Networks, Security, and Privacy 158.235
Dr Hooman Alavizadeh Massey University
Application
Layer
Reading: Chapter 2 in the prescribed textbook
Outline
• Application Architecture
• Application Layer Services
– The Web: HTTP
– Email: SMTP, POP
– Other Application-Layer Protocols
3
Application Layer
Applications
(e.g., email, web, Skype..)
• Layer 5 in the Internet model
• The software that enables users to interact with the network and accomplish tasks
Internet Model
Application Transport Network Data Link Physical
4
What is a network application?
Is a program that:
• run on (different) end systems
• communicate over network
no need to write software for network-core devices
• network-core devices do not run user applications
• applications on end systems allows for rapid app development, propagation
application
transport
network
data link
physical
application
transport
network
application
transport
network
data link physical
data link
physical
5
Application Architecture
• The way the functions of the application layer are spread out across the client and the server
• Four components of applications:
1. Presentation Logic (i.e. user interface) 2. Application Logic (backend program) 3. Data Access Logic (i.e. SQL)
4. Data Storage (Database)
6
Application Architectures
• Who is doing what between the clients and servers?
– Host-based Architectures
• Server performs almost all functions
– Client-based architectures
• Client performs most functions
– Client-server architectures
• Functions shared between client and
server (including Cloud Computing) – Peer to peer architectures
• Computers are both clients and servers
7
Host-Based Architecture
• Common in the 1960s with mainframes and terminals
• Server contains all components (“server-based”)
CLIENT
SERVER
Presentation Logic Application Logic Data Access Logic Data Storage
8
Host-Based Architecture
• Advantages
– Very simple
– Single point of control
• Disadvantages
– Host (server) can become a bottleneck
– Upgrades typically expensive (‘lumpy architecture’)
5-9
Client-Based Architecture
• Most common in the 1980s with popularity of PC
• Client contains presentation, application, and data access logic while server stores the data
CLIENT
Presentation Logic Application Logic Data Access Logic
SERVER
Data Storage
10
Client-Based Architecture
• Advantages
– Hardware and applications less expensive – Simple architecture
• Disadvantages
– Data must travel back and forth between server and client
11
Client-Server Architecture
• Most common architecture today
• Thin clients are easier to manage, thick clients have
more functionality
Thick-Client Architecture
Thin-Client Architecture
CLIENT
SERVER
Data Access Logic Data Storage
CLIENT
SERVER
Application Logic
Data Access Logic Data Storage
Presentation Logic
Application Logic
Presentation Logic
12
Client-Server Architecture
• Advantages
– More efficient because of distributed
processing
– Allows hardware/software from different vendors to be used together
– Less bandwidth required • Disadvantages
– May be challenges in configuring hardware/software from different vendors to work together
– In many cases, middleware is required
13
Client-Server Architecture
Middleware is software acts as an intermediary by “sitting between” client and server applications
1. Provides a standard way of translating between software from different vendors
2. Manages message transfers: Insulates network changes from the clients (e.g., adding a new server)
Client Middleware Server
Applications (ODBC etc.,) Applications
14
Client-Server Architecture
• Example of two-tier architecture
CLIENT
SERVER
Application Logic Data Access Logic
Data Storage
Presentation Logic
15
Client-Server Architecture
• Example of three-tier architecture Application Database
CLIENT
SERVER SERVER
ApplicationLogic DataAccess Logic
Data Storage
Presentation Logic
16
Client-Server Architecture
• Example of n-tier Web
architecture
CLIENT
SERVER
Application Logic
Application
SERVER SERVER
Application Logic Data Access Logic
Data Storage
Database
Presentation Logic
17
Tiered Client-Server Architecture
• Advantages
– Better load balancing: More evenly distributed
processing
– More scalable: Only servers experiencing high demand need be upgraded
• Disadvantages
– Heavily loaded network: More distributed processing
necessitates more data exchanges
– Difficult to program and test due to increased complexity
18
Cloud Computing
• Cloud Computing is the general term for enabling access to computing services over the network (most commonly the Internet)
• Models of cloud computing define who manages each application function and associated hardware/software
19
Cloud Computing
• n-tier architecture => Cloud Computing
CLIENT
Web SERVER
Application Logic
Application SERVER
Database SERVER
Presentation Logic
Application Logic Data Access Logic
Data Storage
20
Case Study: Building a Business
OLD WAY CLOUD WAY
• Significant Upfront • No Upfront
Investment
• Results in months
• Large total investment
investment
• Results in days
• Trivial total investment
5 – 21
Cloud Computing: Key benefits
• Huge Resources
– Available for everyone with a small fee
– Leasing model compared to buying model
• NoCommitment
– No over provisioning (waste of capital) – No under provisioning (waste of users)
• Paybyuse
• Pay only for actual resources consumed
22
Software as a Service (SaaS)
• Provides all application components and associated hardware/software
Use Applications
Applications
Services
Platforms
Server OS
Network
Physical environment (Electricity, Air Con, Spaces, etc.)
23
Platform as a Service (PaaS)
• Provides computing platforms (OS, database, webserver etc.,)
Use Applications
Applications
Platforms
Services
Server OS
Network
Physical environment (Electricity, Air Con, Spaces, etc.)
24
Infrastructure as a Service (IaaS)
• All hardware is outsourced
Use Applications
Applications
Platforms
Server OS
Network
Services
Physical environment (Electricity, Air Con, Spaces, etc.)
25
Cloud Computing Delivery
26
• •
Peer to Peer (P2P) Architecture
An older architecture that became popular again with Napster, BitTorrent, Skype,… in early 2000s.
All devices can serve as a client and a server
CLIENT/SERVER
Presentation Logic Application Logic Data Access Logic Data Storage
CLIENT/SERVER
Presentation Logic Application Logic Data Access Logic Data Storage
27
Peer to Peer (P2P) Architecture
• Advantages:
• Data can be stored anywhere on the network
• Very resilient to failure
• Distributes bandwidth requirements
• Disadvantages:
• Finding the stored data is hard (no centralised
control)
• Security (everything is everywhere)
28
Outline
• Application Architecture
• Application Layer Services
– The Web: HTTP
– Email: SMTP, POP
– Other Application-Layer Protocols
29
Web and HTTP
First, a review…
• web page consists of objects
• object can be HTML file, JPEG image, Java
applet, audio file,…
• web page consists of base HTML-file
which includes several referenced objects • each object is addressable by a URL, e.g.,
www.someschool.edu/someDept/pic.gif
host name
path name
30
HTTP: hypertext transfer protocol
• Web’s application layer protocol
• client/server model
– client: browser that requests, receives, (using HTTP protocol) and “displays” Web objects
– server: Web server sends (using HTTP protocol) objects in response to requests
PC running Firefox browser
HTTP Overview
server running
Apache Web server
iphone running Safari browser
31
HTTP Overview
uses TCP:
• client initiates TCP connection (creates socket) to server, port 80
• server accepts TCP connection from client
• HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server)
• TCP connection closed
HTTP is “stateless”
• server maintains no information about past client requests
aside
“state” are complex! ❖ past history (state) must be
maintained
❖ if server/client crashes, their
views of “state” may be inconsistent, must be reconciled
protocols that maintain
32
non-persistent HTTP
• at most one object sent over TCP connection
– connection then closed
• downloading multiple objects required multiple connections
persistent HTTP
• multiple objects can be sent over single TCP connection between client, server
HTTP Connections
33
Non-persistent HTTP
suppose user enters URL:
www.someSchool.edu/someDepartment/home.index
(contains text, references to 10
jpeg images)
1a. HTTP client initiates TCP connection to HTTP server (process) at www.someSchool.edu on port 80
2. HTTP client sends HTTP request message (containing URL) into TCP connection socket. Message indicates that client wants object someDepartment/home.index
5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects
6. Steps 1-5 repeated for each of
1b. HTTP server at host www.someSchool.edu waiting for TCP connection at port 80. “accepts” connection, notifying client
3. HTTP server receives request message, forms response message containing requested object, and sends message into its socket
4. HTTP server closes TCP connection.
10 jpeg objects
time
34
Non-persistent HTTP: response
RTT (definition): time for a small packet to travel from client to server and back
HTTP response time:
• one RTT to initiate TCP connection
• one RTT for HTTP request and first few bytes of HTTP response to return
• file transmission time
• non-persistent HTTP
response time =
2RTT+ file transmission time
initiate TCP connection
RTT
request file
RTT
file received
time
time to transmit file
time
35
Persistent HTTP
non-persistent HTTP issues:
• requires 2 RTTs per object
• OS overhead for each TCP
connection
• browsers often open parallel TCP connections to fetch referenced objects
persistent HTTP:
• server leaves connection open after sending response
• subsequent HTTP messages between same client/server sent over open connection
• client sends requests as soon as it encounters a referenced object
• as little as one RTT for all the referenced objects
36
HTTP Request Message
GET POST …
required optional
Request line (command, URL, HTTP version number)
Request header
(information on the browser, date, and the referring page )
Request body (information sent to the server,
such as from a form, mainly with POST command)
optional
37
HTTP request message
• two types of HTTP messages: request, response
• HTTP request message:
– ASCII (human-readable format) carriage return character
request line
(GET, POST, HEAD commands)
header lines
carriage return, line feed at start
of line indicates end of header lines
line-feed character
GET /index.html HTTP/1.1\r\n
Host: www-net.cs.umass.edu\r\n
User-Agent: Firefox/3.6.10\r\n
Accept: text/html,application/xhtml+xml\r\n Accept-Language: en-us,en;q=0.5\r\n Accept-Encoding: gzip,deflate\r\n Accept-Charset: ISO-8859-1,utf-8;q=0.7\r\n Keep-Alive: 115\r\n
Connection: keep-alive\r\n
\r\n
38
HTTP Response Message
optional optional
Response status
(http version number, status code, reason)
Response header
(information on the server, date, URL of the page retrieved, format used )
Response body (requested web page)
required
39
HTTP Response Message
status line (protocol status code status phrase)
header lines
HTTP/1.1 200 OK\r\n
Date: Sun, 26 Sep 2010 20:09:20 GMT\r\n Server: Apache/2.0.52 (CentOS)\r\n Last-Modified: Tue, 30 Oct 2007 17:00:02
GMT\r\n
ETag: “17dc6-a5c-bf716880″\r\n Accept-Ranges: bytes\r\n
Content-Length: 2652\r\n
Keep-Alive: timeout=10, max=100\r\n Connection: Keep-Alive\r\n
Content-Type: text/html; charset=ISO-8859-
1\r\n \r\n
data data data data data …
data, e.g., requested HTML file
40
HTTP Response: status codes
❖ status code appears in 1st line in server-to- client response message.
❖ some sample codes:
200 OK
– request succeeded, requested object later in this msg 301 Moved Permanently
– requested object moved, new location specified later in this msg (Location:)
400 Bad Request
– request msg not understood by server 404 Not Found
– requested document not found on this server 505 HTTP Version Not Supported
41
Email
• Mail User Agent (MUA): Mail Client – Formal name for mail client software
– e.g., Outlook, Apple Mail, Thunderbird
• Mail Transfer Agent (MTA): Mail Server – Formal name for mail server software
– e.g., Sendmail, Postfix,
• Simple Mail Transfer Protocol (SMTP) – Protocol used to send a message to a MTA – Originally only handled text files
• Internet Message Access Protocol (IMAP) or Post Office Protocol (POP)
– Protocols used by a MUA to retrieve messages from an MTA
42
Email in Action
1) Alice uses MUA to compose message “to”
bob@someschool.edu
2) Alice’s MUA sends message to her mail server; message placed in message queue
3) client side of SMTP opens TCP connection with Bob’s mail server
4) SMTP client sends Alice’s message over the TCP connection
5) Bob’s mail server places the message in Bob’s mailbox
6) Bob invokes his user agent to read message
user agent
1 user agent
2
4
6
mail server
mail server
3
Alice’s mail server
5
Bob’s mail server
43
Mail Access Protocols
user agent
SMTP SMTP
sender’s mail server
mail access protocol
(e.g., POP, IMAP)
user agent
• SMTP: delivery/storage to receiver’s server
• Mail access protocol: retrieval from server
– POP: Post Office Protocol [RFC 1939]: authorization, download
– IMAP: Internet Mail Access Protocol [RFC 1730]: more features, including manipulation of stored msgs on server
– HTTP: gmail, Hotmail, Yahoo! Mail, etc.
receiver’s mail server
44
Email Message Format
• SMTP Message format – RFC 822: standard for
text message format
• Header lines
– Contains information
about the message (e.g., to, from, subject)
• Body Section
– Contains the ‘content
of the message’
– Begins with the ‘DATA’
keyword
– Only uses ASCII
characters
blank line
header
body
45
POP3 protocol
authorization phase
• client commands:
– user: declare username – pass: password
• server responses – +OK
– -ERR transaction phase,
client:
• list: list message numbers
• retr: retrieve message by
number
• dele: delete • quit
S: +OK POP3 server ready C: user bob
S: +OK
C: pass hungry
S: +OK user successfully logged on
C: list S: 1 498 S: 2 912 S: .
C: retr 1
S:
S: .
C: dele 1
C: retr 2
S:
S: .
C: dele 2
C: quit
S: +OK POP3 server signing off
46
Telnet/SSH
• Allows one computer to log into another computer
– Remote login enabling full control of the host
• Requires account name and password
– Anonymous sites similar to FTP approach
• Most popular Telnet software is PuTTY
– Open source
– Uses SSH encryption for security
• Remote Desktop (windows)
– Most advanced, connecting Window-based machines, provide full access to Window interface
47
Instant Messaging (IM)
• One of the fastest growing Internet applications
• Allows users to exchange real-time typed messages or chat with friends
48
Videoconferencing
• Provides real-time transmission of video and audio signals
• Combined video/audio signals sent via WAN (Wide Area Network)
• Desktop videoconferencing is fast growing (Skype, FaceTime etc.,)
• Require a lot of network capacity thus use data compression
• Most often compatibility is an issue
5 – 49
Thank You