application layer

Application Layer

Chapter -9 ,Unit 7

shanti verma 1

Fundamental of Networking

8/13/2014

OutlineIntroduction

Domain Name System (DNS)

DNS

Registration Process

The Name servers

Resource Records

Dynamic DNS

The WWW and HTTP

HTTP Query and Response

The structure of the Query and Response

Persistent connection with HTTP 1.1

Cookies

session Variables

Proxies as gateway

The Dynamic Web

Bluetooth

Introduction

Architecture

Protocol Stack

Pairing Process

Security

8/13/2014 shanti verma 2

Introduction: Application Layer Application layer acts as an interface between the system and its

users.

There is an important difference between application and application layer.

Browsers and FTP clients are few examples of applications that work at the application layer.

Applications interact with the transport layer to establish connection with the other end of application and transfer data as per user requirements.

Applications are programmed to communicate with TCP or UDP to get their job done.

Firefox browser is application communicate with TCP.

Application layer is the place where both the clients and servers run.

The application layer’s job is to standardize the communication) i.e. come out with a protocol) in a way that any arbitrary client can talk to any arbitrary server.

Firefox browser talks to Apache in one case and IIS in another case.

At the application layer, the protocols are plenty and still counting. Transport layer has TCP and UDP, Network Layer has IP.

shanti verma 38/13/2014

Domain Name System (DNS) DNS is an application which a normal a normal user does

not encounter unless he uses NSLookup. NSLookup is an online web tool that queries the DNS to extract he IP

address of websites.

What is need of DNS◦ addresses are hard for people to remember

◦ sending e-mail to [email protected] means that if Tana's ISP or organization moves the mail server to a different machine with a different IP address, her e-mail address has to change

◦ Hence ASCII names were introduced

◦ Nevertheless, the network itself understands only numerical addresses

To map a name onto an IP address, ◦ an application program calls a library procedure called the resolver, passing it the

name as a parameter.

** Revolvers are the routines that take queries from browser-like applications and start querying the name servers.

◦ The resolver sends a UDP packet to a local DNS server,

◦ which then looks up the name and returns the IP address to the resolver, which then returns it to the caller


The Domain Namespace


The Domain Namespace

The domain namespace is the representation of domain names as a part of hierarchy starting from the root server.

www.google.com is an example of domain name space.

This name represents a hierarchy; .com is the highest level, googlecomes under it and ‘www’ is at lowest level.

The domain name either represents a bunch of computer or single computer.

The top-level domains come in two flavors: ◦ generic.

com (commercial), edu (educational institutions), gov (the U.S. Federal Government), int (certain international organizations), mil (the U.S. armed forces), net (network providers), and org (nonprofit organizations).

◦ Countries The country domains include one entry for every country, as

defined in ISO 3166.


http://www.google.com/

Domain Namespace

Requirements Domain names are case insensitive

Component names can be up to 63 characters long,

full path names must not exceed 255 characters

To create a new domain, permission is required of the domain in which it will be included

Efficient i.e. not take an inordinate amount of time to convert a domain name to an IP address.

Continue working despite break downs

It should not introduce additional overheads to any part of the internet by increasing the number of queries or replies in a region.

Information available from the nearby servers

It should contain a few additional information like official mail server for a specified organization, the name and mail address of a person looking after a website etc.

A single server can manage multiple networks.

It should be secure enough (not provided)


DNS poisoning

When the system is poisoned with

incorrect information, the users

faithfully type the specified company’s

URL are switched to some other

place. This is known as DNS

poisoning.


Labels and Domain


Labels and Domain

Domains are quite generic in nature.

A domain may represent multiple sub domains and

not having any machine attached to it directly. For example: most of the sub domains of a top level domain

like com or org do not have any computer attached to them

directly. They are divided in to multiple sub domains.

A domain name can be of two types: Fully qualified: A fully qualified name for google is

google.com. The last dot is not accidental; it represents an

empty string (root server) coming next to com.

Partially qualified: like abciet.org (without the last dot) or

abciet can also be used if the context is clear.


Domain Hierarchy

Lower level domain are part of higher level domain. Three

different domains are shown here, the in domain, the ac.in

domain and the ABC.ac.in domain. The entire domain name

space consists of various such domains.


Advantages of Hierarchy

Space constraint

Processing time constraint

Congestion near the server

Organized form of information

Efficient resolution of domain names

A comparatively static database is better to be

organized this way

Clear cut controlling infrastructure

Delegation of authority is clearly defined

Autonomous control


The Distributed Database

The information about the domains are not stored

at a central location but distributed across various

servers- root servers, the TLD (Top Level Domain)

server, the Local server deployed at a specific

organizations and ISPs, and other servers in

between.

The distributed organization is better because most

of the queries are resolved locally. For example: in above figure ABC server contains information

about ABC domain machines only, both of them only have

pointers to their respective sub domains.


Advantages of Distributed

database in DNS

Load on big servers like TLD’s and root servers is reduced to a large extent.◦ Most of the queries in DNS are resolved with in the local

server’s scope.

Distributed database reduces the network traffic◦ Queries are resolved by nearby server and responses do

not have to travel long.

No single point of failure◦ If a few servers go dawn at the same pointy of time, most

of the internet users remain unaffected.

Easy maintenance◦ Maintaining a single huge data base is much more difficult

than some comparatively small-sized databases.

Can be easily managed


For the above domain hierarchy figure

database tables are as follows

shanti verma 15

Database for ‘in’

ac Address of ac

mil

Address of mil

edu

Address of edu

… …

Database for ‘ac’

A Address of ABC

… …

Database for ‘ABC’

ict Address of ict

ibm Address of ibm

Address of

8/13/2014

Search Mechanism and Name

Resolution: Searching an IP address for a given domain is the most important and

most frequent operation on DNS. It is also referred as name resolution.

The resolution process begins when a local server asks any of theservers for the information.

There are two ways of resolution possible in a DNS Recursive name resolution Method

First, the client asks for a resolution to a name server and the nameserver getting the same name by asking in the hierarchy up if it doesnot contain the required value. Thus the client will get the answerwithout having to ask anybody else.

Iterative name resolution Method

Second, when the name server does not contain the address, it passesthe address to the next level of the server and then the client contactthe server directly. Here the client must be able to send query again toa higher level, in case the queried DNS server is unable to answer.

DNS uses both types of name resolution. It also provides clients andservers to negotiate about their choice of name resolution.


Recursive name resolution

method


Recursive name resolution

method The local machine (client) can ask for a recursive

answer from a name server. This means the revolver expects the server to supply the final answer.

Local machine sends the query about abcict.org.

If the server is the authority fro the domain name, it checks its database and responds. If not it sends the request to another server (the parent usually) and wait for the response.

Local DNS server does not have the address of abcict.org so it send request to root server and wait for request.

If the parent is the authority, it responds; otherwise, it sends the query to yet another server.

Root server does not have the address of abcict so it send request to org server.

When the query is finally resolved, the response travels back until it finally reaches the requesting client.


Iterative name resolution

method


Iterative name resolution

method If the client does not ask for recursive answer, the mapping can

be done iteratively.

If the server (Local DNS server) is an authority for the name, it

sends the answer. If it is not, it returns to the client (local

machine) the IP address of the server (root server) that it thinks

can resolve the query. Local DNS server does not have the address of abcict.org so it sends IP address of

root server.

The client (Local machine) is responsible for repeating the query

to this second server (root server).

Root server does not have address of abcict so it sends an IP

address of org server. Now the client (Local machine) must

repeat the query to this third server (org server).

Now an org server has an IP address of abcict so it returns an IP

address of the abcict.

The client repeats the same query to multiple servers, that’s why

this process is called Iterative Resolution.shanti verma 208/13/2014

The Zone What a server is responsible for, or has authority over, is

called a zone.

If a server accepts responsibility for a domain and does not

divide the domain into smaller domains, the domain and the

zone refer the same thing.

The server makes a database called a zone file and keeps all

the information for every node under that domain.

If the server divides its domain into sub domains and

delegates parts of its authority to the other servers, domain

and zone refer to different things.

The information about the nodes in the sub domains is stored

in the servers at the lower levels, with the original server

keeping some sort of reference to these lower level servers.

A server can also divide its domain and delegate

responsibility but still keep part of the domain for it self.

In this case, its zone is made of detailed information for the part of the

domain that is not delegated and references to those parts that are

delegated. shanti verma 218/13/2014

The Zone


The Zone

In the figure shows one server which manages ABC.ac.in

domain also ict. ABC.ac.in, ibm. ABC.ac.in, ica. ABC.ac.in,

thus are under same zone.

Similarly presidentofindia.nic.in, vicepresidentofindia.nic.in are

managed by nic and come under same zone.

Nic also manages some other government websites like

dae.gov.in (department of atomic energy) and cic.gov.in

(central information commission), thus it forms a zone

managed by a different server.


The Registration Process


Contd… Registration process is required to register company or institutes and obtain a

suitable domain name.

ICANN (Internet Corporation of Assigned Names and Numbers) makes sure that

anybody who needs a domain name gets a unique one.

The organization that wants to act as a registrar must get an accreditation from

ICANN.

Registrars usually charge some fees for registering a user.

For government and educational institutes, special registrar is appointed. In India NIC (National Informatics Center) is the registrar for government organizations.

ERNET (Education and Research Network) acts as a registrar for educational institutes (either ac.in

or edu.in)

For registering a domain name, the following steps are taken:

Get a unique domain name under your choice of domain.

Pay a little amount of fee for registering your choice of domain name to the

registrar of your choice.

Register your domain name first and then register your web server and also a

mail server.

Registration involves running the primary and backup name servers. For small

organization ISPs provide their own servers for rent.

The web and mail servers also need to be installed and running for registration.

Additionally, ISPs usually provide an additional service of registering your domain

in search engines. shanti verma 258/13/2014

The Name Servers

Root Name servers: contacted by local name

server that can not resolvename

root name server:◦ contacts authoritative name

server if name mapping notknown

◦ gets mapping

◦ returns mapping to localname server

Top-level domain (TLD)servers:◦ responsible for com, org, net, edu,

etc, and all top-level countrydomains uk, fr, ca, jp.

◦ Network Solutions maintainsservers for com TLD

◦ Educause for edu TLD

shanti verma 26

The servers that host some part of domain name hierarchy are known

as name servers.

There are three different types of name servers

Root servers

Top Level Domain (TLD) servers

Authoritative servers

8/13/2014

The Name Servers

Authoritative DNS

servers:

◦ organization’s DNS servers,

providing authoritative

hostname to IP mappings

for organization’s servers

(e.g., Web, mail).

◦ can be maintained by

organization or service

provider

shanti verma 27

Fig: Name Servers. The ABC server can process queries from ABC.org as well as ABC.ac.in and also the domains

below them. On the contrary, large domains like ‘edu’and ‘in’ need more than one server to handle queries.

8/13/2014

Resource Records

The DNS database is stored as resource records

The resource record is a record containing five different fields describing each of such entries.

Domain name ◦ tells the domain to which this record applies

Time to_live◦ gives an indication of how stable the record is

◦ 60 to 86400

Class ◦ Which type of info for internet always IN

Type ◦ What kind of record this is.

Value◦ Value base on Type


Contd…

shanti verma 29

Type Meaning Value

A IPv4 address 32-bit value

AAAA IPv6 address 128-bit value

CNAME Canonical Name Alias name for host

PTR Pointer IP address (IPv4 or IPv6)

NS Name Server Name server(s)

SOA Start of Authority Zone name etc

MX Mail Exchanger mail server/exchanger

HINFO Host Info Optional information

SPF Sender Policy Framework Identify mail servers

TXT Text Text information

DNSKEY DNS Key Public key of domain

RRSIG R R Signature Resource Record Signature

Resource Records may be of many types. Some of the important one are listed below in

table

8/13/2014

Contd…

shanti verma 30

The file described in the table below contains few examples of resource

records.Domain Time-to-live Class Type Value

207.118.130.194 / 24 172800 IN PTR abcict.org.

ftp.abcict.org. 172800 IN CNAME Vishwanath.abcict.org.

abcict.org. 172800 IN NS ns2.webmastersindia.com.

abcict.org. 172800 IN NS ns1.webmastersindia.com.

abcict.org. 172800 IN A 207.118.130.194

abcict.org. 172800 IN MX (10) mail.abcict.org.

172800 IN MX (20) Vishwanath.abcict.org

172800 IN MX (30) Ponting.abcict.org

mail.abcict.org. 172800 IN A 207.118.130.194

www.abcict.org. 172800 IN CNAME Ponting.abcict.org

www.abcict.org. 172800 IN CNAME abcict.org.

Ponting.abcict.org. 172800 IN A 208.118.130.194

Ponting.abcict.org. 172800 IN HINFO HP laptop with RHEL 9

Vishwanath.abcict.org. 172800 IN A 209.118.130.194

172800 IN HINFO HP I3

laser.abcict.org 172800 IN A 210.118.130.194

172800 IN HINFO The laser printer

Table: The zone files of ‘abcict’

8/13/2014

https://www.glsict.org:8443/plesk/client@5/domain@70/dns/resource-record@965/properties/?previous_page=dns







Dynamic DNS

DDNS is a system which allows thedomain name to be updated in realtime instead of in a few days

The most common use for this is inallowing a domain name to be assignedto a computer with a varying IP address

This makes it possible for other sites onthe Internet to establish connections tothe machine without needing to track theIP address themselves


Dynamic DNS


Why Use DDNS?

Make your server accessible on the

Internet even though it has a dynamic

IP address

Make your domain name point to your

PC even though its IP address

changes

Run your own servers at home –

Internet, E-Mail, FTP


How Does DDNS Work?

Sign up for a DDNS account

Enter your DDNS registration

information in your router or use

DDNS client software

Set up your router and Web service to

use the DDNS configuration


DNSSEC Mechanisms

New Resource Records

Setting Up a Secure Zone

Delegating Signing Authority

35shanti verma8/13/2014

Secondary

DNS

primary

DNS

Registrars

& Registrants

Registry

Secondary

DNS

Data flow through the DNS

Where are the vulnerable

points?

Server vulnarability

Man in the Middle

spoofing

&

Man in the Middle


What does DNSSEC provide

provides message authentication and integrity

verification through cryptographic signatures

◦ You know who provided the signature

◦ No modifications between signing and validation

It does not provide authorization

It does not provide confidentiality

It does not provide protection against DDOS


WWW Background

1989-1990 – Tim Berners-Lee inventsthe World Wide Web at CERN◦ Means for transferring text and graphics

simultaneously

◦ Client/Server data transfer protocol Communication via application level protocol

System ran on top of standard networkinginfrastructure

◦ Text mark up language Not invented by Bernes-Lee

Simple and easy to use

Requires a client application to render text/graphics


WWW Components

Structural Components

◦ Clients/browsers – to dominant implementations

◦ Servers – run on sophisticated hardware

◦ Caches – many interesting implementations

◦ Internet – the global infrastructure which facilitates data

transfer

Semantic Components

◦ Hyper Text Transfer Protocol (HTTP)

◦ Hyper Text Markup Language (HTML)

eXtensible Markup Language (XML)

◦ Uniform Resource Identifiers (URIs)


WWW Structure

Clients use browser application to send URIs via HTTP to servers requesting a Web page

Web pages constructed using HTML (or other markup language) and consist of text, graphics, sounds plus embedded files

Servers (or caches) respond with requested Web page◦ Or with error message

Client’s browser renders Web page returned by server◦ Page is written using Hyper Text Markup Language (HTML)

◦ Displaying text, graphics and sound in browser

◦ Writing data as well

The entire system runs over standard networking protocols (TCP/IP, DNS,…)


HTTP Request and its

Response

shanti verma 41

Web

Browser

SearchEngines

Servlet

“I want to search for

Bill Gates on Google”

“Go to Google”

“I want to search for

Bill Gates on Google”

“Your results…”

Google

8/13/2014

Client Request Data

When a user submits a browser request to

a web server, it sends two categories of

data:

◦ Form Data: Data that the user explicitly typed

into an HTML form.

For example: registration information.

◦ HTTP Request Header Data: Data that is

automatically appended to the HTTP Request

from the client.

For example: cookies, browser type, etc,


Uniform Resource Identifiers

Web resources need names/identifiers – Uniform Resource Identifiers (URIs)◦ Resource can reside anywhere on the Internet

URIs are a somewhat abstract notion◦ A pointer to a resource to which request methods can be applied

to generate potentially different responses A request method is eg. fetching or changing the object

Instance: http://www.foo.com/index.html◦ Protocol, server, resource

Most popular form of a URI is the Uniform Resource Locator (URL)◦ Differences between URI and URL are beyond scope

◦ RFC 2396


http://www.foo.com/index.html

HTTP Basics

Protocol for client/server communication

◦ The heart of the Web

◦ Very simple request/response protocol

Client sends request message, server replies with response message

◦ Stateless

◦ Relies on URI naming mechanism

Three versions have been used

◦ 09/1.0 – very close to Berners-Lee’s original

RFC 1945 (original RFC is now expired)

◦ 1.1 – developed to enhance performance, caching, compression

RFC 2068

◦ 1.0 dominates today but 1.1 is catching up


HTTP Request Messages

GET – retrieve document specified by URL

PUT – store specified document under given URL

HEAD – retrieve info. about document specified by URL

OPTIONS – retrieve information about available options

POST – give information (eg. annotation) to the server

DELETE – remove document specified by URL

TRACE – loopback request message

CONNECT – for use by caches


HTTP Request Format

First type of HTTP message: requests◦ Client browsers construct and send

message

Typical HTTP request:◦ GET http://www.cs.wisc.edu/index.html

HTTP/1.0

shanti verma 46

request-line ( request request-URI HTTP-version)

headers (0 or more)

<blank line>

body (only for POST request)

8/13/2014

http://www.cs.wisc.edu/index.html

HTTP Response Format

Second type of HTTP message: response

◦ Web servers construct and send response messages

Typical HTTP response:

◦ HTTP/1.0 301 Moved Permanently

Location: http://www.wisc.edu/cs/index.html

shanti verma 47

status-line (HTTP-version response-code

response-phrase)

headers (0 or more)

<blank line>

body

8/13/2014

HTTP Response Codes

1xx – Informational – request received, processing

2xx – Success – action received, understood, accepted

3xx – Redirection – further action necessary

4xx – Client Error – bad syntax or cannot be fulfilled

5xx – Server Error – server failed


HTTP Headers

Both requests and responses can contain a variable number of header fields

◦ Consists of field name, colon, space, field value

◦ 17 possible header types divided into three categories Request

Response

Body

Example: Date: Friday, 27-Apr-01 13:30:01 GMT

Example: Content-length: 3001


HTTP/1.0 Network Interaction

Clients make requests to port 80 on servers

◦ Uses DNS to resolve server name

Clients make separate TCP connection for each

URL

◦ Some browsers open multiple TCP connections

Netscape default = 4

Server returns HTML page

◦ Many types of servers with a variety of implementations

◦ Apache is the most widely used

Freely available in source form

Client parses page

◦ Requests embedded objects


HTTP/1.1 Performance

Enhancements HTTP/1.0 is a “stop and wait” protocol◦ Separate TCP connection for each file Connect setup and tear down is incurred for each file

Inefficient use of packets

Server must maintain many connections in TIME_WAIT

◦ Resulted in HTTP/1.1 specification focused on performance enhancements Persistent connections

Pipelining

Enhanced caching options

Support for compression


Persistent Connections and

Pipelining Persistent connections◦ Use the same TCP connection(s) for transfer of

multiple files

◦ Reduces packet traffic significantly

◦ May or may not increase performance from client perspective Load on server increases

Pipelining◦ Pack as much data into a packet as possible

◦ Requires length field(s) within header

◦ May or may not reduce packet traffic or increase performance Page structure is critical


Persistent Connection


HTML Basics

Hyper-Text Markup Language◦ A subset of Standardized General Markup Language (SGML)

◦ Facilitates a hyper-media environment Embedded links to other documents and applications

Documents use elements to “mark up” or identify sections of text for different purposes or display characteristics

Mark up elements are not seen by the user when page is displayed

Documents are rendered by browsers

NOTE: Not all documents in the Web are HTML!

Most people use WYSIWYG editors (MS Word) to generate HTML


HTML Example

shanti verma 55

<HTML>

<HEAD>

<TITLE> PB’s HomePage </TITLE>

</HEAD>

<BODY>

<CENTER><IMG SRC = “bad_picture.gif” ALT = “

“><BR></CENTER>

<P><CENTER><H1>UW Computer Science

Department</H1></CENTER>

Welcome to my goofy HomePage!

…

<A HREF = http://www.cs.wisc.edu/~pb/mydogs_page.html> Spot’s

Page </A>

</BODY>

</HTML>8/13/2014

http://www.cs.wisc.edu/~pb/mydogs_page.html

The structure of request and

response


Components of request and

response


Complete request structure


Complete response structure


Cookies & Sessions

Cookies◦ Cookies are a mechanism for storing data in

the remote browser and thus tracking or identifying return users.

Sessions◦ Session support in PHP consists of a way to

preserve certain data across subsequent accesses. This enables you to build more customized applications and increase the appeal of your web site.


What is a Cookie?

A cookie is a small file that theserver embeds on the user'scomputer. Each time the samecomputer requests for a pagewith a browser, it will send thecookie too. With PHP, you canboth create and retrieve cookievalues.


The role of cookies


How to Create a Cookie

The setcookie() function is used to create cookies.Note: The setcookie() function must

appear BEFORE the <html> tag.

setcookie(name, [value], [expire], [path], [domain], [secure]);

This sets a cookie named "uname" - that expires after ten hours.

<?php setcookie("uname", $name, time()+36000); ?>

<html> <body> …


How to Retrieve a Cookie Value

To access a cookie you just refer to the cookie name as a variable or use $_COOKIE array

Tip: Use the isset() function to find out if a cookie has been set.

<html> <body>

<?php

if (isset($uname))

echo "Welcome " . $uname . "!<br />";

else

echo "You are not logged in!<br />"; ?>

</body> </html>


How to Delete a Cookie

It will expire

or

Cookies must be deleted with the same parameters as they were set with. If the value argument is an empty string (""), and all other arguments match a previous call to setcookie, then the cookie with the specified name will be deleted from the remote client.


What is a Session?

The session support allows you to register arbitrary numbers of variables to be preserved across requests.

A visitor accessing your web site is assigned an unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL.


How to Create a Session

The session_start() function is

used to create cookies.

<?php

session_start();

?>


How to Retrieve a Session Value

Register Session variable session_register('var1','var2',...); // will also create a

session

PS:Session variable will be created on using even if you will notregister it!

Use it<?php

session_start();

if (!isset($_SESSION['count']))

$_SESSION['count'] = 0;

else

$_SESSION['count']++;

?>


How to Delete a Session Value

session_unregister(´varname´

);

How to destroy a session:

session_destroy()


Proxy Servers

Part of an overall Firewall strategy

Sits between the local network and the external network

◦ Originally used primarily as a caching strategy to minimize

outgoing URL requests and increase perceived browser

performance

◦ Primary mission is now to insure anonymity of internal users

Still used for caching of frequently requested files

Also used for content filtering

Acts as a go-between, submitting your requests to the

external network

◦ Requests are translated from your IP address to the Proxy’s IP

address

◦ E-mail addresses of internal users are removed from request

headers

◦ Cause an actual break in the flow of communications


TCP Connection Termination

Both the outgoing and incoming TCP connections are terminated

prevents a hacker from hijacking a stale connection on a service that is being proxied

ex . HTTP page request

Use

rProxy Serve

r

request

packet

request

packet’

response packet’response

packet

Connection left open until

the proxy closes it after

receiving response packet

and sending it back to user

Connection only left open

until server closes the

connection after sending the

response packet 71shanti verma8/13/2014

Performance Aspects

Caching

◦ By keeping local copies of frequently accessed file the proxy can

serve those files back to a requesting browser without going to

the external site each time, this dramatically improves the

performance seen by the end user

◦ Only makes sense to implement this at the ISP rather than the

small business level because of the number of pages available

◦ Because of dynamic content many pages are invalidated in the

cache right away

Load balancing

◦ A proxy can be used in a reverse direction to balance the load

amongst a set of identical servers (servers inside the firewall and

users outside)

◦ Used especially with web dynamic content (.asp, .php,.cfm,.jsp)


Proxy Liabilities Single point of failure

◦ if the proxy dies , no one can get to the external network

Client software must usually be designed to use a proxy

Proxies must exist for each service

Doesn’t protect the OS

◦ proxies run at the application level

Usually optimized for performance rather than security

◦ WINGATE was installed to be easy to configure; opened a winsock proxy to the external interface, which let hackers essentially hijack the machine

Create a service bottleneck

◦ solved via parallelism (more proxies, and load balance)


This Proxy designed according to the client/server-programming

model. It consists of six modules:

Architecture - Overview

• Manager - a configuration module.

• Syntaxer - responsible for HTTP support: generation,

parsing and modification of HTTP messages.

• Server - a module that interacts with proxy clients.

• Mediator - an interface layer between Server and

Client.

• Client - accepts requests from Mediator and executes

them.

• Cache - a part of mediator that keeps copies of

received data.


Architecture – Data flow diagram

PROXY

Server

Module

Client

Module

Mediator

Module

Cache

Module

UserRemote

Host

Request

Response

Request Request

Response


How Proxy works


shanti verma 77

Dynamic Web

8/13/2014

What is Bluetooth?

A cable-replacement technology that can be used to connect almost any device to any other device

Radio interface enabling electronic devices to communicate wirelessly via short range (10 meters) ad-hoc radio connections

a standard for a small , cheap radio chip to be plugged into computers, printers, mobile phones, etc


What is Bluetooth?

Uses the radio range of 2.45 GHz

Theoretical maximum bandwidth is 1 Mb/s

Several Bluetooth devices can form an ad hoc network called a “piconet”◦ In a piconet one device acts as a master (sets

frequency hopping behavior) and the others as slaves

◦ Example: A conference room with many laptops wishing to communicate with each other


History

Harald Bluetooth : 10th century Danish King,

managed to unite Denmark and Norway

Bluetooth SIG (Special Interest Group) :

◦ Founded in 1998 by : Ericsson, Intel, IBM, Toshiba

and Nokia

◦ Currently more than 2500 adopter companies

◦ Created in order to promote, shape an define the

specification and position Bluetooth in the market

place Current specification : Bluetooth 2.1


Bluetooth Architecture

Piconet◦ Each piconet has one master and up to 7 simultaneous

slaves

Master : device that initiates a data exchange.

Slave : device that responds to the master

Scatternet

◦ Linking of multiple piconets through the master or slave devices

◦ Bluetooth devices have point-to-multipoint capability to engage in Scatternet communication.


Piconet All devices in a piconet hop together

◦ Master gives slaves its clock and device ID

Non-piconet devices are in standby

MS

S

SP

P

SB

SB

M=Master P=Parked

S=Slave SB=Standby


Scatternet Devices can be slave in one piconet and master

of another

MS

S

SP

PSB

SB

M

S

S

SB

P


Physical links

Between master and slave(s), different

types of links can be established. Two link

types have been defined:

◦ Synchronous Connection-Oriented (SCO) link

◦ Asynchronous Connection-Less (ACL) link


Physical links

Synchronous Connection Oriented (SCO)

◦ Support symmetrical, circuit-switched, point-to-point connections

◦ Typically used for voice traffic.

◦ Data rate is 64 kbit/s.

Asynchronous Connection-Less (ACL)

◦ Support symmetrical and asymmetrical, packet-switched, point-to-multipoint connections.

◦ Typically used for data transmission .

◦ Up to 433.9 kbit/s in symmetric or 723.2/57.6 kbit/s in asymmetric


Bluetooth Protocol Stack

Bluetooth Radio

Baseband

LMP

L2CAPAudio

RFCOMM

PPP

IP

UDP TCP

WAP

WAE

OBEX

vCard/vCal

AT-

CommandsTCS BIN

Host Controller Interface (HCI)

Bluetooth Core Protocol

Adopted Protocol

Cable Replacement Protocol

SDP

Telephony Protocol86shanti verma8/13/2014


Bluetooth Radio : specifics details of the air interface, including frequency, frequency hopping, modulation scheme, and transmission power.

Baseband: concerned with connection establishment within a piconet, addressing, packet format, timing and power control.

Link manager protocol (LMP): establishes the link setup between Bluetooth devices and manages ongoing links, including security aspects (e.g. authentication and encryption), and control and negotiation of baseband packet size



Logical link control and adaptation protocol (L2CAP): adapts upper layer protocols to the baseband layer. Provides both connectionless and connection-oriented services.

Service discovery protocol (SDP): handles device information, services, and queries for service characteristics between two or more Bluetooth devices.

Host Controller Interface (HCI): provides an interface method for accessing the Bluetooth hardware capabilities. It contains a command interface, which acts between the Baseband controller and link manager


Bluetooth Protocol Stack TCS BIN (Telephony Control Service): bit-oriented

protocol that defines the call control signaling for theestablishment of voice and data calls between Bluetoothdevices.

OBEX(OBject EXchange) : Session-layer protocol for theexchange of objects, providing a model for object andoperation representation

RFCOMM: a reliable transport protocol, which providesemulation of RS232 serial ports over the L2CAP protocol

WAE/WAP: Bluetooth incorporates the wireless applicationenvironment and the wireless application protocol into itsarchitecture.


Connection Establishment States

Standby

◦ State in which Bluetooth device is inactive, radio not switched on, enable low power operation.

Page

◦ Master enters page state and starts transmitting paging messages to Slave using earlier gained access code and timing information.

Page Scan

◦ Device periodically enters page state to allow paging devices to establish connections.


Connection Establishment States

Inquiry

◦ State in which device tries to discover all Bluetooth enabled devices in the close vicinity.

Inquiry scan

◦ Most devices periodically enter the inquiry scan state to make themselves available to inquiring devices.


Inquiry and Page

Inquiry

Page

Inquiryscan

Masterresponse

Inquiryresponse

Pagescan

Slaveresponse

Connection Connection

(1) ID packet (Broadcast)

(2) FHS packet

(4) ID packet

(6) ID packet

(7) ID packet

Standby Standby

Master Slave


Bluetooth Security

There are three modes of security for Bluetooth access between two devices.◦ non-secure

◦ service level enforced security

◦ link level enforced security

Device security level

◦ Trusted

◦ untrusted

Service security level

◦ Authorization and Authentication

◦ Authentication only

◦ Open to all devices


Bluetooth Security

The following are the three basic security

services specified in the Bluetooth standard:

◦ Authentication

verifying the identity of communicating devices. User

authentication is not provided natively by Bluetooth.

◦ Confidentiality

preventing information compromise caused by eavesdropping

by ensuring that only authorized devices can access and view

data.

◦ Authorization

allowing the control of resources by ensuring that a device is

authorized to use a service before permitting it to do so.


THANK YOU


application layer

Internet

goofy homepage

spots page