View
240
Download
0
Category
Tags:
Preview:
Citation preview
Chapter 10
Internet-Based Applications
Electronic Mail Facilities
Message preparationWord processingAnnotation
Message sendingUser directoryTimed deliveryMultiple addressingMessage priorityStatus informationInterface to other facilities
Message receivingMailbox scanningMessage selectionMessage notificationMessage replyMessage rerouting
Internet Mail Architecture
Defined in RFC 5598At its most fundamental level consists of:
User worldIn the form of message user agents (MUA)
Transfer worldIn the form of the message handling service (MHS)
Which is composed of message transfer agents (MTA)
Internet Mail
Architecture
ADMD/DNS
Administrative management domain (ADMD)Internet e-mail providerExamples include:
A department that operates a local mail relay (MTA)An IT department that operates an enterprise mail relayAn ISP that operates a public shared e-mail service
Domain name system (DNS)Directory lookup service that provides a mapping between the name of a host on the Internet and its numerical address
Internet Mail Standards
Simple Mail Transfer Protocol (SMTP)
Standard protocol for transferring mail between hosts in the TCP/IP suiteDefined in RFC 821Standardizes the message character set as 7-bit ASCIIAdds log information to the start of the delivered message that indicates the path the message took
SMTP Mail Flow
RFC 822
RFC 822 Messages
Consist of a sequence of lines of text and use a general “memo” framework
A message consists of some number of header lines, which follow a rigid format, followed by a body portion consisting of arbitrary text
A header line usually consists of a keyword, followed by a colon, followed by the keyword’s argumentsThe most frequently used keywords are From, To, Subject, and DateAlso commonly found in the header is a Message-ID field which contains a unique identifier associated with the message
Limitations of SMTP/822 Scheme
Multipurpose Internet Mail Extensions (MIME)
MIME Header FieldsMIME-Version
Must have the parameter value 1.0Field indicates that the message conforms to the RFCs
Content-TypeDescribes data in sufficient detail for receiver to pick method for representation
Content-Transfer-Encoding Indicates type of transformation used to represent content
Content-IDUsed to uniquely identify MIME entities
Content-DescriptionPlain text description of the object with the body for use when object is not readable
Table 10.2
MIME Content Types
Post Office Protocol (POP)
Internet Message Access Protocol (IMAP)
Defined by RFC 3501Provides more functionality to users than the POP model
Clients can have multiple remote mailboxes from which messages can be retrievedClients can specify criteria for downloading messagesAlways keeps messages on the server and replicates copies to the clientsAllows clients to make changes when connected and when disconnected
Table 10.3
Key Terms Related to
HTTP
Table can be found on page 292 in text
Hypertext Transfer Protocol (HTTP) Overview
Transaction oriented client/server protocolMost typical use is between a Web browser and a Web serverMakes use of TCP to provide reliabilityIs a stateless protocol
Each transaction is treated independentlyFlexible in the formats that it can handle
Examples of HTTP Operation
Intermediate HTTP Systems
Examples of
HTTP Message Format
Web Security Challenges
The Web is vulnerable to attacks on the Web servers over the Internet
Reputations can be damaged and money can be lost if the Web servers are subverted
A Web server can be exploited as a launching pad into the corporation’s or agency’s entire computer complex
Web servers are relatively easy to configure and manage but the underlying software is extraordinarily complex and may hide potential security flaws
Users are not necessarily aware of the security risks that exist and do not have the tools or knowledge to take effective countermeasures
The Role of the
Secure Sockets Layer (SSL)
in the TCP/IP
Architecture
SSL Security Categories
ConfidentialityAll data that pass between the two applications are encrypted so that they cannot be eavesdropped on the Internet
Message integritySSL assures that the message is not altered or substituted for en route
Authentication SSL can validate the identity of one or both partners to the exchange
HTTPS
Multimedia Terminology
MultimediaTaxonomy
Media Types
TextInformation that can be entered via a keyboard and is directly readable and printable
AudioEncompasses two different ranges of sound
GraphicsSupports the communication of individual pictures, charts, or drawings
Video Carries sequences of pictures in time
Table 10.5
Domains of Multimedia Systems and Example Applications
Acceptable Use PoliciesWidespread use of e-mail and the Internet by employees raises a number of concerns for employersPolicy Issues:
Business use onlyPolicy scopeContent ownershipPrivacyStandard of conductReasonable personal useUnlawful activity prohibitedSecurity policyCompany policyCompany rightsDisciplinary action
Table 10.6 Acceptable Use Responsibilities
Summary Electronic mail
Internet mail architecture
SMTP MIME POP and IMAP
Web access and HTTP Web security
Web traffic security approaches
SSL HTTPS
Chapter 10: Internet-Based Applications
Multimedia applications Media types Multimedia
applications Multimedia
technologies Acceptable use
policies Motivation Policy issues Guidelines for
developing a policy
Recommended