Protocol (FTP)

It is the standard mechanism provided by the TCP/IP for copying a

file from one host to another.

FTP uses the services of TCP. It needs two TCP connections.

The well-known port 21 is used for the control connection and the
well-known port 20 for the data connection.
FTP
Using the control connection
Communication over data connection

Transfer file through data connection.

Retrieving a file – A file copied from server to client(RETR

command)

Storing a file – A file copied from client to server (STOR command)

A list of directory sent from server to client (LIST command).

 Using the data connection
File Type – ASCII, EBCDIC, image)
Data structure – File Structure, record Structure, Page Structure
Transmission Mode – Stream mode, Block mode, Compressed mode.
World Wide Web
The WWW today is a distributed client/server service, in which a
client using a browser can access a service using a server. However,
the service provided is distributed over many locations called sites.
Architecture of WWW
Client (Browser)
Server

Web page is stored in server. Each time client request arrives, the
corresponding document is sent to the client. To improve efficiency,
servers normally store requested files in a cache in memory.

Uniform Resource Locator

To facilitate the access of documents distributed throughout the

world.
Cookies

When a server receives a request from a client, it stores information

about the client in a file or a string. The information may include the
domain name of client, the contents, timestamp etc.

The server includes the cookie in the response that it sends to the
client.

When the client receives the response, the browser stores the cookie
in the cookie directory.
 WEB DOCUMENTS
The documents in the WWW can be grouped into three:-

1. Static documents - fixed document, client can only get the copy of document.
HTML is a language for creating web pages.

2. Dynamic documents – It is created by a web server whenever a browse requests

the documents. Common Gateway Interface(CGI) is a technology that creates and
handles dynamic documents. Technology involved in creating dynamic documents
are Hypertext Pre-processor (PHP),Java Server Page (JSP), Active Server Page
(ASP) etc.

3. Active Documents – Program to be run at the client side. Technologies used are
Java Applets, Java Script etc.
Hypertext Transfer Protocol(HTTP)
It is a protocol mainly to access data on the WWW. HTTP functions as a
combination of FTP and SMTP.
HTTP uses the services of TCP on well-known port 80.
HTTP Transaction
Request and Response messages
Request and Status Lines
Request type
Status code
Header

1.General header
2.Request header
3.Entity header
4.Response header

Body
It contains the document to be sent or received.
Network Management System
 Configuration management – Manage the network and entities.

❖ Reconfiguration – Adjusting the network components and features.

Hardware, software and user-account reconfiguration.

❖ Documentation – The original network configuration and each subsequent

change must be recorded.

Fault Management – It is the area of network management to handle the

issue of network.

❖ Reactive fault management – it is responsible for detecting, isolating,

correcting and recording faults.

❖ Proactive fault management – It tries to prevent faults from occurring.

 Performance Management

❖ Capacity

❖ Traffic

❖ Throughput

❖ Response time

Security Management – It is responsible for controlling access to the

network based on predefined policy.

Accounting Management – It is the control of users access to network

resources through charges.
Simple Network Management Protocol (SNMP)
The Simple Network Management Protocol (SNMP) is a framework for
managing devices in an internet using the TCP/IP protocol suite. It
provides a set of fundamental operations for monitoring and maintaining
an internet.

SNMP concept
Managers and Agents
A management station called a manager, is a host that runs the SNMP
client program

A managed station called an agent, is a router that runs the SNMP server
program.

Management with SNMP means:-

1. A manager checks an agent by requesting information that reflects the

behavior of the agent.

2. A manager forces an agent to perform a task

3. An agent contributes to the management process by warning the manager

of an unusual situation.
Management Components
 Role of SNMP

SNMP defines the format of packets exchanged between a manager and an agent. It
reads and changes the status (values) of objects (variables) in SNMP packets.

Role of SMI(Structure of Management Information)

SMI defines the general rules for naming objects, defining object types (including
range and length), and showing how to encode objects and values. SMI does not
define the number of objects an entity should manage or name the objects to be
managed or define the association between the objects and their values.

Role of MIB (Management Information Base)

MIB creates a collection of named objects, their types, and their relationships to
each other in an entity to be managed.
NETWORK SECURITY
SECURITY SERVICES

Four of these services are related to the message exchanged using the
network. The fifth service provides entity authentication or identification.
Message Confidentiality
The transmitted message must make sense to only the intended receiver.
Message Integrity
Message integrity means that the data must arrive at the receiver exactly as they were
sent.
Message Authentication
In message authentication the receiver needs to be sure of the sender's identity and
that an imposter has not sent the message.
Message Nonrepudiation
It means that a sender must not be able to deny sending a message that he or she, in
fact, did send.
Entity Authentication
In entity authentication, the entity or user is verified prior to access to the system
resources
Message Confidentiality
Message Integrity
Document and Fingerprint

To preserve the integrity of a document, both the document and the

fingerprint are needed.

Message and Message Digest

To preserve the integrity of a message, the message is passed through an

algorithm called a hash function. The hash function creates a compressed
image of the message that can be used as a fingerprint.
Hash Algorithms: SHA-1
Hash Algorithms: SHA-1
Buffer of N bits is initialized to a predetermined value. The algorithm
mangles this initial buffer with the first 512 bits of the message to create
the first intermediate message digest of N bits.

This digest is then mangled with the second 512-bit block to create the
second intermediate digest. The (n - l)th digest is mangled with the nth
block to create the nth digest.

If a block is not 512 bits, padding (Os) is added to make it so. When the
last block is processed, the resulting digest is the message digest for the
entire message.
Message Authentication
MDC - The digest created by a hash function is normally called a modification
detection code (MDC). The code can detect any modification in the message. An
MDC uses a keyless hash function
MAC - To provide message authentication, we need to change a modification
detection code to a message authentication code (MAC). MAC uses a keyed hash
function.
Digital signature
The differences between two types of signatures: conventional and
digital.

1) Inclusion

2) Verification method

3) Relationship

4) Duplicity

A digital signature needs a public-key system.

Process - Signing the Document

In digital signature, we use the private and public key of the sender.
Process- Signing the Digest
Services

Message Integrity

Message Authentication

Message Nonrepudiation
 Entity Authentication

The entity whose identity needs to be proved is called the claimant; the party
that tries to prove the identity of the claimant is called the verifier.
In entity authentication, the claimant must identify herself to the verifier. This
can be done with one of three kinds of witnesses:
1. Something known. This is a secret known only by the claimant that can be
checked by the verifier. Examples are a password, a PIN number, a secret key,
and a private key.
2. Something possessed. This is something that can prove the claimant's identity.
Examples are a passport, a driver's license, an identification card, a credit card,
and a smart card.
3. Something inherent. This is an inherent characteristic of the claimant. Examples
are conventional signature, fingerprints, voice, facial characteristics, retinal
pattern, and handwriting.
 Passwords - The simplest and the oldest method of entity authentication is the
password

Fixed Password - In this group, the password is fixed; the same password is
used over and over for every access. This approach is subject to several
attacks.

1. Eavesdropping

2. Stealing a password

3. Accessing a file

4. Guessing

One-Time Password - In this type of scheme, a password is used only once.

CRYPTOGRAPHY
Categories
Symmetric-key cryptography

Same key used by the sender and the receiver

Asymmetric- key cryptography
Keys used in cryptography
SYMMETRIC KEY CRYPTOGRAPHY
1. Traditional Ciphers
Substitution Cipher – replaces one symbol with another

❖ Monoalphabetic cipher – A character in the plain text is always changed to

the same character in the cipher text regardless of its position in the text.

❖ Polyalphabetic cipher – Each occurrence of a character can have a

different substitute.

❖ Caesar cipher – also known as shift cipher.eg: HELLO replaced by

WTAAD (Shifted 15 characters)

Transposition cipher – There is no substitution of characters, instead their

locations change.
Transposition cipher
2. Simple Modern Ciphers

XOR Cipher
Rotation cipher
Substitution cipher : S-box
Transposition Cipher : P-box (Permutation)
3. Modern round Ciphers
Data Encryption Standard (DES)
• Advanced Encryption Standard (AES)
AES
Structure of each round
Others Ciphers
IDEA – International Data Encryption Algorithm

Block size is 64, Key size is 128.

Blowfish

Block size is 64, Key size between 32 and 448.

CAST-128

16 rounds, block size is 64 , Key size is 128

RC5

It is a family of cipher with different block sizes, key sizes and number of
rounds.
Mode of Operation
Electronic Code Book (ECB)
Cipher Block Chaining (CBC)
Cipher Feedback (CFB)
Output Feedback (OFB)
ASYMMETRIC KEY CRYPTOGRAPHY
RSA (Rivest, Shamir and Adleman)
Selecting Keys
Diffie-Hellman
Two parties create a symmetric session key to exchange data without
having to remember or store the keys for future use.
Idea of Diffie-Hellman