Upload
amy-gaines
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
COMP2221COMP2221
Networks in Networks in OrganisationsOrganisations
Richard HensonRichard Henson
February 2013February 2013
Session 3:Session 3: Communications ProtocolsCommunications Protocols
• By the end of this session, you should be By the end of this session, you should be able to:able to:explain the communications issues that need to be
resolved when data is transferred through a network
describe the various cabled topologiesname the important communications protocols in
use today and explain how they work
Getting the message Getting the message across…across…
• Humans:Humans: waving flagswaving flags smoke & fire signalssmoke & fire signals more recently: morse codemore recently: morse code
• Each has a set of rules… a protocolEach has a set of rules… a protocol
CommunicatCommunication between ion between Digital DevicesDigital Devices
• Protocol for point-point digital Protocol for point-point digital communication covered separatelycommunication covered separatelyreview in break before/after review in break before/after
practical…practical…
5
2012-12-07]
Concepts of Concepts of Trustworthy Trustworthy
Software Software
© Copyright TSI 2003-2012
Generic BSc CoursewareGeneric BSc Courseware
DRAFT v0.DDRAFT v0.D
[DMU/CSC/TS/2012/183
•The UK’s two leading professional bodies The UK’s two leading professional bodies for ICT are supporting the provision of for ICT are supporting the provision of course material for all relevant UK course material for all relevant UK University CoursesUniversity Courses
• British Computer Society (BCS)British Computer Society (BCS)• Institute of Engineering & Technology (IET)Institute of Engineering & Technology (IET)
•Responsibility for coordinating this Responsibility for coordinating this material lies with a public-private material lies with a public-private partnership “Trustworthy Software partnership “Trustworthy Software Initiative” (TSI)Initiative” (TSI)
[TSI/2012/183]© Copyright 2003-2012
6
Trusted Software Initiative Trusted Software Initiative T$I)T$I)
““Appropriate Conduct” ?Appropriate Conduct” ?• Babylonian Code Babylonian Code of Hammurabi (~1780BCE)of Hammurabi (~1780BCE)
earliest known example of code of conduct for earliest known example of code of conduct for craftsmen, engineers and builderscraftsmen, engineers and builders
• Hippocrates lays out the Hippocrates lays out the OathOath - a moral - a moral framework for the conduct of doctors and other framework for the conduct of doctors and other healthcare professionals (late 5healthcare professionals (late 5thth Century BCE) Century BCE)
• Collapse of the Collapse of the 11stst Quebec Bridge Quebec Bridge - part of - part of Canada's Canada's National Transcontinental RailwayNational Transcontinental Railway project - on 29 August 1907 was traced to lack of project - on 29 August 1907 was traced to lack of due diligence in design, implementation and due diligence in design, implementation and compliancecompliance result: Codes of Ethics in Professional Engineering result: Codes of Ethics in Professional Engineering
bodiesbodies
[TSI/2012/183]© Copyright 2003-2012
7
Engineering PrinciplesEngineering Principles
•Royal Academy of Engineering & Engineering Royal Academy of Engineering & Engineering
Council:Council:Statement of Ethical PrinciplesStatement of Ethical Principles
• Includes: Includes: acting in a reliable and acting in a reliable and trustworthytrustworthy manner manner Giving due weight to all relevant facts and Giving due weight to all relevant facts and
published guidance, and the wider public interestpublished guidance, and the wider public interest Identifying, evaluating, and quantifying Identifying, evaluating, and quantifying risksrisks Being alert to ways in which work might affect Being alert to ways in which work might affect
others, holding health and safety paramountothers, holding health and safety paramount
[TSI/2012/183]© Copyright 2003-2012
8
Protocol for sending data Protocol for sending data across a Networkacross a Network
• Needs point-point transmission protocolNeeds point-point transmission protocol
• TTwo further issues wo further issues immediately arise when immediately arise when there are two or more possible receivers for there are two or more possible receivers for the data:the data: 1. identifying the receiver1. identifying the receiver 2. navigating a route between sender and receiver2. navigating a route between sender and receiver
Software and ICT Software and ICT ContextContext
[TSI/2012/183]© Copyright 2003-2012
10
Software ReuseSoftware Reuse
[TSI/2012/183]© Copyright 2003-2012
11
Software Incident Impact Software Incident Impact (1)(1)
•Software problems are high cost to Software problems are high cost to economy: economy: US Government National Institute of Standards US Government National Institute of Standards
& Technology (NIST) ~$60 billion / year to US & Technology (NIST) ~$60 billion / year to US alone alone
No definitive figure for UK / worldwideNo definitive figure for UK / worldwide
[TSI/2012/183]© Copyright 2003-2012
12
Software Incident Impact Software Incident Impact (2)(2)
•Software a major source of IT project Software a major source of IT project failure:failure: University of Oxford Saïd Business School / University of Oxford Saïd Business School /
McKinsey 2011McKinsey 2011 ESSU (European Services Strategy Unit) 2007ESSU (European Services Strategy Unit) 2007 Tata Consultancy 2007 Tata Consultancy 2007 Standish Chaos Reports 2004 onwardsStandish Chaos Reports 2004 onwards Rand 2004Rand 2004
•Software bugs “source of 90% of ICT Software bugs “source of 90% of ICT Incidents”Incidents” (GovCERT-UK, 2012-09)(GovCERT-UK, 2012-09)
ICT Adversity ContextICT Adversity Context
Source: UK TSI / US DOD (2012)
Few practitioners treat Adversity holistically
Information Security community model has problems handling Known, Unknown and Unknowable (KuU) factors, and often ignores Hazards
System Reliability / Safety community model usually ignores Threat
[TSI/2012/183]© Copyright 2003-2012
14
Risk SegmentationRisk SegmentationPotential
FlawImpact
Market Size
Niche
Disbursed
Collateral
Mai
nstre
am
[TSI/2012/183]© Copyright 2003-2012
15
Software Fault Case Study Software Fault Case Study (1)(1)
• Non-safety/ non-security Non-safety/ non-security e.g. NatWest systems failure 2012e.g. NatWest systems failure 2012
[TSI/2012/183]© Copyright 2003-2012
16
Later!
Software Fault Case Study Software Fault Case Study (2)(2)
• SafetySafety
[TSI/2012/183]© Copyright 2003-2012
17
Later!
Software Fault Case Study Software Fault Case Study (3)(3)
• SecuritySecurity
[TSI/2012/183]© Copyright 2003-2012
18
Later!
Routing Routing (also see (also see year 1 lecture))
•Two routing methods…Two routing methods…connection-oriented (circuit switching)connection-oriented (circuit switching)
• all data goes the same wayall data goes the same way
connectionless (packet switching)connectionless (packet switching)• data chopped up into “packets”data chopped up into “packets”• each packet finds its own way…each packet finds its own way…• routers provide direction signs…routers provide direction signs…
Analogy: Analogy: Circuit Switching Circuit Switching andand Packet Switching Packet Switching
• Group of students need to get from Group of students need to get from City Campus to Riverside for a City Campus to Riverside for a lecture…lecture…circuit switching: all go together on the buscircuit switching: all go together on the bus
• everyone goes the same way…everyone goes the same way…packet switching: just agree to meet at the packet switching: just agree to meet at the
destination addressdestination address• everyone goes their own sweet way…everyone goes their own sweet way…
Why Circuit Switching?Why Circuit Switching?
• UseUsed for very many years by analogue d for very many years by analogue telephone networks (CCITT standard!):telephone networks (CCITT standard!): system of relays and wiressystem of relays and wires when the required number is dialed, a series of when the required number is dialed, a series of
electrical switches are openedelectrical switches are opened result…result… direct communication channel between direct communication channel between
sender and receiver sender and receiver
• As with point-point, cAs with point-point, communication ommunication channel channel created by the sendercreated by the sender
Circuit-Switching Circuit-Switching & computer networks& computer networks
• Protocol (on sender)…Protocol (on sender)…1.1. Data input: Data input:
a)a) name/address of receivername/address of receiverb)b) map of the networkmap of the network
2.2. networking software on sender navigates a route networking software on sender navigates a route through the network through the network with the aid of a routing with the aid of a routing algorithm (algorithm (e.g. e.g. DijkstraDijkstra’s Routing Algorithm’s Routing Algorithm))
Circuit-Switching Circuit-Switching & computer networks& computer networks
• Continued…Continued…4.4. further software tests the route to receiver for further software tests the route to receiver for
carrying datacarrying data5.5. network “channel” openednetwork “channel” opened6.6. data all transmitted along same route, using data all transmitted along same route, using
point-point protocolpoint-point protocol7.7. channel closes!channel closes!
Packet SwitchingPacket Switching
• Devised byDevised by British and French research British and French research scientists scientists in the in the early days of computer early days of computer networkingnetworking
• Each packet also contained Each packet also contained a header, with a header, with “source” and “destination” “source” and “destination” addressaddresses and TTL es and TTL informationinformation
• First practical use of packet-switching to route First practical use of packet-switching to route data data around tharound the ARPAe ARPAnet, net, back back in in Dec Dec 19691969...... soon afterwards, managed by TCP/IP protocolsoon afterwards, managed by TCP/IP protocol
Packet switchingPacket switching
• No need forNo need for relay relaying devices!ing devices!probably be too slow, in any caseprobably be too slow, in any case
• Each node “intelligent”Each node “intelligent”can participate dynamically in the routingcan participate dynamically in the routing
• All nodes… (not just sender)All nodes… (not just sender)need to access an up-to-date record of need to access an up-to-date record of
network addresses for routing purposesnetwork addresses for routing purposes
• Adv: Adv: Much greater max. network trafficMuch greater max. network traffic
Problem with Small PacketsProblem with Small Packets
• Original TCP/IP:Original TCP/IP: IP packet was 53 bytes (48 data + 5 header)IP packet was 53 bytes (48 data + 5 header)
• For sending longer messages, For sending longer messages, this becomes this becomes inefficientinefficient header information makes up a significant portion header information makes up a significant portion
of the data sentof the data sent
• Perfected TCP/IP uses longer message unitsPerfected TCP/IP uses longer message units
• Possible solution with standard TCP/IP:Possible solution with standard TCP/IP: sstringtring several packets together several packets together (multiplexing) (multiplexing) take them apart again at the receiving endtake them apart again at the receiving end
(demultiplexing)(demultiplexing)
What is a “Packet”?What is a “Packet”?
• Originally 48 bytes + header, now usually 768Originally 48 bytes + header, now usually 768
• Each header contains:Each header contains: destination IP addressdestination IP address (so it can be routed to the (so it can be routed to the
right noderight node source IP address source IP address (in case it gets lost, and so (in case it gets lost, and so
that the receiver knows where it came from)that the receiver knows where it came from) message “chunk” number, so packets that are part message “chunk” number, so packets that are part
of a message can be reassembled into the correct of a message can be reassembled into the correct order as they arrive at the receiverorder as they arrive at the receiver
A TTL (Time To Live, e.g. 5 days)A TTL (Time To Live, e.g. 5 days)
Mechanism ofMechanism ofPacket switchingPacket switching
• Packets go to an adjacent nodePackets go to an adjacent nodereceiver node uses packet header receiver node uses packet header
information to route to next node (closer to information to route to next node (closer to destination node)destination node)
if if the intended receiver becomes inactivethe intended receiver becomes inactive “en route”“en route”……
Then Then source address used to “return to source address used to “return to sender”sender”• c.f. letter that has been incorrectly addressedc.f. letter that has been incorrectly addressed
Mechanism ofMechanism ofPacket switchingPacket switching
• Eventually (less than a second, or up to Eventually (less than a second, or up to several days…) the packets should all arrive several days…) the packets should all arrive at the destination nodeat the destination node
• Problem – packets may well be navigated Problem – packets may well be navigated along different routes, and the order of along different routes, and the order of delivery may be quite different from the order delivery may be quite different from the order of sending…of sending… packet numbering, found in “header data”packet numbering, found in “header data” software to re-organise packets into the correct software to re-organise packets into the correct
orderorder
Resolving Issues with Resolving Issues with Connectionless Communication Connectionless Communication
(1)(1)
• No prior “hand shaking”… (unlike No prior “hand shaking”… (unlike connection-orientated communication)connection-orientated communication)so receiver doesn’t necessarily expect the so receiver doesn’t necessarily expect the
packetpacketneeds to include a mechanism for needs to include a mechanism for
acknowledging safe receipt of each packetacknowledging safe receipt of each packet
Resolving Issues with Resolving Issues with Connectionless Communication Connectionless Communication
(2) (2)• If If the packet doesn’t find its destination, it If If the packet doesn’t find its destination, it
could wander around for a long time…could wander around for a long time…
• Sender will not know if that packet is “lost”Sender will not know if that packet is “lost”
• The packet is taking up valuable bandwidth The packet is taking up valuable bandwidth on the networkon the network
• So each packet has a TTL (time to live)So each packet has a TTL (time to live)
• After this time has elapsed, no further routing After this time has elapsed, no further routing will take place and the receiving node will will take place and the receiving node will delete (“kill”) itdelete (“kill”) it
Issues (3): Identifying the Issues (3): Identifying the receiver ~ receiver ~ network addressingnetwork addressing
• Sending data not a non-existent nodeSending data not a non-existent node could be sending to any one of thousands (on a could be sending to any one of thousands (on a
large network) of large network) of potential potential receiverreceiver nodes nodes all nodesall nodes must have a unique identifier, generally must have a unique identifier, generally
known as a network addressknown as a network address – analogous to a – analogous to a telephone numbertelephone number
all nodes must also have access to a database of all nodes must also have access to a database of network nodes, so that it can be quickly network nodes, so that it can be quickly established whether or not the receiving node established whether or not the receiving node actually existsactually exists
A Packet Switching protocolA Packet Switching protocol(OSI layers 3 & 4)(OSI layers 3 & 4)
• Assumptions:Assumptions:the network infrastrucure (layers 1 & 2) is the network infrastrucure (layers 1 & 2) is
operating normalloperating normally & the establishment y & the establishment and management of open channels isand management of open channels is managed separately by a further protocol managed separately by a further protocol ((known as known as CSMA/CDCSMA/CD - more on this later) - more on this later)
all channels are “open” for communicationall channels are “open” for communicationpackets are numbered, sopackets are numbered, so they can be they can be
correctly assembled at the receiving endcorrectly assembled at the receiving end
Stage 1Stage 1• When the first packet of the message leaves the When the first packet of the message leaves the
sender, it is picked up by a “network names” sender, it is picked up by a “network names” database, which is dynamically updateddatabase, which is dynamically updated
• The database may well be held on the network The database may well be held on the network “host“ or server computer“host“ or server computer
• Using this database, the network can tell Using this database, the network can tell whether the destination address actually exists, whether the destination address actually exists, and is “active” (and is “active” (i.i.ee.. has an open has an open communications channel). This information is communications channel). This information is sent to the senders addresssent to the senders address
Stage 2Stage 2
• If the sender receives a positive responseIf the sender receives a positive response:: the routing algorithm will calculate a route round the routing algorithm will calculate a route round
the network, taking account of the network the network, taking account of the network topologytopology
the first packet, complete with error checking the first packet, complete with error checking information, will be sent out to the address of the information, will be sent out to the address of the first “hop”first “hop”
• This in turn should route the packet to the This in turn should route the packet to the next address, and so on, until the packet next address, and so on, until the packet reaches its destinationreaches its destination
Stage 3Stage 3
• Subsequent packets can followSubsequent packets can follow immediately immediately, , whether or not the first packet has arrived at whether or not the first packet has arrived at its destinationits destination
• routing algorithm may chart a different route routing algorithm may chart a different route through the networkthrough the network
• When a packet arrives at its destination, it is When a packet arrives at its destination, it is processed for errors, and an appropriate processed for errors, and an appropriate message routed back to the sendermessage routed back to the sender:: either an acknowleeither an acknowledgedgement of safe deliveryment of safe delivery or a resend request in the event of errors being or a resend request in the event of errors being
detected)detected)
Stage 4Stage 4
• When all packets have been receivedWhen all packets have been received:: they are sorted into the correct order using packet they are sorted into the correct order using packet
numbersnumbers a message a message is is sent back to the receiver indicating sent back to the receiver indicating
that the whole message has been satisfactorily that the whole message has been satisfactorily sentsent
• If any packet is “lost” on the network, a If any packet is “lost” on the network, a “timeout” signal from the router that fails to “timeout” signal from the router that fails to pass it on will trigger a request to resend that pass it on will trigger a request to resend that packetpacket
Other Protocols Other Protocols and packet switchingand packet switching
• IBM was the biggest player in computer IBM was the biggest player in computer networksnetworks when OSI (and later TCP/IP) became accepted as when OSI (and later TCP/IP) became accepted as
an International standard…an International standard… came up with their own proprietary implementationcame up with their own proprietary implementation whole new operating system based on Unix:whole new operating system based on Unix:
• known as AIXknown as AIX
More about More about TCP/IPTCP/IP• Protocol suite?Protocol suite?
family of (communication) protocols that work family of (communication) protocols that work together in a consistent fashiontogether in a consistent fashion
• Or Or protocol “stack”?protocol “stack”? 7 stacked up software layers that make it 7 stacked up software layers that make it
compliant with the ISO/OSI open systems modelcompliant with the ISO/OSI open systems model TCP makes up level 4 (transport)TCP makes up level 4 (transport) IP makes up level 3 (network)IP makes up level 3 (network)
• Designed to dDesigned to deal with all issues that may eal with all issues that may arise during network communicationarise during network communication, so , so unlikely to failunlikely to fail
Other Proprietary Other Proprietary Layer 3/4 ProtocolsLayer 3/4 Protocols
• IPXIPX - - network layer network layer protocol used by protocol used by Novell Netware for packet routing and Novell Netware for packet routing and forwardingforwarding
• SPXSPX – transport Layer – transport Layer protocol used by protocol used by Novell Netware in conjunction with IPX Novell Netware in conjunction with IPX to guarantee data deliveryto guarantee data delivery
• NWLinkNWLink - Network/Transport Layer - Network/Transport Layer Microsoft’s implementation of IPX/SPXMicrosoft’s implementation of IPX/SPX
Other Proprietary Other Proprietary Layer 3/4 ProtocolsLayer 3/4 Protocols
• AppleTalkAppleTalk - - used for communicating used for communicating between Macintosh computers on a between Macintosh computers on a networknetwork
• NetBEUINetBEUI – – nnetwork etwork llayerayer protocol used protocol used to communicate on NetBIOS networksto communicate on NetBIOS networksnon-routable, cannot be used for non-routable, cannot be used for
communication beyond the “local” networkcommunication beyond the “local” network
Proprietary Data link layerProprietary Data link layerProtocolsProtocols
• NDIS – NDIS – standard developed by IBM/Microsoft as standard developed by IBM/Microsoft as its implementation of the device interface its implementation of the device interface conceptconcept:: allowallowss multiple NIC drivers to bind to a single protocol multiple NIC drivers to bind to a single protocol
stackstack and and multiple protocol stacks to bind to a single NICmultiple protocol stacks to bind to a single NIC
• ODI – ODI – standard developed by Novell/Apple, as standard developed by Novell/Apple, as Novell’s implementation of NDISNovell’s implementation of NDIS allows multiple NIC drivers to bind with IPX/SPX or allows multiple NIC drivers to bind with IPX/SPX or
NNWWLINKLINK provides support for Microsoft NetBIOS namesprovides support for Microsoft NetBIOS names