Network Security Architectures Part 1 Fundamentals Public Key Infrastructure PKI Systems X.509 Certificates Chaining Certificate

Total Page:16

File Type:pdf, Size:1020Kb

Network Security Architectures Part 1 Fundamentals Public Key Infrastructure PKI Systems X.509 Certificates Chaining Certificate Public Key Infrastructure Network Security Architectures G Mutual authentication of participants in a Part 1 Fundamentals transaction requires a system of identities G Principals are identified by public keys G These keys can be used for authentication, Summer School on Software Security but only if “spoofing” is prevented Theory to Practice G A Public Key Infrastructure (PKI) provides a basis for establishing trust Carl A. Gunter University of Pennsylvania Summer 2004 PKI Systems X.509 Certificates G Three Philosophies Hierarchy X.509 certificates bind a subject to a public key. <ITU X.509 (DAP, PKIX) This binding is signed by a Certificate Authority (CA). <DNS Web of Trust Subject Name <PGP Ad hoc Subject Public Key <SSH CA Name <Most research studies CA Signature Chaining Certificate Management G Distribution: How to G Revocation: Terminate find a certificate certificates before Subject Joe Smith Certificate accompanying their expiration time. signature or as part of a How does the relying Joe‘s Key Subject‘s Key protocol party know that the Directory service certificate has been Philly CA Issuer < DAP revoked? < LDAP Many CRL distribution Philly CA < DNS strategies proposed Email Mitre report for NIST Philly CA Key Cut and paste from web suggests certificate Pennsylvania CA pages revocation will be the Pennsylvania CA largest maintenance cost Pennsylvania CA Key for PKIs USA CA 1 Semantics of CRL’s Adoption of PKI G Three certificates. G Problems G Areas of Progress Revoke 1. Q says P is the public key of Alice. Revocation SSL 2. R says P is the public key of Alice. User ability to deal Authenticode with keys 3. Q says R is the public key of Bob. SSH Registration G Smart cards for Three kinds of revocation. (challenge for all government 1. P is not the public key of Alice. (3 not 2.) authentication employees techniques) 2. Q no longer vouches for whether P is the Web services public key of Alice. (2 and 3.) Weak business model 3. The key of Q has been compromised. (2 not 3.) 1998 Fox and LaMacchia Internet Layers Challenges for Network Security 1. Physical G Sharing 2. Link G Complexity 3. Network G Scale 4. Transport G Unknown perimeter 5. Application G Anonymity G Unknown paths Security at Layers Network Layer Security G Physical G Transport Locked doors SSL and TLS Spread spectrum G Application HTTP FTP SMTP Tempest S/MIME G Link XMLDSIG and WS security WEP TCP Access control GSM systems for web G Network pages, databases, and IP/IPSec file systems Firewalls IPSec Transport Layer Security Application Layer Security HTTP FTP SMTP S/MIME PGP SET SSL or TLS Kerberos SMTP HTTP TCP UDP TCP IP IP Division of Labor in the Internet TCP/IP Protocol Stack Hosts Host Router Router Host Routers Networks Application Application Transport Transport Network Network Network Network Link Link Link Link Physical Physical Physical Physical Communication Processing Flow Typical Patchwork App1 App2 App1 App2 App1 App2 App1 App2 Transport Transport Transport Transport Network Network Network Network Network Network Network Network Link Link Link Link Link Link Link Link Link Link Link Link Physical Phys Phys Phys Phys Physical Physical Phys Phys Phys Phys Physical 3 Physical Layer Protection Issues Encapsulation G Hide signal Link Layer Frame Spread spectrum G Emission security Radio emissions (Tempest) Link IP TCP Application Link Power emissions Network Layer Transport Layer Application Layer Header Header Payload One Hop Link Layer Encryption Link Layer Encryption Host Router Router Host Encrypted Application Application Link IP TCP Application Link Transport Transport Network Network Network Network Link Link Link Link Link Link End-to-End Network Security Network Layer Transport Mode Host Router Router Host Link IP TCP Application Link Application Application Transport Transport Network Network Network Network Encrypted Link Link Link Link Link IP Hdr TCP Application Tlr Link 4 BPN Gateway Network Layer Tunnel Mode Host Router Router Host Link IP TCP Application Link Application Application Transport Transport Network Network Network Network Encrypted Link Link Link Link Link New IP Hdr IP TCP Application Tlr Link Layer 3 Implementation Options Modular Implementation: Bump In The Stack (BITS) G Location Host App1 App2 App1 App2 Network G Style Transport Integrated Network Transport Modular (for tunnel mode) Security Network Net + Sec Network Link Link Link Link Modular Implementation: Implementation Options: Bump In The Wire (BITW) Integrated on Host App1 App2 App1 App2 App1 App2 App1 App2 Transport Security Security Transport Transport Transport Network Network Network Network Net + Sec Network Network Net + Sec Link Link Link Link Link Link Link Link 1 Implementation Options: Network Security Location Options Integrated on Router Application Application App1 App2 App1 App2 Transport Transport End-to-End Transport Network Network Network Network Link Link Link Link Application Application Transport Transport Transport Transport Voluntary Tunnel Network Network Network Network Network Net + Sec Net + Sec Network Link Link Link Link Link Link Link Link Application Application Transport Transport Network Network Network Network Involuntary Tunnel Link Link Link Link Transport Layer Security Transport Layer Encryption Host Router Router Host Link IP TCP Application Link Application Application Transport Transport Network Network Network Network Encrypted Link Link Link Link Link IP TCP RH Application Link Link IP TCP App Link Message Processing Sequence Application Layer Security Link IP TCP Application Link App1 App2 App1 App2 App2 Sec App2 Sec Transport Transport Encrypted Network Network Network Network Link IP Key ID TCP Application Link Link Link Link Link C Link Layer Security Network Layer Security G Advantages: G Advantages Transparent to applications Transparent to applications Hardware solution possible Amenable to hardware Can address especially vulnerable links (viz. Flexible wireless) G Disadvantages G Disadvantages: Makes routing more complex Hop-by-hop protection causes multiple Flexibility introduces policy management applications of crypto operations and compatibility challenges May not provide end to end security Transport Layer Security Application Layer Security G Advantages G Advantages Transparent to applications and may be Customized to application packaged with applications Requires no special protocol stack Exposing TCP enables compression and QoS (transparent to networking) classification G Disadvantages: G Disadvantages Hard to share between applications (viz. Probably implemented in software standardization challenge) Exposing TCP risks DoS Protocols to Software Secure Socket Layer (SSL) G There are important differences G Session protocol with: between theoretical descriptions, Server authentication Client authentication optional standards and software Integrity checksum Evolution (versions, extensibility) Confidentiality G Possibly the most important security-related Interoperability (options, negotiation) ecommerce protocol Error modes G Session sets up security parameters G Two brief case studies G Many connections possible within a given session G Transport Layer Security (TLS) Current version TLS 1.0 http://www.ietf.org/rfc/rfc2246.txt Network layer security (Ipsec) 7 0.509 Key Est. Messages Establish Security Capabilities G Let DA = EB(k), rA, LA, A. Client Server G Let DB = rB, LB, rA, A Client Hello G Two messages: Time 1. A -> B : certA, DA, SA(DA) Check that the nonce rA has not been seen, and is not expired according to LA. Remember it for its lifetime LA. 2. B -> A : certB, DB, SB(DB) Server Hello Check the rA and A. Check that rB has not been seen and is not expired according to LB. Server Auth & Key Exchange Client Auth & Key Exchange Client Server Client Server Certificate Time Time Certificate Optional Client Key Exchange Server Key Exchange Optional Certificate Verification Certificate Request Server Hello Done Optional Client Auth & Key Exchange IPsec ClientChange Cipher Spec Server G Modes G Configurations Tunnel End-to-end Time Finish Transport Concatenated G Protocols Nested Authenticated G Principal elements Header (AH) Security Encapsulated Associations (SAD) Change Cipher Spec Security Payload Internet Key Finish (ESP) Exchange (IKE) Policy (SPD) 8 Typical Case Encapsulated Security Header and Trailer S 0-7 8-15 16-23 23-31 Security Parameter Index (SPI) Client Internet Sequence Number Initialization Vector G ESP S ESP Gateway Corporate Network Protected Data S Pad Pad Length Next Header Server Authentication Data Security Association SA Parameters (ESP Only) G An SA describes the parameters for G Sequence number, Sequence number processing a secured packet from one overflow, Anti-replay window node to another G Lifetime G SAs are simplex: use one for each G Mode direction G Tunnel destination G If more than one SA is used for a G PMTU packet the applicable SAs are called an G “SA bundle” Encryption algorithm (IV, etc.) G Authentication algorithm Policy SPD Actions G Policy is not standardized in IPSec but G Discard certain basic functionality is expected G Bypass IPsec G A Security Policy Database (SPD) is G Apply IPsec: SPD must specify the consulted to determine what kind of security services to be provided. security to apply to each packet For inbound traffic it is inferred from: G The SPD is consulted during the destination address, protocol, SPI. processing of all traffic: For outbound traffic this
Recommended publications
  • Solutions to Chapter 2
    CS413 Computer Networks ASN 4 Solutions Solutions to Assignment #4 3. What difference does it make to the network layer if the underlying data link layer provides a connection-oriented service versus a connectionless service? [4 marks] Solution: If the data link layer provides a connection-oriented service to the network layer, then the network layer must precede all transfer of information with a connection setup procedure (2). If the connection-oriented service includes assurances that frames of information are transferred correctly and in sequence by the data link layer, the network layer can then assume that the packets it sends to its neighbor traverse an error-free pipe. On the other hand, if the data link layer is connectionless, then each frame is sent independently through the data link, probably in unconfirmed manner (without acknowledgments or retransmissions). In this case the network layer cannot make assumptions about the sequencing or correctness of the packets it exchanges with its neighbors (2). The Ethernet local area network provides an example of connectionless transfer of data link frames. The transfer of frames using "Type 2" service in Logical Link Control (discussed in Chapter 6) provides a connection-oriented data link control example. 4. Suppose transmission channels become virtually error-free. Is the data link layer still needed? [2 marks – 1 for the answer and 1 for explanation] Solution: The data link layer is still needed(1) for framing the data and for flow control over the transmission channel. In a multiple access medium such as a LAN, the data link layer is required to coordinate access to the shared medium among the multiple users (1).
    [Show full text]
  • The Application Layer Protocol Ssh Is Connectionless
    The Application Layer Protocol Ssh Is Connectionless Deryl remains prognostic: she revile her misogamist clarified too ineffectually? Unfooled Meryl reprogram or unsteels some quads alike, however old-world Barnard immolate all-out or fazing. Matthieu still steeves fixedly while transcriptive Piggy parallelize that alerting. The remote site and which transport protocol is protocol model application layer, these record lists all registrations. As for maintaining ordered delivery. Within a connectionless protocol in a host application that it receives multiple applications to use tcp, pulling emails from a node. IP and MAC address is there. Link state algorithms consider bandwidth when calculating routes. Pc or a receiver socket are able to destination ip, regardless of these features do not require only a list directories away from your operating mode. Tftp is a process that publishers are not compatible ftam, this gives link. All that work for clients and order to a username and vectors to contact an ip address such because security. Ip operation of errors or was statically configured cost load. The application layer performs a set. Ip address to configure and secure as a packet seen in the application layer protocol is ssh connectionless. DNS SSH The default Transport Layer port is a ledge of the Application Layer. HTTP is a short abbreviation of Hypertext Transfer Protocol. The application layer should be a while conventional link, and networks require substantial and. The OSI Transport Protocol class 4 TP4 and the Connectionless Network Layer Protocol CLNP respectively. TCP IP Protocols and Ports Vskills. The parsed MIME header. The connectionless is connectionless.
    [Show full text]
  • Logical Link Control and Channel Scheduling for Multichannel Underwater Sensor Networks
    ICST Transactions on Mobile Communications and Applications Research Article Logical Link Control and Channel Scheduling for Multichannel Underwater Sensor Networks Jun Li ∗, Mylene` Toulgoat, Yifeng Zhou, and Louise Lamont Communications Research Centre Canada, 3701 Carling Avenue, Ottawa, ON. K2H 8S2 Canada Abstract With recent developments in terrestrial wireless networks and advances in acoustic communications, multichannel technologies have been proposed to be used in underwater networks to increase data transmission rate over bandwidth-limited underwater channels. Due to high bit error rates in underwater networks, an efficient error control technique is critical in the logical link control (LLC) sublayer to establish reliable data communications over intrinsically unreliable underwater channels. In this paper, we propose a novel protocol stack architecture featuring cross-layer design of LLC sublayer and more efficient packet- to-channel scheduling for multichannel underwater sensor networks. In the proposed stack architecture, a selective-repeat automatic repeat request (SR-ARQ) based error control protocol is combined with a dynamic channel scheduling policy at the LLC sublayer. The dynamic channel scheduling policy uses the channel state information provided via cross-layer design. It is demonstrated that the proposed protocol stack architecture leads to more efficient transmission of multiple packets over parallel channels. Simulation studies are conducted to evaluate the packet delay performance of the proposed cross-layer protocol stack architecture with two different scheduling policies: the proposed dynamic channel scheduling and a static channel scheduling. Simulation results show that the dynamic channel scheduling used in the cross-layer protocol stack outperforms the static channel scheduling. It is observed that, when the dynamic channel scheduling is used, the number of parallel channels has only an insignificant impact on the average packet delay.
    [Show full text]
  • Physical Layer Overview
    ELEC3030 (EL336) Computer Networks S Chen Physical Layer Overview • Physical layer forms the basis of all networks, and we will first revisit some of fundamental limits imposed on communication media by nature Recall a medium or physical channel has finite Spectrum bandwidth and is noisy, and this imposes a limit Channel bandwidth: on information rate over the channel → This H Hz is a fundamental consideration when designing f network speed or data rate 0 H Type of medium determines network technology → compare wireless network with optic network • Transmission media can be guided or unguided, and we will have a brief review of a variety of transmission media • Communication networks can be classified as switched and broadcast networks, and we will discuss a few examples • The term “physical layer protocol” as such is not used, but we will attempt to draw some common design considerations and exams a few “physical layer standards” 13 ELEC3030 (EL336) Computer Networks S Chen Rate Limit • A medium or channel is defined by its bandwidth H (Hz) and noise level which is specified by the signal-to-noise ratio S/N (dB) • Capability of a medium is determined by a physical quantity called channel capacity, defined as C = H log2(1 + S/N) bps • Network speed is usually given as data or information rate in bps, and every one wants a higher speed network: for example, with a 10 Mbps network, you may ask yourself why not 10 Gbps? • Given data rate fd (bps), the actual transmission or baud rate fb (Hz) over the medium is often different to fd • This is for
    [Show full text]
  • Chapter 2. Application Layer Table of Contents 1. Context
    Chapter 2. Application Layer Table of Contents 1. Context ........................................................................................................................................... 1 2. Introduction .................................................................................................................................... 2 3. Objectives ....................................................................................................................................... 2 4. Network application software ....................................................................................................... 2 5. Process communication ................................................................................................................. 3 6. Transport Layer services provided by the Internet ....................................................................... 3 7. Application Layer Protocols ........................................................................................................... 4 8. The web and HTTP .......................................................................................................................... 4 8.1. Web Terminology ................................................................................................................... 5 8.2. Overview of HTTP protocol .................................................................................................... 6 8.3. HTTP message format ...........................................................................................................
    [Show full text]
  • Telematics Chapter 3: Physical Layer
    Telematics User Server watching with video Chapter 3: Physical Layer video clip clips Application Layer Application Layer Presentation Layer Presentation Layer Session Layer Session Layer Transport Layer Transport Layer Network Layer Network Layer Network Layer Data Link Layer Data Link Layer Data Link Layer Physical Layer Physical Layer Physical Layer Univ.-Prof. Dr.-Ing. Jochen H. Schiller Computer Systems and Telematics (CST) Institute of Computer Science Freie Universität Berlin http://cst.mi.fu-berlin.de Contents ● Design Issues ● Theoretical Basis for Data Communication ● Analog Data and Digital Signals ● Data Encoding ● Transmission Media ● Guided Transmission Media ● Wireless Transmission (see Mobile Communications) ● The Last Mile Problem ● Multiplexing ● Integrated Services Digital Network (ISDN) ● Digital Subscriber Line (DSL) ● Mobile Telephone System Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 3: Physical Layer 3.2 Design Issues Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 3: Physical Layer 3.3 Design Issues ● Connection parameters ● mechanical OSI Reference Model ● electric and electronic Application Layer ● functional and procedural Presentation Layer ● More detailed ● Physical transmission medium (copper cable, Session Layer optical fiber, radio, ...) ● Pin usage in network connectors Transport Layer ● Representation of raw bits (code, voltage,…) Network Layer ● Data rate ● Control of bit flow: Data Link Layer ● serial or parallel transmission of bits Physical Layer ● synchronous or asynchronous transmission ● simplex, half-duplex, or full-duplex transmission mode Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 3: Physical Layer 3.4 Design Issues Transmitter Receiver Source Transmission System Destination NIC NIC Input Abcdef djasdja dak jd ashda kshd akjsd asdkjhasjd as kdjh askjda Univ.-Prof.
    [Show full text]
  • OSI Model and Network Protocols
    CHAPTER4 FOUR OSI Model and Network Protocols Objectives 1.1 Explain the function of common networking protocols . TCP . FTP . UDP . TCP/IP suite . DHCP . TFTP . DNS . HTTP(S) . ARP . SIP (VoIP) . RTP (VoIP) . SSH . POP3 . NTP . IMAP4 . Telnet . SMTP . SNMP2/3 . ICMP . IGMP . TLS 134 Chapter 4: OSI Model and Network Protocols 4.1 Explain the function of each layer of the OSI model . Layer 1 – physical . Layer 2 – data link . Layer 3 – network . Layer 4 – transport . Layer 5 – session . Layer 6 – presentation . Layer 7 – application What You Need To Know . Identify the seven layers of the OSI model. Identify the function of each layer of the OSI model. Identify the layer at which networking devices function. Identify the function of various networking protocols. Introduction One of the most important networking concepts to understand is the Open Systems Interconnect (OSI) reference model. This conceptual model, created by the International Organization for Standardization (ISO) in 1978 and revised in 1984, describes a network architecture that allows data to be passed between computer systems. This chapter looks at the OSI model and describes how it relates to real-world networking. It also examines how common network devices relate to the OSI model. Even though the OSI model is conceptual, an appreciation of its purpose and function can help you better understand how protocol suites and network architectures work in practical applications. The OSI Seven-Layer Model As shown in Figure 4.1, the OSI reference model is built, bottom to top, in the following order: physical, data link, network, transport, session, presentation, and application.
    [Show full text]
  • Lecture: TCP/IP 2
    TCP/IP- Lecture 2 [email protected] How TCP/IP Works • The four-layer model is a common model for describing TCP/IP networking, but it isn’t the only model. • The ARPAnet model, for instance, as described in RFC 871, describes three layers: the Network Interface layer, the Host-to- Host layer, and the Process-Level/Applications layer. • Other descriptions of TCP/IP call for a five-layer model, with Physical and Data Link layers in place of the Network Access layer (to match OSI). Still other models might exclude either the Network Access or the Application layer, which are less uniform and harder to define than the intermediate layers. • The names of the layers also vary. The ARPAnet layer names still appear in some discussions of TCP/IP, and the Internet layer is sometimes called the Internetwork layer or the Network layer. [email protected] 2 [email protected] 3 TCP/IP Model • Network Access layer: Provides an interface with the physical network. Formats the data for the transmission medium and addresses data for the subnet based on physical hardware addresses. Provides error control for data delivered on the physical network. • Internet layer: Provides logical, hardware-independent addressing so that data can pass among subnets with different physical architectures. Provides routing to reduce traffic and support delivery across the internetwork. (The term internetwork refers to an interconnected, greater network of local area networks (LANs), such as what you find in a large company or on the Internet.) Relates physical addresses (used at the Network Access layer) to logical addresses.
    [Show full text]
  • Medium Access Control Layer
    Telematics Chapter 5: Medium Access Control Sublayer User Server watching with video Beispielbildvideo clip clips Application Layer Application Layer Presentation Layer Presentation Layer Session Layer Session Layer Transport Layer Transport Layer Network Layer Network Layer Network Layer Univ.-Prof. Dr.-Ing. Jochen H. Schiller Data Link Layer Data Link Layer Data Link Layer Computer Systems and Telematics (CST) Physical Layer Physical Layer Physical Layer Institute of Computer Science Freie Universität Berlin http://cst.mi.fu-berlin.de Contents ● Design Issues ● Metropolitan Area Networks ● Network Topologies (MAN) ● The Channel Allocation Problem ● Wide Area Networks (WAN) ● Multiple Access Protocols ● Frame Relay (historical) ● Ethernet ● ATM ● IEEE 802.2 – Logical Link Control ● SDH ● Token Bus (historical) ● Network Infrastructure ● Token Ring (historical) ● Virtual LANs ● Fiber Distributed Data Interface ● Structured Cabling Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 5: Medium Access Control Sublayer 5.2 Design Issues Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 5: Medium Access Control Sublayer 5.3 Design Issues ● Two kinds of connections in networks ● Point-to-point connections OSI Reference Model ● Broadcast (Multi-access channel, Application Layer Random access channel) Presentation Layer ● In a network with broadcast Session Layer connections ● Who gets the channel? Transport Layer Network Layer ● Protocols used to determine who gets next access to the channel Data Link Layer ● Medium Access Control (MAC) sublayer Physical Layer Univ.-Prof. Dr.-Ing. Jochen H. Schiller ▪ cst.mi.fu-berlin.de ▪ Telematics ▪ Chapter 5: Medium Access Control Sublayer 5.4 Network Types for the Local Range ● LLC layer: uniform interface and same frame format to upper layers ● MAC layer: defines medium access ..
    [Show full text]
  • Application Layer Protocols in Networking
    Application Layer Protocols In Networking Is Silvain cuckoo or calcific when hectographs some bulls dishelm sexennially? Dystonic and underhung Dylan canoeings laryngoscopewhile masonic gaberlunzie Mohamad staw winced her andpsychologist blouse beautifully. hoarily and shorts bitterly. Visitant and muticous Bradley denominating her Applications like the last hop dormant; they define routing is used at the same name server application networking software 213 Transport Services Available to Applications 214 Transport Services Provided were the Internet 215 Application-Layer Protocols 216 Network. Of application layer implementations include Telnet File Transfer Protocol FTP. Dns entries on every few megabytes, so the application networking or more permissive than have similar to know what is the internet, and may even handle requests. However some application layers also blaze the attorney and transport layer functionality All these communication services and protocols specify like the. Protocols in Application Layer GeeksforGeeks. Network Communication Protocols Computer Science Field. What sway the principle of networking? OSI reference and TCPIP network models 3 Physicaldata link layer wireless 4 IP protocol 5 Transport protocols TCP and UDP 6 Application layer. Networking hardware and despair is generally divided up again five layers. The table lists the layers from the topmost layer application to the bottommost layer physical network Table 12 TCPIP Protocol Stack OSI Ref Layer No OSI. Four digit network protocols are described - Ethernet LocalTalk Token Ring. Understanding Layer 2 3 and 4 Protocols InformIT. Chapter 10 Application Layer. Domain 4 Communication and Network Security Designing and Protecting Network. Network Virtual space It allows a user to cost on bottom a rude host.
    [Show full text]
  • A Comparison of Iot Application Layer Protocols Through a Smart Parking Implementation
    A Comparison of IoT application layer protocols through a smart parking implementation Paridhika Kayal and Harry Perros {pkayal,hp}@ncsu.edu Computer Science Department North Carolina State University Abstract—Several IoT protocols have been introduced in order to high performance, real-time data sharing or real-time device provide an efficient communication for resource-constrained control. In many cases data is collected for subsequent applications. However, their performance is not as yet well “offline” processing. The WebSocket (WS) standard provides understood. To address this issue, we evaluated and compared bi-directional Web communication and connection four communication protocols, namely, CoAP, MQTT, XMPP, management. WebSocket is a good IoT solution if the devices and WebSocket. For this, we implemented a smart parking application using open source software for these protocols and can afford the WebSocket payload. Other protocols, such as, measured their response time by varying the traffic load. SMQ and CoSIP are also gaining traction. All these protocols Keywords—CoAP, MQTT, XMPP, WebSocket, smart parking, are positioned as real-time publish-subscribe IoT protocols, response time. with support for millions of devices. Depending on how you define “real time” (seconds, milliseconds or microseconds) I. INTRODUCTION and “things” (WSN node, multimedia device, personal An IoT application typically involves a large number of wearable device, medical scanner, engine control, etc.), the deployed and interconnected sensors and gateways. The protocol selection for an application is critical. sensors measure the physical environment and send the data to II. RELATED WORK a gateway. The gateway aggregates the data from various sensors and then sends it to a server/broker.
    [Show full text]
  • The OSI Model: Understanding the Seven Layers of Computer Networks
    Expert Reference Series of White Papers The OSI Model: Understanding the Seven Layers of Computer Networks 1-800-COURSES www.globalknowledge.com The OSI Model: Understanding the Seven Layers of Computer Networks Paul Simoneau, Global Knowledge Course Director, Network+, CCNA, CTP Introduction The Open Systems Interconnection (OSI) model is a reference tool for understanding data communications between any two networked systems. It divides the communications processes into seven layers. Each layer both performs specific functions to support the layers above it and offers services to the layers below it. The three lowest layers focus on passing traffic through the network to an end system. The top four layers come into play in the end system to complete the process. This white paper will provide you with an understanding of each of the seven layers, including their functions and their relationships to each other. This will provide you with an overview of the network process, which can then act as a framework for understanding the details of computer networking. Since the discussion of networking often includes talk of “extra layers”, this paper will address these unofficial layers as well. Finally, this paper will draw comparisons between the theoretical OSI model and the functional TCP/IP model. Although TCP/IP has been used for network communications before the adoption of the OSI model, it supports the same functions and features in a differently layered arrangement. An Overview of the OSI Model Copyright ©2006 Global Knowledge Training LLC. All rights reserved. Page 2 A networking model offers a generic means to separate computer networking functions into multiple layers.
    [Show full text]