2. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer: Introduction – Client-
Server Programming – Iterative
Programming in C – WWW – HTTP –
FTP – E-Mail – Telnet – SSH – DNS
UNIT – V
4. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Providing Services
Each layer in the TCP/IP suite was made up of one or more
protocols, but new protocols can be added or some
protocols can be removed or replaced by the Internet
authorities => BOOTP
if a protocol is added to each layer / deleted = > care should
be taken to change the protocol at the next higher layer that
supposedly uses the services of the removed protocol
The protocols in Application layer do not provide services
to any other protocol in the suite;
They only receive services from the protocols in the
transport layer => the protocols can be removed from this
layer easily
Application Layer
5. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer
1. Standard Application-Layer Protocols
standardized and documented by the Internet
authority
Eg. FTP, SMTP,DNS, TFTP…..
Each standard protocol is a pair of computer programs
that interact with the user and the transport layer to
provide a specific service to the user
2. Nonstandard Application-Layer Protocols
A private company can create a new customized
application protocol to communicate with all of its
offices around the world using the services provided by
the first four layers of the TCP/IP protocol suite
7. Application-Layer Paradigms
1. Traditional Paradigm: Client-Server
Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer
server should be a powerful computer
a service provider willing to accept the cost and create a
powerful server for a specific service
WWW
HTTP
FTP
Email
…
8. Application-Layer Paradigms
peer-to-peer (P2P) paradigm
Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer
Internet
telephony,
File sharing,
Skype
…
eliminating the need for expensive servers
challenge has been security;
9. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
Communication at the application layer is between two
running application programs called processes: a client
and a server
lifetime of a server is infinite & client is finite
How can a client process communicate with a server process?
Application Programming Interface (API)
Several APIs have been designed for communication.
Three among them are common:
1. socket interface,=> 1980s part of Unix environment
2. Transport Layer Interface (TLI), and
3. STREAM.
10. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
socket interface => is a set of instructions that provide
communication between the application layer and the OS
12. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
Socket Addresses => IP address & Port address
Finding Socket Addresses @ Server Site
A local (server) => Well Known => HTTP => 80; FTP=
A remote (client) => find this socket address when a client tries to
connect to the server
Finding Socket Addresses @ Client Site
A local (client) => Provided by OS
a remote (server) socket =>URL=> DNS + Well Known port number
13. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
Using Services of the Transport Layer
Sockets for UDP communication
14. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
Using Services of the Transport Layer
Flow diagram for iterative UDP communication
15. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
Using Services of the Transport Layer
Sockets used in TCP communication
16. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
CLIENT-SERVER PROGRAMMING
Flow diagram for iterative TCP
communication
Using Services of the Transport Layer
17. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - WORLD WIDE WEB
The Web today is a repository of information
the documents, called web pages, are distributed all over the
world and related documents are linked together
Architecture => distributed client-server service
18. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - WORLD WIDE WEB
A. Web Client (Browser)
Each browser usually consists of three
parts:
1. a controller,
2. client protocols, and
3. interpreters
B. Web Server
Browsers => Google
Chrome, Internet Explorer,
Netscape Navigator, Firefox,
Opera …
Web Server => Apache,
Microsoft Internet
Information Server (IIS),
Nginx , Caddy ….
19. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - WORLD WIDE WEB
Uniform Resource Locator (URL)
1. Protocol => HTTP, FTP
2. host => IP address/ Unique name
3. Port => 16 bit integer
4. path => location and the name of the file
protocol://host/path Used most of the time
protocol://host:port/path Used when port number is needed
Web Documents => three broad categories:
1. Static => HTML, XML, XSL, XHTML
2. Dynamic => JSP, ASP
3. Active => program or a script to be run at the client site
=> Java applets
20. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - HyperText Transfer Protocol (HTTP)
HTTP is used to define how the client-server programs can be
written to retrieve web pages from the Web
HTTP client => temporary port number
HTTP server => 80
HTTP uses a connection-oriented &reliable protocol in transport
layer => TCP
Nonpersistent versus Persistent Connections
HTTP prior to version 1.1, nonpersistent connections => default
HTTP 1.1 => persistent connections => default
27. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - HyperText Transfer Protocol (HTTP)
Conditional Request
The server will send
the requested web
page if the condition
is met or inform the
client otherwise
client can accept
images in the GIF or
JPEG format
302 Found
400 Bad Request
403 Forbidden
408 Request Timeout
503 Service Unavailable
28. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - HyperText Transfer Protocol (HTTP)
Client request with If-Modified-Since
Response from Server
29. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - HyperText Transfer Protocol (HTTP)
WWW - stateless
Websites are being used as
electronic stores
Portals
advertising agencies
Cookies => is a small
piece of data stored on
the user's computer by
the web browser
Created and used by web
server
30. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - HyperText Transfer Protocol (HTTP)
Web Caching: Proxy Servers
A proxy server is a computer that keeps copies of responses to
recent requests.
The proxy server reduces the load on the original server,
decreases traffic, and improves latency
Cache Update
How long the
cache in proxy
server valid?
Last modified
HTTP => no security
Secure Socket Layer (SSL) => HTTPS Proxy Server Location => LAN, ISP network
31. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer – File Transfer Protocol (FTP)
Separation of commands and data transfer makes FTP more
efficient
FTP uses two well-known TCP ports: port 21 is used for the
control connection, and port 20 is used for the data connection
34. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer – File Transfer Protocol (FTP)
File Type => ASCII file,
EBCDIC file, or image file.
Data Structure => file
structure, record structure,
or page structure
Transmission Mode =>
stream mode (default) ,
block mode, or compressed
mode
File Transfer => retrieving a
file (server to client), storing
a file (client to server), and
directory listing (server to
client).
Security for FTP?
Add SSL between
the FTP appln.
layer and TCP
layer => SSL-FTP
35. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer – ELECTRONIC MAIL
Architecture
The E-mail system
needs
two UAs,
two pairs of MTAs
(client and server),
a pair of MAAs
(client and server).
36. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer – ELECTRONIC MAIL
Message Transfer Agent: SMTP
Protocols used in mail transfer => SMTP, POP, IMAP
SMTP simply defines how commands and responses must be sent back and
forth.
37. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer – ELECTRONIC MAIL
SMTP Commands and Responses; Command format => Keyword: argument(s)
39. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer – ELECTRONIC MAIL
Post Office Protocol, version 3 (POP3)
1. delete mode
mail is deleted from the mailbox
after each retrieval
2. keep mode
Drawbacks
1. It does not allow the user to
organize her mail on the
server;
2. User cannot have different
folders on the server.
3. Does not allow the user to
partially check the contents
of the mail before
downloading
TCP port
110
40. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer
Internet Mail Access Protocol, version 4 (IMAP4)
More powerful and more complex
IMAP4 provides the following extra functions:
1. A user can check the e-mail header prior to downloading.
2. A user can search the contents of the e-mail for a specific string
of characters prior to downloading.
3. A user can partially download e-mail. This is especially useful if
bandwidth is limited and the e-mail contains multimedia with
high bandwidth requirements.
4. A user can create, delete, or rename mailboxes on the mail
server.
5. A user can create a hierarchy of mailboxes in a folder for e-mail
storage.
Application Layer – ELECTRONIC MAIL
41. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application LayerApplication Layer – ELECTRONIC MAIL
Multipurpose Internet Mail Extensions (MIME)
is a supplementary protocol that allows non-ASCII data to be sent through e-
mail
44. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
Directory system that can map a name to an address
UDP/TCP
Port 53UDP => message is less than 512 bytes;
TCP => more than 512 bytes
45. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
Name Space
names must be unique because the addresses are unique
name space that maps each address to a unique name can
be organized in two ways: flat or hierarchical.
128 levels:
level 0 (root) to level 127
46. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
Label
Domain Name
fully qualified domain name (FQDN)
Partially qualified domain name
(PQDN)
50. Caching
the server marks the response as unauthoritative
the authoritative server always adds information to
the mapping called time to live (TTL).
Resource Records
a name server stores a database of resource records.
A resource record is a 5-tuple structure,
(Domain Name, Type, Class, TTL, Value)
Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
53. Registrars
How are new domains added to DNS?
This is done through a registrar, a commercial entity accredited
by ICANN. A fee is charged
To get the list of registrars => http://www.intenic.net
Dynamic Domain Name System (DDNS)
adding a new host, removing a host, or changing an IP address
Primary DNS server & Secondary DNS server
Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
54. Security of DNS
DNS is one of the most important systems in the
Internet infrastructure;
Types of Attacks
1. The attacker may read the response of a DNS server
to find the nature or names of sites the user mostly
accesses. This type of information can be used to
find the user’s profile. To prevent this attack, DNS
messages need to be confidential
Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
55. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
Types of Attacks
2. The attacker may intercept the response of a DNS
server and change it or create a totally new bogus
response to direct the user to the site or domain the
attacker wishes the user to access.
IETF has devised a technology named DNS Security
(DNSSEC) that provides message origin authentication
and message integrity using a security service called
digital signature => Encryption => transmit=> Decrypt
56. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - DOMAIN NAME SYSTEM (DNS)
Types of Attacks
3. The attacker may flood the DNS server to overwhelm
it or eventually crash it. This type of attack can be
prevented using the provision against denial-of-service
attack (DoS)=> IP spoofing
There is no specific protection against the DoS attack in
the specification of DNSSEC
59. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - SECURE SHELL (SSH)
SSH is an application-layer protocol with three
components
60. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Application Layer - SECURE SHELL (SSH)
I. SSH Transport-Layer Protocol (SSH-TRANS)
1. Privacy or confidentiality of the message exchanged
2. Data integrity, which means that it is guaranteed that
the messages exchanged between the client and server
are not changed by an intruder
3. Server authentication, which means that the client is
now sure that the server is the one that it claims to be
4. Compression of the messages, which improves the
efficiency of the system and makes attack more difficult
II. SSH Authentication Protocol (SSH-AUTH)
III. SSH Connection Protocol (SSH-CONN)
61. Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Reference
Behrouz A. Forouzan, “Data Communications and
Networking”, McGraw-Hill, 5th Edition, 2015