560 likes | 694 Vues
CCM 4223 Lecture 10 Computer Networks: Wireless and Mobile Communication Systems Dr E. Ever School of Computing Science. -. -. K (R). K (R). A. T. +. +. K. K. A. T. -. -. +. +. m = K (K (m)). m = K (K (m)). +. +. A. T. A. T. K (m). K (m). A. T.
 
                
                E N D
CCM 4223 Lecture 10 Computer Networks: Wireless and Mobile Communication Systems Dr E. Ever School of Computing Science
- - K (R) K (R) A T + + K K A T - - + + m = K (K (m)) m = K (K (m)) + + A T A T K (m) K (m) A T RECAP: security hole Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) I am Alice I am Alice R R Send me your public key Send me your public key Trudy gets sends m to Alice encrypted with Alice’s public key ccm4300
H: Hash function H: Hash function large message m large message m + - digital signature (decrypt) digital signature (encrypt) K K B B encrypted msg digest encrypted msg digest + - - KB(H(m)) KB(H(m)) H(m) H(m) RECAP: Digital signature = signed message digest Alice verifies signature and integrity of digitally signed message: Bob sends digitally signed message: H(m) Bob’s private key Bob’s public key equal ? ccm4300
Session Content ||| Introduction to WWW as a digital library ||| HyperText Markup Language(HTML) -overview - format and representation ||| HyperText Transfer Protocol (HTTP) - overview - message format - http example ||| Summary
Lesson objectives • At the completion of this lesson you should be able to • - understand and describe characteristics of the HTML • - understand and describe the concepts of the HTTP
Introduction ||| A conventional library is a more or less coherent and comprehensive collection of information: it so happens that the information is stored on paper. ||| The World Wide Web (WWW) can also be seen as a library: the fact that the information is stored electronically in a digital format leads us to refer to it as a digital library. ||| The web was first conceived in 1989 by Tim Berners-Lee (U.K.) at CERN. • using traditional database was difficult to store information • the first web client and server in 1990 • His specifications of URLs, HTTP and HTML were refined as Web technology spread. • used hypertext network of information instead - any document can contain a link to any other document • Marc Andreessen (USA) led a team that wrote Mosaic, the first graphical web browser, by the end of 1993 -in 1994, Andreessen and some colleagues formed Netscape Communication Corporation, which is now owned by AOL.
Introduction - cont ||| With a digital library, as with a conventional one, information must be stored and must then be made accessible. ||| On the Web, the information is stored in documents on Internet computers, which act as Web servers, and is made available from them on request by clients (i.e., uses a client-server model). ||| Documents are stored in mark-up language using HyperText Markup Language (HTML). ||| A document is accessed by using a browser to send a request for it and, when it is received, to display it in accordance with the way it is marked up. ||| The interchange takes place using the communication protocol known as HyperText Transfer Protocol (HTTP).
Process: program running within a host. within same host, two processes communicate using interprocess communication (defined by OS). processes running in different hosts communicate with an application-layer protocol user agent: interfaces with user “above” and network “below”. implements user interface & application-level protocol Web: browser E-mail: mail reader streaming audio/video: media player Network applications: some jargon
Application: communicating, distributed processes e.g., e-mail, Web, P2P file sharing, instant messaging running in end systems (hosts) exchange messages to implement application Application-layer protocols one “piece” of an app define messages exchanged by apps and actions taken use communication services provided by lower layer protocols (TCP, UDP) application transport network data link physical application transport network data link physical application transport network data link physical Applications and application-layer protocols
Types of messages exchanged, eg, request & response messages Syntax of message types: what fields in messages & how fields are delineated Semantics of the fields, ie, meaning of information in fields Rules for when and how processes send & respond to messages Public-domain protocols: defined in RFCs allows for interoperability eg, HTTP, SMTP Proprietary protocols: eg, KaZaA App-layer protocol defines
Typical network app has two pieces: client and server request reply application transport network data link physical application transport network data link physical Client-server paradigm Client: initiates contact with server (“speaks first”) typically requests service from server, Web: client implemented in browser; e-mail: in mail reader Server: provides requested service to client e.g., Web server sends requested Web page, mail server delivers e-mail
host or server host or server process process socket socket TCP with buffers, variables TCP with buffers, variables Processes communicating across network • process sends/receives messages to/from its socket • socket analogous to door • sending process shoves message out door • sending process asssumes transport infrastructure on other side of door which brings message to socket at receiving process controlled by app developer Internet controlled by OS • API: (1) choice of transport protocol; (2) ability to fix a few parameters (lots more on this later) API: Application Programming Interface
History of the Web • World Wide Web, “Web”, “WWW” • Tim Berners-Lee (3COM Founders , Director of the World Wide Web Consortium (W3C), )at CERN in 1991 • Demonstrated prototype at a conf. in ’91 • Text-based • Marc Andreessen developed the first graphical Web browser in 1993: Mosaic • Andreessen founds Netscape Communications • Browser war starts around 1995-96 • America Online buys Netscape in 1998
http://www.someschool.edu/someDept/pic.gif path name protocol host name Some “Web” Terminology • Web page may contain links to other pages (sometimes also called Web Objects) • Object can be HTML file, JPEG image, Java applet, audio file,… • Web pages are “Hypertexts” • One page points to another • Proposed by Prof. Vannevar Bush in 1945! • Each object is addressable by a URL:
Types of web pages • Static page/document: contents do not change unless the author changes it Static • Dynamic page/document: does not exist in a predefined form, it is created whenever a browser requests it • Page content and page layout are created separately. The content is retrieved from a database and is placed on a webpage only when needed or asked. http://www.cineworld.co.uk/ • Active page/document: it is not fully specified, it consists of a programme that understands how to compute and display the value, the program can run on the client machine (http://www.calculator.net/scientific-calculator.html)
? Hypertext Mark-up Language(HTML)0 |||Each Web pages are written in a language called HTML. |||HTML allows users to produce a Web page that includes text, graphics, and pointers to other Web pages known as hyperlinks. |||Technically, the web is a distributed hypermedia (i.e.hypertext mixed with other media e.g. audio tracks, video clips, or both)system that supports interactive access Why is HTML called a mark-up language? Because it does not contain a detailed formatting instruction. Instead of specifying a detailed document format, HTML allows a document to contain a general guidelines for display, and allows a browser to choose details. Consequently, two browsers may display an HTML document differently.
0 HTML format and representation ||| EachHTML document is divided into two major parts: • A head – contains details about the document • A body – contains the majority of the information ||| Syntactically, each HTML document is represented as a text file that contains tagsalong with other information. ||| HTML tags provide structure for the document as well as formatting hints for the web browser. ||| To specify an immediate action or to start a formatting operation a tag name is bracketed by less-than and greater-than symbol. <TAGNAME> ||| To end operation - corresponding tag with two character sequence less than and slash, and ends with a greater-than symbol. </TAGNAME>
0 HTML format and representation • <html>...</html> • The Root element of an HTML document; all other elements are contained in this. • The HTML element delimits the beginning and the end of an HTML document. • Standardised in HTML 2.0; still current. • <head>...</head> • Container for processing information and metadata for an HTML document. • Standardised in HTML 2.0; still current. • <body>...</body> • Container for the displayable content of an HTML document. • Standardised in HTML 2.0; still current.
HTML format and representation - cont |||The following simple example illustrates the form of an HTML document: <head> <TITLE> Simple Example</TITLE> </head> <body> <H1>Heading</H1> <P>A short illustrative paragraph that includes a single hyperlink to the <A HREF=“http://www.w3.org/”>WWW Consortium home page</A>.</P> </body> </html> |||The HTML code above will be interpreted and displayed by a browser in a form similar to that shown below: Heading A short illustrative paragraph that includes a single hyperlink to the WWW Consortium home page. HEAD BODY
HTML EXAMPLE <html> <head> <title>Hello</title> </head> <body> <p>Hello, world!</p> <p>This is a picture: <img src="some-image.gif"></p> <p>This is a <a href="another-page.html">link</a> to another page.</p> </body> </html>
http request PC running Explorer http response http request Server running apache Web server http response Mac running Navigator The HTTP protocol …. ||| When a Web browser interacts with a Web server, the two programs follow the HTTP. ||| HTTP is an layer protocol application • ||| HTTP - client/server model • client: browser that requests, receives, “displays” Web objects • server: Web server sends objects in response to requests • ||| Before 1998 - http1.0: RFC 1945 • ||| http1.1: RFC 2068
The HTTP protocol - cont ||| The generic client-server interaction proceeds through four stages: 1. Send request. e.g. ‘http://www.mdx.ac.uk/cs/lecture6.html’ 2. Receive request. The named computer (a Web server) receives the request and locates the file in its file store. 3. Send response. The Web server sends the requested file to the requesting computer. 4. Receive response. The client machine receives the file and its browser displays it in accordance with the way it is marked up.
http: TCP transport service: |||client initiates TCP connection (creates socket) to server, port 80 |||server accepts TCP connection from client |||http messages (application-layer protocol messages) exchanged between browser (http client) and Web server (http server) |||TCP connection closed The HTTP protocol - cont http is “stateless” |||server maintains no information about past client requests aside Protocols that maintain “state” are complex! |||past history (state) must be maintained |||if server/client crashes, their views of “state” may be inconsistent, must be reconciled
The HTTP protocol - cont HTTP : Uniform Resource Locator (URL) ||| Each object is addressable by a single URL ||| Each URL has two components: - the host name of the server that houses the object and - the object’s path name ||| For example: www.mdx.ac.uk/cs/alasebae/pec.jpg Concepts ||| A web page (also referred to as document) consists of objects. ||| An object is simply a file such as an HTML file, JPEG file, a Java applet, an audio clip, etc. ||| Most web pages consist of a base HTML file and several referenced objects ||| For example, if a Web page contains HTML text and five JPEG images, then the Web page has six objects. - www.mdx.ac.uk for a host name - /someDepartment/logo.gif for a path name
SYN time ACK FIN ACK FIN ACK application transport Network Network access application transport Network Network access TCP three-way handshake Initiates a connection SYN + ACK Accepts and acknowledges Open Close Three-way handshake Acknowledges and begins tx 4. Data flow begins 4. Receive data 3. ACK 3. ACK 2. SYN + ACK 2. SYN + ACK 1. SYN 1. SYN
Suppose user enters URL www.someSchool.edu/someDepartment/home.index HTTP example (1.0) (e.g. contains text, references to 5 jpeg images) 1a.http client initiates TCP connection to http server (process) at www.cs.mdx.ac.uk Port 80 is default for http server. 1b.http server at host www.cs.mdx.ac.uk waiting for TCP connection at port 80 (HTTP uses port 80). “accepts” connection, notifying client 2.http client sends http request message (containing URL) into TCP connection socket 3.http server receives request message, forms response message containing requested object (someDepartment/home.index), sends message into socket time
HTTP example - cont 4.http server closes TCP connection. 5.http client receives response message containing html file, displays html. Parsing html file, finds 5 referenced jpeg objects time 6.Steps 1-5 repeated for each of 5 jpeg objects
||| Steps above above uses non-persistent connection because each TCP connection is closed after the server sends the object the connection does not persist for other objects |||Thus, in this example, when a user request the Web page, 6 TCP connections are generated: for each connection, TCP buffers must be allocated - serious burden on web server each object suffers two round-trip time (RTT) - one RTT to establish the TCP connection and one RTT to request and receive an object each object suffers from TCP slow start due to congestion control mechanism employed by TCP - slow start initially before ramp up to relative high rate HTTP example shortcomings
Non-persistent ||| http/1.0: server parses request, responds, closes TCP connection |||2 round-trip times (RTTs) to fetch object TCP connection object request/transfer |||each transfer suffers from TCP’s initially slow sending rate |||many browsers open multiple parallel connections Persistent |||default for http/1.1 Pipelined Non-pipelined |||on same TCP connection: server, parses request, responds, parses new request,.. |||client sends requests for all referenced objects as soon as it receives base HTML. |||fewer RTTs, less slow start. Non-persistent, persistent connections
Nonpersistent HTTP issues: requires 2 RTTs per object OS overhead for each TCP connection browsers often open parallel TCP connections to fetch referenced objects Persistent HTTP server leaves connection open after sending response subsequent HTTP messages between same client/server sent over open connection Persistent without pipelining: client issues new request only when previous response has been received one RTT for each referenced object Persistent with pipelining: default in HTTP/1.1 client sends requests as soon as it encounters a referenced object as little as one RTT for all the referenced objects Persistent HTTP
Performance Comparison HTML page (of size 5Kbp) 10 images (each of size 5Kb) RTT 100 m seconds 5 parallel connections HTTP Response time( seconds) David J. Yates
HTTP message format: request |||two types of http messages:request, response ||| http request message: • ASCII (human-readable format) • Get to request object, Post when user fills in form, Head respond without object for debug purpose 1st line request (GET, POST, HEAD commands) GET /somedir/page.html HTTP/1.0 Host www.someschool.edu Connection: close User-agent: Mozilla/4.0 Accept-language:fr (extra carriage return, line feed) Indicates non-persistent connection Subsequent lines Called header lines Carriage return, line feed indicates end of message
initiate TCP connection RTT request file time to transmit file RTT file received time time Response time modeling Definition of RTT: time to send a small packet to travel from client to server and back. Response time: • one RTT to initiate TCP connection • one RTT for HTTP request and first few bytes of HTTP response to return • file transmission time total = 2RTT+transmit time
Post method: Web page often includes form input Input is uploaded to server in entity body URL method: Uses GET method Input is uploaded in URL field of request line: Uploading form input Submits data to be processed (e.g., from an HTML form) to the identified resource. The data is included in the body of the request. Requests a representation of the specified resource www.yoursite.com/yoursearch?cw&exams
HTTP/1.0 GET POST HEAD asks server to leave requested object out of response HTTP/1.1 GET, POST, HEAD PUT uploads file in entity body to path specified in URL field DELETE deletes file specified in the URL field Method types
initiate TCP connection RTT GET index.html time to transmit index.hml RTT file received GET page1.jpg time to transmit page1.jpg Classical HTTP/1.0 http://www.somewhere.com/index.html index.html references: page1.jpg, page2.jpg, page3.jpg. GET: Retrieves a read-only copy of a file POST: sending forms that interactively completed by user browser HEAD: it returns information about data
HTTP message format: response status line (protocol status code status phrase) HTTP/1.0 200 OK Connection: close Date: Thu, 06 Aug 2006 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 2006 …... Content-Length: 6821 Content-Type: text/html data data data data data ... header lines data, e.g., requested html file
200 OK request succeeded, requested object later in this message 301 Moved Permanently requested object moved, new location specified later in this message (Location:) 400 Bad Request request message not understood by server 404 Not Found requested document not found on this server 505 HTTP Version Not Supported HTTP response status codes In first line in server->client response message. A few sample codes:
Authentication: control access to server content ||| authorisation credentials: typically name, password ||| stateless:client must present authorisation in each request -authorisation: header line in each request - if no authorisation: header, server refuses access, sends WWW authenticate: header line in response usual http request msg + Authorisation: <cred> usual http request msg + Authorisation: <cred> usual http response msg usual http response msg time User-server interaction: authentication • Despite HTTP server is “stateless” – HTTP provides two mechanism: server client usual http request msg 401: authorisation req. WWW authenticate:
||| server-generated # , server-remembered #, later used for: - authentication - remembering user preferences, previous choices ||| server sends “cookie” to client in response msg Set-cookie: 1678453 ||| client presents cookie in later requests cookie: 1678453 usual http request msg cookie: # usual http request msg cookie: # usual http response msg usual http response msg Cookies: keeping “state” client server usual http request msg usual http response + Set-cookie: # cookie- specific action cookie- specific action
client server usual http request msg usual http response + Set-cookie: 1678 Cookie file Cookie file Cookie file amazon: 1678 ebay: 8734 ebay: 8734 amazon: 1678 ebay: 8734 cookie- specific action usual http request msg cookie: 1678 usual http request msg cookie: 1678 usual http response msg usual http response msg cookie- specific action Cookies: keeping “state” (cont.) server creates ID 1678 for user entry in backend database access access one week later:
What cookies can bring: authorisation shopping carts recommendations user session state (Web e-mail) Cookies (continued) aside Cookies and privacy: • cookies permit sites to learn a lot about you • you may supply name and e-mail to sites • search engines use redirection & cookies to learn yet more • advertising companies obtain info across sites
||| Goal:don’t send object if client has up-to-date cached version |||client: specify date of cached copy in http request If-modified-since: <date> |||server: response contains no object if cached copy is up-to-date: HTTP/1.0 304 Not Modified http response HTTP/1.0 304 Not Modified Conditional GET: client-side caching server client http request msg If-modified-since: <date> object not modified http request msg If-modified-since: <date> object modified http response HTTP/1.1 200 OK <data>
|||user sets browser: Web accesses via web cache |||client sends all http requests to web cache - object in web cache: web cache returns object - else web cache requests object from origin server, then returns object to client Web Caches (proxy server) Goal: satisfy client request without involving origin server origin server Proxy server http request http request client http response http response http request http response client origin server
Web Caching Hierarchy national/international proxy cache regional proxy cache local proxy cache (e.g., local ISP, University) client
Assume:cache is “close” to client (e.g., in same network) |||smaller response time: cache “closer” to client |||decrease traffic to distant servers - link out of institutional/local ISP network often bottleneck Why Web Caching? origin servers public Internet 1.5 Mbps access link institutional network 10 Mbps LAN institutional cache