Internet Technology (AS21)

The Open System interconnection model is a conceptual model for defining and standardizing network communication mechanisms. there are 7 abstract layers. each layer has its distinct functionality. provides an interface for its predecessor and successor. 

Functional details are hidden within the current layer so that the next layer is not required to have knowledge about its predecessor and successor ( other than the standardized interfaces)

Every layer can add its own header to a data package to transfer management information. these headers are only used by the corresponding layer on the other machine

The TCP/IP Model simplified the classical OSI Model and effectively replaced it. but 

Keep in mind:

•These are not an architecture

•They do not establish which services or protocols to use.

•It suggests what each level should do.

1. Application
   1. Applications, protocols and services that interface with the end user
   2. data is formatted, converted, encrypted decrypted compressed and decompressed and sent or presented to the user
   3. open, close and manage a session between end user application processes
2. Transport
   1. Facilitates end-to-end communications between multiple applications simultaneously (ports)
   2. reliable and unreliable end-to-end data transport and data stream services (TCP, UDP, SCTP)
   3. Connection-oriented, connectionless communications, and data stream services (session establishment and termination)
3. Internet
   1. provide host addressing (IP)
   2. choose the best path to the destination network (Routing)
   3. Switch packets out of the correct interface (Forwarding)
   4. Maintain quality of service (QoS)
   5. Connectionless end-to-end networking
4. Network (Access)
   1. In L2 there are 2 sublayers: logical link control (LLC,802.2) provides services to the upper layers and physical addressing (media access control addresses) 
   2. error checking (CRC)
   3. L1: frames get encoded in sequences of bits, depending on the Links (physical connections) e.g. light pulses, electricity, radio waves..

In layered systems, PDU represents a unit of data specified in the protocol of a given layer, which consists of protocol control information and user data. 

1. Data is just data
2. Segments contain Transport header + Data
3. Packets contain Network Header + transport header + data
4. Frames contain Frame Header+Network Header+Transport Header+ Data+ Frame Tail
5. and bits are bits

 A firewall is a security equipment that uses security rules to control incoming and outgoing network traffic. It can physical or virtual. depending on its layer, it may filter:

• packets and connections (L4)
• Application and protocols (L7)

Routers

• Logic to forward data based on addresses between multiple networks
• router maintain a routing table (contains directions)
• A router often knows different paths to a destination and has to choose the best way from a to b
• are required for wide area networks (WAN) like the internet

Switch

• Logic to forward data based on addresses in one network or segment of a single network
• star physical typology

Repeater and Hub

• No logic, can be seen as a plain extension of the physical wiring
• A Hub has a Star physical topology BUT BUS logical topology

Circuit Switching Network: A (physical) connection is  made for a call or similar.

•Line is typically completely occupied by this one  call.

•Benefit: Simple and guaranteed bandwidth for the active call.

•Downsides: Bad network utilization and limited flexibility.

•E.g. Plain old telephone service (POTS)

Packet Switching: A call / or internet traffic is  transferred in small chunks (packages) which are  handled independently from each other.

•Line can easily be shared between multiple  logical connections and service types.

•Benefits: Better overall network utilization with more flexibility.

•Downside: Additional functionalities are needed to guarantee a decent service quality.

Internet Protocol (IP): IP is designed explicitly as addressing protocol. It is mostly used with TCP. The IP addresses in packets help in routing them through different nodes in a network until it reaches the destination system. TCP/IP is the most popular protocol connecting the networks.

• Current version: IPv4
  • 32 Bit Addresses
  • Standardized since 1981
• Upcoming version: Ipv6
  • 128 Bit Addresses
  • Initially standardized in 1998
• Standardized protocol that forms together with TCP and UDP the core functionality of the internet.

IPv4
 

4 times 1 Byte separated by a dot, e.g.: 193.135.244.87

•each block can have a value between 0 and 255

•allows for 2³² = 4294967296 combinations/addresses

Some of the combinations are not valid addresses

 

• Reserved for internal networks (Private Address Spaces):
  • from 10.0.0.0 to 10.255.255.255
  • from 172.16.0.0 to 172.31.255.255
  • from 192.168.0.0 to 192.168.255.255
• Reserved for the local host / local pc:
  • from 127.0.0.0 to 127.255.255.255
• Broadcast IP 255.255.255.255
• Loopback 127.0.0.0 – 127.255.255.255
• Etc…

IPv6 
 

8 blocks separated by a colons, e.g.: 2001:0db8:0000:0000:0000:8a2e:0370:7334

•each block have 4 digits.

•each digit can have a value on Base16, between 0 and F. E.g. 0,1,2,3,4,5,6,7,8,9, a,b,c,d,e,f

•allows for 2128 combinations/addresses

0 at the beginning of a block may be skipped. E.g. 2001:0db8:0000:0000:0000:8a2e:0370:7334 becomes 2001:db8:0:8d3:0:8a2e:70:7344

Consecutive blocks of zeros may be skipped and replaced by two colons. E.g. 2001:db8:0:0:0:0:1428:57ab becomes 2001:db8::1428:57ab

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

Also possible: IP to Domain resolution ( ”reverse DNS” )

e.g. 147.86.1.71 à fhnw.ch

1. Transmission Control Protocol (TCP): TCP is a popular communication protocol which is used for communicating over a network. It divides any message into series of packets that are sent from source to destination and there it gets reassembled at the destination.

2. User Datagram Protocol (UDP): UDP is a substitute communication protocol to Transmission Control Protocol implemented primarily for creating loss-tolerating and low-latency linking between different applications.

3. Post Office Protocol (POP): POP3 is designed for receiving incoming E-mails.

4. Simple Mail Transport Protocol (SMTP): SMTP is designed to send and distribute outgoing E-Mail.

5. File Transfer Protocol (FTP): FTP allows users to transfer files from one machine to another. Types of files may include program files, multimedia files, text files, and documents, etc.

6. Hyper Text Transfer Protocol (HTTP): HTTP is designed for transferring a hypertext among two or more systems. HTML tags are used for creating links. These links may be in any form like text or images. HTTP is designed on Client-server principles which allow a client system for establishing a connection with the server machine for making a request. The server acknowledges the request initiated by the client and responds accordingly.

7. Hyper Text Transfer Protocol Secure (HTTPS): HTTPS is abbreviated as Hyper Text Transfer Protocol Secure is a standard protocol to secure the communication among two computers one using the browser and other fetching data from web server. HTTP is used for transferring data between the client browser (request) and the web server (response) in the hypertext format, same in case of HTTPS except that the transferring of data is done in an encrypted format. So it can be said that https thwart hackers from interpretation or modification of data throughout the transfer of packets.

Peer-to-peer architecture is a computer networking architecture in which each node has the same capabilities and responsibilities. 
It may also be referred to a single software program designed that each instance of the program can act as both client and server with the same responsibilities and status. 

P2P networks have many applications, but the most common is for content distribution

The client-server model is a distributed communication framework of network processes among service requestors, clients and service providers. the client-server connection is established through a network or the internet. 

the client-server model is a core network computing concept also building functionality for email exchange and web/database access. 

so p2p model is decentralized networking and the client-server model is centralized networking. 

• Hyper Text Transfer Protocol (HTTP) is designed for transferring a hypertext among two or more systems. HTML tags are used for creating links. These links may be in any form like text or images. HTTP is designed on Client-server principles which allow a client system for establishing a connection with the server machine for making a request. The server acknowledges the request initiated by the client and responds accordingly.
• Hyper Text Transfer Protocol Secure(HTTPS) is a standard protocol to secure the communication among two computers one using the browser and the other fetching data from web server. HTTP is used for transferring data between the client browser (request) and the web server (response) in the hypertext format, same in case of HTTPS except that the transferring of data is done in an encrypted format. So it can be said that https thwart hackers from interpretation or modification of data throughout the transfer of packets. 

HTTPS uses an encryption protocol to encrypt communications. The protocol is called Transport Layer Security (TLS), although formerly it was known as Secure Sockets Layer (SSL).

This protocol secures communications by using what’s known as an asymmetric public key infrastructure. This type of security system uses two different keys to encrypt communications between two parties:

•The private key - this key is controlled by the owner of a website and it’s kept, as the reader may have speculated, private. This key lives on a web server and is used to decrypt information encrypted by the public key.

•The public key - this key is available to everyone who wants to interact with the server in a way that’s secure. Information that’s encrypted by the public key can only be decrypted by the private key.

To get a valid SSL certificate your domain needs to obtain it from a certificate authority (CA).  A CA is an outside organization, a trusted third party, that generates and gives out SSL certificates. The CA will also digitally sign the certificate with their own private key, allowing client devices to verify it. 

The Hypertext Transfer Protocol (HTTP) is designed to enable communications between clients and servers.

•HTTP works as a request-response protocol between a client and server.

•A web browser may be the client, and an application on a computer that hosts a web site may be the server.

Two commonly used methods for a request-response between a client and server are: GET and POST.

•GET -Requests data from a specified resource

•POST -Submits data to be processed to a specified resource

GET /test/demo_form.php?name1=value1&name2=value2

GET requests

•can be cached

•remain in the browser history

•can be bookmarked

•should never be used when dealing with sensitive data

-> Never use GET when sending passwords!

•have length restrictions

•should be used only to retrieve data

POST /test/demo_form.phpHTTP/1.1Host: fhnw.chname1=value1&name2=value2

POST request

•are never cached in practice

•do not remain in the browser history

•cannot be bookmarked

•have no restrictions on data length

1. HEAD - same as GET but returns only HTTP headers and no document body
2. PUT - uploads a representation of the specified URI
3. DELETE - Deletes the specified resource
4. OPTIONS - Returns the HTTP methods that the server supports
5. CONNECT - Converts the request connection to a transparent TCP/IP tunnel
6. TRACE The TRACE method echoes the received request so that a client can see what (if any) changes or additions have been make by intermediate servers
7. PATCH - The method applies partial modifications to a resource

A session is a way to store information to be used across multiple pages.

Unlike a cookie, the information is not stored on the users computer.

On the internet there is one problem: the web server does not know who you are or what you do, because the HTTP address doesn't maintain state.

Session variables solve this problem by storing user information to be used across multiple pages (e.g. username, favourite colour, etc). By default, session variables last until the user closes the browser.

Session variables hold information about one single user, and are available to all pages in one application.

• A web service encapsulates well defined functionalities of a  information system component.
• It is a technological framework for implementing and  integrate distributed information systems.
• It is known since year 2000.
• SOA is not equal to Web Services.
  • Web services are only one possibility to implement a SOA
• Two de-facto standards to implement web services:
  • REST (REpresentational State Transfer)
  • SOAP (Simple Object Access Protocol)

REST stands for Representational State Transfer and it is based on the hypermedia architecture style. = a style of a software architecture

• REST constraints are
  • uniform interface
  • stateless
  • cachable
  • client-server
  • layered system
• the concept is based on RESOURCES, which will be addressed using ID's
• REST uses a limited range of standard methods
• Resources are interlinked with other resources.
• Every resource can have different REPRESENTATIONS
• It is a stateless communication

1. RESTful is used to refer to logic implementing a REST architecture.
2. This logic provides an interface to the implementing software
   1. API = application programming interface
   2. Services | Business Services
3. RESTful logic usually follows all REST principles
4. REST-based logic usually follows some REST principles and not all. 
5. This RESTful implementation logic is typically referred as web services or web APIs
   1. Precise terminology: RESTful web service |RESTful APIs | RESTful services
   2. Partial /Shortcut: REST web services | REST APIs | REST services
   3. Popular imprecise terminology: Web APIs | APIs

Many new APIs have adopted JSON as a format because it's built on the popular JavaScript language. JSOn is a very simple format that has two pieces: keys and values { "key": "value"}

XML has been around since 1996. it is a very mature and powerful data format the main block is called node. 
<key>value</key>

JSON (JavaScript Object Notation)

JSON is a lightweight data interchange format. 

It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language. JSON is a text format that is completely language independent. JSON an ideal data interchange languages. 

JSON Arrays are written inside square brackets. Just like JavaScript, a JSON array can contain multiple objects: "employees": [
{"firstname":"John", "lastName":"Doe"}, {"firstName":"Anna","lastName":"Smith"}]

he actual transmitted data can also be called as payload.

When the client sends the Content-Type  header in a request, it is telling the server  that the data in the body of the request is  formatted a particular way.”
“If the client wants to send the server JSON  data, it will set the Content-Type to  "application/json

• authentication: process of the client proving its identity to the server.
• credentials: secret pieces of info used to prove the client's identity (username, password..)
• access token: a secret that the client obtains upon successfully completing the authentication process
• authorization header: the HTTP header used to hold credentials. 
• authorization is found in the request header

Basic authentication is a simple authentication scheme built into the HTTP protocol.

•The client sends HTTP requests with the Authorization header that contains the word Basic word followed by a space and a base64-encoded string username: password.

•For example, to authorize as demo / p@55w0rd the client would send:

Authorization: Basic ZGVtbzpwQDU1dzByZA==

Bearer authentication (also called token authentication) is an HTTP  authentication scheme that involves access tokens called bearer tokens.

•The bearer token is a cryptic string, usually generated by the server in response to a login request.

•The client must send this token in the Authorization header when making  requests to protected resources:

Authorization: Bearer <token>