understanding networked applications: a first course final exam review by david g. messerschmitt
Post on 21-Dec-2015
216 views
TRANSCRIPT
Understanding Networked Applications:A First Course
Final exam review
by
David G. Messerschmitt
Understanding Networked Applications A First Course2
Copyright notice
©Copyright David G. Messerschmitt, 2000. This material may be used, copied, and distributed freely for educational purposes as long as this copyright notice remains attached. It cannot be used for any commercial purpose without the written permission of the author.
Understanding Networked Applications A First Course3
Note on material coverage
• On topics assigned by reading but not covered in class, this review lists what I consider the most important concepts
• To limit the material you are responsible for, exam questions will be limited to these topics or things touched on
• Therefore you can safely focus your studying around the topics mentioned here and issues they touch on
Understanding Networked Applications A First Course4
Note
• This is a review of the material since the second midterm
• You are responsible for the entire course
• Please, therefore, see the midterm reviews as well
Understanding Networked Applications A First Course5
Major topics since midterm
• Privacy
• Industrial organization
• Distributed systems basics– protocols– locating things
Understanding Networked Applications A First Course6
Major topics (con’t)
• Communication services– message, queuing, multiplexing, reply,
conversation, streaming, broadcast– internet: IP, TCP, etc
• Trust– availability– security
Understanding Networked Applications A First Course7
Major topics (con’t)
• Networking– multiplexing, forwarding, routing, name
services, flow and congestion control– encapsulation, fragmentation, layering– internet: IP, TCP, UDP
• Communications– Bitrate and delay limited communication– Caching
Understanding Networked Applications:A First Course
Privacy
ByDavid G. Messerschmitt
Understanding Networked Applications A First Course9
The issue
• In the course of using a networked application, there is an opportunity to capture a user profile, including– Information provided by the user for legitimate
purposes (e.g credit card number)– Information not intended to be revealed by the user
(e.g. email message)– Information about the user’s activities
• These issues are aggravated within network applications
Understanding Networked Applications A First Course10
Anonymous identification
• Complete anonymity. No identify information (personal or anonymous) is available to applications or service providers. There is no feasible way to capture traces of user activity over time or across applications.
• Anonymous identification. While no personal identify information (like name, address, email address, etc.) is available, it can be inferred when the same user revisits an application or provider (using an anonymous identifier as in the deli example). Traces can be captured of a single user’s activity, but those traces cannot be matched to personal identity.
• Personal identification. Applications or providers are aware of (at least some) personal identity information. Often, even given incomplete information, it is possible to correlate across distinctive sets of personal information if there is some commonality (e.g. an email address).
Understanding Networked Applications A First Course11
User
Application Application Application…
User profile User profile User profile…
User profile
Capture
Aggregation
Understanding Networked Applications A First Course12
Some specific privacy policy issues
Disclosure Does the application abide by a comprehensive privacy policy, and is that policy disclosed to the user?
Anonymity Is the personal identity of the user known or included in the user profile?
Control Is the user allowed some degree of control over attributes of the policy, what information is collected, and how it is used?
Default If there are user-selected options, what is are the defaults if the user makes no explicit choice? Extreme cases are “opt in”, where no information is collected unless the user explicitly chooses, or “opt out”, where all information is collected unless the user explicitly says no.
Ownership Who owns and exercises control over information that is captured?
Sharing With who is a user’s personal information shared, and how may they disseminate it further?
Persistence Over what period of time is personal information captured, and how long is it retained?
Understanding Networked Applications:A First Course
Industrial Organization
ByDavid G. Messerschmitt
Understanding Networked Applications A First Course14Implementation Provisioning Operation
Implementation Provisioning Operation
Use
Application
Infrastructure
Analysis
Analysis
Value chain for software
Understanding Networked Applications A First Course15
Systemintegrator
Applicationsoftware supplier
Infrastructuresoftware supplier
Applicationservice provider
Infrastructureservice provider
End-userorganization
Business consultant
Industry consultant
Understanding Networked Applications A First Course16
From stovepipe to layering
Data Voice Video
All applications
Value-added services
Common services
Core technologies
Application-dependentinfrastructure
Application-independent
Understanding Networked Applications A First Course17
Applications
Integrative services
Generic services
Common representations
Processing Storage Connectivity
Application components
Understanding Networked Applications A First Course18
Diversity of applications
Application and technology- independent infrastructure
Technology specific infrastructure
Application-specific infrastructure
Structure of a layered industry
Understanding Networked Applications:A First Course
Distributed systems
by
David G. Messerschmitt
Understanding Networked Applications A First Course20
Protocol
• Distributed algorithm realized by two or more modules to coordinate their actions or accomplish some shared task
• Module interoperability focuses on actions and protocols
Understanding Networked Applications A First Course21
Client Server
Time
sendreceive
request
response
subscribe
responses
Understanding Networked Applications A First Course22
Three ways of locating things
• Name
• Address
• Reference
Understanding Networked Applications:A First Course
Communication services
by
David G. Messerschmitt
Understanding Networked Applications A First Course24
Example communication services
• Messages
• Queuing and multiplexing
• Message with reply
• Conversation
• Broadcast
Understanding Networked Applications A First Course25
Sender1
Recipient
Sender2
Mux&
queue
Multiplexing and queuing
Infrastructure
Recipient deals with one message at a time even if coming from many senders
Understanding Networked Applications A First Course26
Send/receive
Request/response
Queue
= Work on message or request
= Blocked waiting for response
Send/receive
Request/response
Message
waiting
Sender RecipientSender Recipient
Comparison
Understanding Networked Applications A First Course27
Audiocoder
Audiodecoder
Videocoder
Videodecoder
Streaming multimedia
Understanding Networked Applications A First Course28
Time
Accumulate audio in message
Send message
Receive message
Playback audio in message
Delay
A session supports streaming multimedia
Understanding Networked Applications:A First Course
Security
by
David G. Messerschmitt
Understanding Networked Applications A First Course30
Availability
• Application up and running correctly– increasingly 24x7
• Expressed as expected downtime per unit time• Some types of downtime:
– Off-line upgrade and maintenance
– Software crashes
– Equipment failure
– Successful denial-of-service attack
Understanding Networked Applications A First Course31
Encryption
Encrypt Decrypt
Ciphertext
Encryption key Decryption key
Plaintextmessage
Plaintextmessage
Understanding Networked Applications A First Course32
Information
Data
Block: plaintext
Encrypt Decrypt
Information
Data
Block: plaintext
Representation by data (defined by
application)
Fragmentation AssemblyInterpretationassumed by
encryption algorithm
Ciphertext
Encryption obscures data representation
Understanding Networked Applications A First Course33
Brute force approach: block substitution table
Plaintext (n bits)
0000000000000
0000000000001
0000000000010
….
1111111111111
Ciphertext (n bits)
0100001011001
0111010011000
1000101101011
….
1110100000110
Understanding Networked Applications A First Course34
f
f
f
f
...
32 bits 32 bits
32 bits 32 bits
Bit-by bitaddition (base-two)
16 rounds
k15
k16
k2
k1
Plaintext block
Ciphertext block
Confusion
Diffusion
DES symmetric algorithm
•64 bit plaintext
•56 bit key
Understanding Networked Applications A First Course35
0
n-1
P = plaintext
C = ciphertext
Encrypt
Decrypt
RSA asymmetric algorithm
C = Ps mod nP = Ct mod nt cannot becomputed from(n,s) in reasonabletime
Understanding Networked Applications A First Course36
Alice writes message on paper in permanent ink
Alice addsher signature
Alice seals messagein envelope
Only Bob breaks sealand opens envelope
Bob verifiesAlice’ssignature
Post officephysicalsecurity
Alice requestsreturn acknowledgementfrom Bob
Understanding Networked Applications A First Course37
Encryption Decryption
Plaintext
P
Originalplaintext
P
Ciphertext
C
SK SK
Encryption DecryptionP
PC
BPK BSK
Secret key
Public key
Secret key
Secret key
Message sentby Alice
Messagereceived byBob
Or
Confidentiality
Understanding Networked Applications A First Course38
k
Alice (being authenticated)
Decryption Encryption
APK ASK
Response
Bob
Compare
Challenge-responseprotocol
Randominteger Challenge
Understanding Networked Applications A First Course39
Encryption DecryptionPS
ASK APK
Signature
(Alice) sender Bob (recipient)
Plaintext
Compare
Secret key Public key
Digital signature
Verified by a signature authority
Understanding Networked Applications A First Course40
Bob Alice
CA
Alice convinces CA of her identity
Alice provides Bob with a replica of her digitalcertificate, which provides and certifies Alice’s public key
CA givesdigital certificateand secret keyto Alice Bob verifies CA
signature using CA’s public key
Digital certificate protocol
Understanding Networked Applications A First Course41
Certificateauthority
Bank’s certificateissued by CA
Merchant’s certificateissued by bank
Verifysignature
Authority’sknownpublic key
Bank’spublickey
Verifysignature
Merchant’spublickey
Chain of trust (e-commerce example)
Understanding Networked Applications A First Course42
Secure socket layer
• Illustrated as an example of– Authentication (PKI)– Confidentiality (symmetric encryption with
secret session key)
• Shortcomings– No authentication of client– No client digital signatures
Understanding Networked Applications:A First Course
Performance
By
David G. Messerschmitt
Understanding Networked Applications A First Course44
Performance measures
• Delay– How long does it take things to happen?
• Capacity and throughput– How many things can happen (per unit time)?– Utilization
• Tradeoff– Increasing throughput through utilization is
cost effective but degrades delay
Understanding Networked Applications A First Course45
Wherefrom congestion?
time(50% utilization, regular arrivals, no backlog)
time(50% utilization, irregular arrivals, inevitable backlog)
• Increased delay from congestion is due to irregular arrivals causing system resources to be temporarily oversubscribed• Actual delay depends on arrival statistics
Understanding Networked Applications:A First Course
Networking
by
David G. Messerschmitt
Understanding Networked Applications A First Course47
Impact of network on applications
• Communication service provided the application– what does application have to do for itself?
• Impact on application performance– message (packet) latency– message (packet) loss– message (packet) corruption
Understanding Networked Applications A First Course48
Internetworking (IP)
Subnetworks
Datagram (UDP) Bytestream session (TCP)
Remote method invocation (RMI)
Application
Middleware
OS
Network
Partial internet protocol architecture
Understanding Networked Applications A First Course49
Packet switch
Addr OutLink
Output link
Routing table
Packet
Packet forwarding
...
...
Understanding Networked Applications A First Course50
Producer Consumer
Queue
Streamof messages
Flow control
Flow control
Normally the producer determines what information is sent, but consumer has to have a way to slow down producer
Understanding Networked Applications A First Course51
Carriedtraffic
Offeredtraffic
Network “capacity”
Increasing portion ofnetwork traffic is resentpackets
Socialoptimum
Congestion instability
Understanding Networked Applications A First Course52
Key ideas
• Packet encapsulation: one packet can be encapsulated in another
• Packet fragmentation: one packet can be split into two or more packets and encapsulated
• Protocol layering: one service can be layered on another by fragmentation and encapsulation
Understanding Networked Applications A First Course53
Layer n+1 Layer n+1
Layer n Layer n
Layer n+1 protocol header
Layer nprotocol header
Encapsulated layer n+1packet, including header
Peer-to-peer communication
Understanding Networked Applications A First Course54
DestinationSource DestinationSource
ACK
ACK
ACK
ACK
ACK
TaskConcurrenttasks forhigherthroughput
Packets canbe reorderedusing sequencenumber
Understanding Networked Applications A First Course55
Gateway
Public telephone network
Internet
IP telephone
Plain oldtelephone
Voice over IP
Understanding Networked Applications:A First Course
Communications
by
David G. Messerschmitt
Understanding Networked Applications A First Course57
Conveyer belt
Bits waitingto be sent
Bits thathave alreadybeen received
Conveyer belt analogy
= “0”
= “1”
Constant speed
Understanding Networked Applications A First Course58
Bottlenecks and workarounds
• Compare message size to delay-throughput product (number of bits on conveyer)
• Bitrate limited– compression
• Delay limited– caching
Understanding Networked Applications A First Course59
Remote databeing accessed
Local cache
Communicationbottleneck
Futurereferences(wherepossible)
Caching
Predictive caching becomes very important in the delay-limited regime