Application Layer Protocols Introduction

Application Layer
Dr. S.Shanthi/ASP/CSE/Kongu Engg. College
Dr. SHANTHI S
Associate Professor
Computer Science & Engineering
Kongu Engineering College
Perundurai, Erode, Tamilnadu

Application Layer: Introduction – Client-
Server Programming – Iterative
Programming in C – WWW – HTTP –
FTP – E-Mail – Telnet – SSH – DNS
UNIT – V

Providing Services
Each layer in the TCP/IP suite was made up of one or more
protocols, but new protocols can be added or some
protocols can be removed or replaced by the Internet
authorities => BOOTP
if a protocol is added to each layer / deleted = > care should
be taken to change the protocol at the next higher layer that
supposedly uses the services of the removed protocol
The protocols in Application layer do not provide services
to any other protocol in the suite;
They only receive services from the protocols in the
transport layer => the protocols can be removed from this
layer easily
Application Layer

Application Layer
1. Standard Application-Layer Protocols
standardized and documented by the Internet
authority
Eg. FTP, SMTP,DNS, TFTP…..
Each standard protocol is a pair of computer programs
that interact with the user and the transport layer to
provide a specific service to the user
2. Nonstandard Application-Layer Protocols
A private company can create a new customized
application protocol to communicate with all of its
offices around the world using the services provided by
the first four layers of the TCP/IP protocol suite

Application-Layer Paradigms
1. Traditional Paradigm: Client-Server
2. peer-to-peer (P2P) paradigm
Application Layer

1. Traditional Paradigm: Client-Server
Application Layer
 server should be a powerful computer
 a service provider willing to accept the cost and create a
powerful server for a specific service
WWW
HTTP
FTP
Email
…

peer-to-peer (P2P) paradigm
Application Layer
Internet
telephony,
File sharing,
Skype
…
eliminating the need for expensive servers
challenge has been security;

CLIENT-SERVER PROGRAMMING
Communication at the application layer is between two
running application programs called processes: a client
and a server
lifetime of a server is infinite & client is finite
How can a client process communicate with a server process?
Application Programming Interface (API)
Several APIs have been designed for communication.
Three among them are common:
1. socket interface,=> 1980s part of Unix environment
2. Transport Layer Interface (TLI), and
3. STREAM.

socket interface => is a set of instructions that provide
communication between the application layer and the OS

Socket Addresses => IP address & Port address
Finding Socket Addresses @ Server Site
A local (server) => Well Known => HTTP => 80; FTP=
A remote (client) => find this socket address when a client tries to
connect to the server
Finding Socket Addresses @ Client Site
A local (client) => Provided by OS
a remote (server) socket =>URL=> DNS + Well Known port number

Using Services of the Transport Layer
Sockets for UDP communication

Flow diagram for iterative UDP communication

Sockets used in TCP communication

Flow diagram for iterative TCP
communication

Application Layer - WORLD WIDE WEB
 The Web today is a repository of information
 the documents, called web pages, are distributed all over the
world and related documents are linked together
 Architecture => distributed client-server service

A. Web Client (Browser)
 Each browser usually consists of three
parts:
1. a controller,
2. client protocols, and
3. interpreters
B. Web Server
Browsers => Google
Chrome, Internet Explorer,
Netscape Navigator, Firefox,
Opera …
Web Server => Apache,
Microsoft Internet
Information Server (IIS),
Nginx , Caddy ….

Uniform Resource Locator (URL)
1. Protocol => HTTP, FTP
2. host => IP address/ Unique name
3. Port => 16 bit integer
4. path => location and the name of the file
protocol://host/path Used most of the time
protocol://host:port/path Used when port number is needed
Web Documents => three broad categories:
1. Static => HTML, XML, XSL, XHTML
2. Dynamic => JSP, ASP
3. Active => program or a script to be run at the client site
=> Java applets

Application Layer - HyperText Transfer Protocol (HTTP)
HTTP is used to define how the client-server programs can be
written to retrieve web pages from the Web
HTTP client => temporary port number
HTTP server => 80
HTTP uses a connection-oriented &reliable protocol in transport
layer => TCP
Nonpersistent versus Persistent Connections
HTTP prior to version 1.1, nonpersistent connections => default
HTTP 1.1 => persistent connections => default

Nonpersistent Connections

Persistent Connections

Methods in Request Message

Conditional Request
 The server will send
the requested web
page if the condition
is met or inform the
client otherwise
 client can accept
images in the GIF or
JPEG format
302 Found
400 Bad Request
403 Forbidden
408 Request Timeout
503 Service Unavailable

Client request with If-Modified-Since
Response from Server

WWW - stateless
Websites are being used as
 electronic stores
 Portals
 advertising agencies
Cookies => is a small
piece of data stored on
the user's computer by
the web browser
Created and used by web
server

Web Caching: Proxy Servers
A proxy server is a computer that keeps copies of responses to
recent requests.
The proxy server reduces the load on the original server,
decreases traffic, and improves latency
Cache Update
How long the
cache in proxy
server valid?
Last modified
HTTP => no security
Secure Socket Layer (SSL) => HTTPS Proxy Server Location => LAN, ISP network

Application Layer – File Transfer Protocol (FTP)
Separation of commands and data transfer makes FTP more
efficient
FTP uses two well-known TCP ports: port 21 is used for the
control connection, and port 20 is used for the data connection

Client to Server

Server to Client

File Type => ASCII file,
EBCDIC file, or image file.
Data Structure => file
structure, record structure,
or page structure
Transmission Mode =>
stream mode (default) ,
block mode, or compressed
mode
File Transfer => retrieving a
file (server to client), storing
a file (client to server), and
directory listing (server to
client).
Security for FTP?
Add SSL between
the FTP appln.
layer and TCP
layer => SSL-FTP

Application Layer – ELECTRONIC MAIL
Architecture
The E-mail system
needs
 two UAs,
 two pairs of MTAs
(client and server),
 a pair of MAAs
(client and server).

Message Transfer Agent: SMTP
Protocols used in mail transfer => SMTP, POP, IMAP
SMTP simply defines how commands and responses must be sent back and
forth.

SMTP Commands and Responses; Command format => Keyword: argument(s)

Mail Transfer Phases
port 25,

Post Office Protocol, version 3 (POP3)
1. delete mode
mail is deleted from the mailbox
after each retrieval
2. keep mode
Drawbacks
1. It does not allow the user to
organize her mail on the
server;
2. User cannot have different
folders on the server.
3. Does not allow the user to
partially check the contents
of the mail before
downloading
TCP port
110

Application Layer
Internet Mail Access Protocol, version 4 (IMAP4)
More powerful and more complex
IMAP4 provides the following extra functions:
1. A user can check the e-mail header prior to downloading.
2. A user can search the contents of the e-mail for a specific string
of characters prior to downloading.
3. A user can partially download e-mail. This is especially useful if
bandwidth is limited and the e-mail contains multimedia with
high bandwidth requirements.
4. A user can create, delete, or rename mailboxes on the mail
server.
5. A user can create a hierarchy of mailboxes in a folder for e-mail
storage.

Application LayerApplication Layer – ELECTRONIC MAIL
Multipurpose Internet Mail Extensions (MIME)
is a supplementary protocol that allows non-ASCII data to be sent through e-
mail

Application LayerApplication Layer – ELECTRONIC MAIL

Application Layer - DOMAIN NAME SYSTEM (DNS)
Directory system that can map a name to an address
UDP/TCP
Port 53UDP => message is less than 512 bytes;
TCP => more than 512 bytes

Name Space
 names must be unique because the addresses are unique
 name space that maps each address to a unique name can
be organized in two ways: flat or hierarchical.
128 levels:
level 0 (root) to level 127

Label
Domain Name
fully qualified domain name (FQDN)
Partially qualified domain name
(PQDN)

Country Domain

Resolution
1. Recursive Resolution
2. Iterative Resolution
Figure Recursive Resolution

Iterative Resolution

Caching
 the server marks the response as unauthoritative
 the authoritative server always adds information to
the mapping called time to live (TTL).
Resource Records
a name server stores a database of resource records.
A resource record is a 5-tuple structure,
(Domain Name, Type, Class, TTL, Value)

DNS Messages

Registrars
How are new domains added to DNS?
This is done through a registrar, a commercial entity accredited
by ICANN. A fee is charged
To get the list of registrars => http://www.intenic.net
Dynamic Domain Name System (DDNS)
adding a new host, removing a host, or changing an IP address
Primary DNS server & Secondary DNS server

Security of DNS
DNS is one of the most important systems in the
Internet infrastructure;
Types of Attacks
1. The attacker may read the response of a DNS server
to find the nature or names of sites the user mostly
accesses. This type of information can be used to
find the user’s profile. To prevent this attack, DNS
messages need to be confidential

Types of Attacks
2. The attacker may intercept the response of a DNS
server and change it or create a totally new bogus
response to direct the user to the site or domain the
attacker wishes the user to access.
IETF has devised a technology named DNS Security
(DNSSEC) that provides message origin authentication
and message integrity using a security service called
digital signature => Encryption => transmit=> Decrypt

Types of Attacks
3. The attacker may flood the DNS server to overwhelm
it or eventually crash it. This type of attack can be
prevented using the provision against denial-of-service
attack (DoS)=> IP spoofing
There is no specific protection against the DoS attack in
the specification of DNSSEC

Application Layer - TErminaL NETwork (TELNET)

Application Layer - TELNET

Application Layer - SECURE SHELL (SSH)
SSH is an application-layer protocol with three
components

Application Layer - SECURE SHELL (SSH)
I. SSH Transport-Layer Protocol (SSH-TRANS)
1. Privacy or confidentiality of the message exchanged
2. Data integrity, which means that it is guaranteed that
the messages exchanged between the client and server
are not changed by an intruder
3. Server authentication, which means that the client is
now sure that the server is the one that it claims to be
4. Compression of the messages, which improves the
efficiency of the system and makes attack more difficult
II. SSH Authentication Protocol (SSH-AUTH)
III. SSH Connection Protocol (SSH-CONN)

Reference
Behrouz A. Forouzan, “Data Communications and
Networking”, McGraw-Hill, 5th Edition, 2015

Application Layer Protocols Introduction

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Application Layer Protocols Introduction

Similar to Application Layer Protocols Introduction (20)

Recently uploaded

Recently uploaded (20)

Application Layer Protocols Introduction