DOCSLIB.ORG

A Flow-Based Approach to Datagram Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Flow-Based Approach to Datagram Security A Flow-Based Approach to Datagram Security Suvo Mittra Thomas Y.C. Woo Stanford University Bell Lab oratories [email protected] [email protected] Abstract Datagram services have b een widely adopted. Their success has b een mainly attributed to their simplicity, Datagram services provide a simple, exible, robust, and exibility, robustness and scalability. For example, many scalable communication abstraction; their usefulness has of the most imp ortant networking proto cols, suchasIP b een well demonstrated by the success of IP, UDP, and [22 ], UDP [21 ], and RPC [6], make use of an underlying RPC. Yet, the overwhelming ma jority of network security datagram service mo del. proto cols that have b een prop osed are geared towards Recently, much attention has b een paid to securing connection-oriented communications. The few that do network communications, esp ecially those based on data- cater to datagram communications tend to either rely on grams. This can b e seen most apparently in the many long term host-pair keying or imp ose a session-oriented prop osals for IP security [4 , 11 , 18 ]. In addition, b oth (i.e., requiring connection setup) semantics. IPv4 and IPv6 [8 ], nowhave built-in provisions for secu- Separately, the concept of ows has received a great deal rity in the form of an Authentication Header (AH) and an of attention recently, esp ecially in the context of routing Encapsulating SecurityPayload Header (ESPH) [1, 2, 3]. and QoS. A owcharacterizes a sequence of datagrams Unfortunately, existing prop osals are neither satisfac- sharing some pre-de ned attributes. In this pap er, we tory nor completely address the problem of datagram advo cate the use of ows as a basis for structuring secure security. For example: datagram communications. We supp ort this by prop os- They tend to adopt a connection-based session mo del inganovel proto col for datagram security based on ows. for adding security. That is, they require extrane- Our proto col achieves zero-message keying, thus preserv- ous message exchange for setting up security as- ing the connectionless nature of datagram, and makes use so ciations and the creation of \hard" state for se- of soft state, thus providing the p er-packet pro cessing e- curity pro cessing in the two communicating prin- ciency of session-oriented schemes. Wehave implemented cipals. The key advantages of a connection-based an instantiation for IP in the 4.4BSD kernel, and we mo del are its well-de ned unit of protection based provide a description of our implementation along with on a connection, and the p ossible eciency gain p erformance results. from the use of \hard" state. We b elieve, however, that the sacri ce of datagram semantics (and its de- 1 Intro duction sirable features as a result) may b e to o exp ensivea price to pay. In addition, as we shall describ e, it is A datagram service is one in which self-contained mes- 1 not necessary for providing security. sages, or datagrams, are transmitted from one principal to another, and whereby each datagram is transmitted They fo cus only on sp eci c proto col layers, e.g., IP, and received atomically and indep endently, in isolation instead of presenting general solutions that apply of others. No prior setup is needed b etween the source across proto col layers or stacks. We b elieve that se- and destination principals, nor is there any required state curity solutions are subtle enough to get righteven maintained b etween the two. once, thus any solution that we design should be 1 We use the term principal here to avoid referring to a sp eci c consistently applicable across proto col layers. In proto col layer. In general, a principal can b e a host, a pro cess or a addition, there is a great deal of debate regarding user. The term principal is commonly used in security literature. the correct placement of security functions in a pro- App ears in Proceedings of the ACM SIGCOMM '97, Septemb er 14-18, 1997, Cannes, France. to col stack. A solution committed to any particular layer or stackmay b ecome obsolete b efore it ever c Copyright 1997 by the Asso ciation for Computing Machinery, Inc. Permission to make digital orhard copies of part or all of this work for p ersonal or classro om use is granted without fee provided that copies gains p opularity. are not made or distributed forpro t or direct commercial advantage and that copies b ear this notice and the full citation on the rst page. Copyrights for comp onents of this work owned by others than ACM must b e honored. Abstracting with credit is p ermitted. To copy otherwise, to republish, to p ost on servers, orto They concentrate mostly on sp eci c mechanisms redistribute to lists, requires prior sp eci c p ermission and/or a fee. Request p ermissions from Publications Dept., ACM Inc., fax +1 (212) 869-0481, or [email protected]. without reference to p olicy issues. Separation of mechanism and p olicy is go o d system practice; but 1 the design of certain mechanisms are heavily in- 2.1 Session-based Keying uenced by the typ es of p olicies that are to be Session-based keying takes many forms, some rely on a enforced. We b elieve it is critical to make explicit third party suchasakey distribution center (KDC) and and investigate the coupling b etween the two. others agree on a key b etween the two corresp onding prin- cipals. What is needed is a unifying abstraction that o ers In a KDC-based approach, b efore a source sends a a unit of protection and eciency similar to that of a datagram, it contacts the KDC to request a session key connection-based mo del, is meaningful across di erent and an authentication ticket. The ticket, encrypted with proto col layers, and is amenable to p olicy control. A par- the destination's secret key, allows the destination (and ticularly tting candidate for this is the notion of ows. only the destination) to authenticate and decrypt trans- Lo osely sp eaking, a ow is a sequence of datagrams missions from the source. To send a datagram, the source satisfying some pre-de ned attributes. It characterizes encrypts the payload with the session key and sends the communications that are b etween that of datagram and encrypted payload together with the ticket. The destina- connection. That is, a ow is neither datagram nor con- tion recovers the session key from the ticket, and uses it nection | it has the avor of b oth. to decrypt the payload. Proto cols that use this approach The ow notion can b e applied across di erent proto- include Kerb eros [25 ], Sun RPC [26 ] and DCE [24 ]. col layers. At the application layer, datagrams b elonging In session-based keying without a third party, a dy- to the same application \conversation" constitute a ow. namic key exchange is p erformed b etween the source and At the transp ort layer, datagrams in a connection can b e destination principals. This establishes a shared secret, considered a ow. which can be used to derive a session key. The ses- The b oundary of a ow is dynamically adjustable, by sion key is stored as part of the security asso ciation, and varying the set of attributes of interest. A p olicy can b e is used in securing ensuing communications. Proto cols used to sp ecify the set of attributes of interest and the supp orting this metho d include Oakley [18 ] and Photuris corresp onding security requirements. [11 ]. In this pap er, we prop ose a new proto col for datagram The key advantage of session-based keying is the p os- security, called the Flow-Based Security Proto col (FBS), sible eciency gain with explicit state setup, esp ecially based on the concept of ows. FBS makes use of zero- in case of long-lived communications. However, this is message keying and soft states. The former allows it to achieved at the exp ense of datagram semantics. maintain datagram semantics, while the latter makes its eciency comparable to a connection-based approach. FBS is not de ned for any sp eci c proto col layer. It 2.2 Host-Pair Keying assumes only the availability of an underlying (insecure) The basic idea b ehind host-pair keying is that each pair datagram transp ort. As an example of its application, of hosts have an implicit key, called the pair-based mas- wehave de ned a mapping to IP and implemented the ter key, that can be computed only by that host pair. mapping in the 4.4BSD kernel. The implicit key exists a priori, thus allowing a message The balance of this pap er is organized as follows. In encrypted using this key to be sent without arranging the next section, we give a brief overview of existing work. anything in advance. An immediate consequence of this In Section 3, we present the requirements and constraints is that proto cols based on host-pair keying supp ort data- for the design of our proto col. In Section 4, we elab orate gram semantics. That is, no extra message exchange is on the concept of the ow and its application to security. required to set up secure communication, nor is there a In Section 5, we describ e our prop osed FBS proto col. In need for hard state to b e maintained.
Load more

Recommended publications
  • DE-CIX Academy Handout
    Networking Basics 04 - User Datagram Protocol (UDP) Wolfgang Tremmel [email protected] DE-CIX Management GmbH | Lindleystr. 12 | 60314 Frankfurt | Germany Phone + 49 69 1730 902 0 | [email protected] | www.de-cix.net Networking Basics DE-CIX Academy 01 - Networks, Packets, and Protocols 02 - Ethernet 02a - VLANs 03 - the Internet Protocol (IP) 03a - IP Addresses, Prefixes, and Routing 03b - Global IP routing 04 - User Datagram Protocol (UDP) 05 - TCP ... Layer Name Internet Model 5 Application IP / Internet Layer 4 Transport • Data units are called "Packets" 3 Internet 2 Link Provides source to destination transport • 1 Physical • For this we need addresses • Examples: • IPv4 • IPv6 Layer Name Internet Model 5 Application Transport Layer 4 Transport 3 Internet 2 Link 1 Physical Layer Name Internet Model 5 Application Transport Layer 4 Transport • May provide flow control, reliability, congestion 3 Internet avoidance 2 Link 1 Physical Layer Name Internet Model 5 Application Transport Layer 4 Transport • May provide flow control, reliability, congestion 3 Internet avoidance 2 Link • Examples: 1 Physical • TCP (flow control, reliability, congestion avoidance) • UDP (none of the above) Layer Name Internet Model 5 Application Transport Layer 4 Transport • May provide flow control, reliability, congestion 3 Internet avoidance 2 Link • Examples: 1 Physical • TCP (flow control, reliability, congestion avoidance) • UDP (none of the above) • Also may contain information about the next layer up Encapsulation Packets inside packets • Encapsulation is like Russian dolls Attribution: Fanghong. derivative work: Greyhood https://commons.wikimedia.org/wiki/File:Matryoshka_transparent.png Encapsulation Packets inside packets • Encapsulation is like Russian dolls • IP Packets have a payload Attribution: Fanghong.
    [Show full text]
  • User Datagram Protocol - Wikipedia, the Free Encyclopedia Página 1 De 6
    User Datagram Protocol - Wikipedia, the free encyclopedia Página 1 de 6 User Datagram Protocol From Wikipedia, the free encyclopedia The five-layer TCP/IP model User Datagram Protocol (UDP) is one of the core 5. Application layer protocols of the Internet protocol suite. Using UDP, programs on networked computers can send short DHCP · DNS · FTP · Gopher · HTTP · messages sometimes known as datagrams (using IMAP4 · IRC · NNTP · XMPP · POP3 · Datagram Sockets) to one another. UDP is sometimes SIP · SMTP · SNMP · SSH · TELNET · called the Universal Datagram Protocol. RPC · RTCP · RTSP · TLS · SDP · UDP does not guarantee reliability or ordering in the SOAP · GTP · STUN · NTP · (more) way that TCP does. Datagrams may arrive out of order, 4. Transport layer appear duplicated, or go missing without notice. TCP · UDP · DCCP · SCTP · RTP · Avoiding the overhead of checking whether every RSVP · IGMP · (more) packet actually arrived makes UDP faster and more 3. Network/Internet layer efficient, at least for applications that do not need IP (IPv4 · IPv6) · OSPF · IS-IS · BGP · guaranteed delivery. Time-sensitive applications often IPsec · ARP · RARP · RIP · ICMP · use UDP because dropped packets are preferable to ICMPv6 · (more) delayed packets. UDP's stateless nature is also useful 2. Data link layer for servers that answer small queries from huge 802.11 · 802.16 · Wi-Fi · WiMAX · numbers of clients. Unlike TCP, UDP supports packet ATM · DTM · Token ring · Ethernet · broadcast (sending to all on local network) and FDDI · Frame Relay · GPRS · EVDO · multicasting (send to all subscribers). HSPA · HDLC · PPP · PPTP · L2TP · ISDN · (more) Common network applications that use UDP include 1.
    [Show full text]
  • Network Connectivity and Transport – Transport
    Idaho Technology Authority (ITA) ENTERPRISE STANDARDS – S3000 NETWORK AND TELECOMMUNICATIONS Category: S3510 – NETWORK CONNECTIVITY AND TRANSPORT – TRANSPORT CONTENTS: I. Definition II. Rationale III. Approved Standard(s) IV. Approved Product(s) V. Justification VI. Technical and Implementation Considerations VII. Emerging Trends and Architectural Directions VIII. Procedure Reference IX. Review Cycle X. Contact Information Revision History I. DEFINITION Transport provides for the transparent transfer of data between different hosts and systems. The two (2) primary transport protocols in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). II. RATIONALE Idaho State government must be able to easily, reliably, and economically communicate data and information to conduct State business. TCP/IP is the protocol standard used throughout the global Internet and endorsed by ITA Policy 3020 – Connectivity and Transport Protocols, for use in State government networks (LAN and WAN). III. APPROVED STANDARD(S) TCP/IP Transport: 1. Transmission Control Protocol (TCP); and 2. User Datagram Protocol (UDP). IV. APPROVED PRODUCT(S) Standards-based products and architecture S3510 – Network Connectivity and Transport – Transport Page 1 of 2 V. JUSTIFICATION TCP and UDP are the transport standards for critical State applications like electronic mail and World Wide Web services. VI. TECHNICAL AND IMPLEMENTATION CONSIDERATIONS It is also important to carefully consider the security implications of the deployment, administration, and operation of a TCP/IP network. VII. EMERGING TRENDS AND ARCHITECTURAL DIRECTIONS The use of TCP/IP (Internet) protocols and applications continues to increase. Agencies purchasing new systems may want to consider compatibility with the emerging Internet Protocol Version 6 (IPv6), which was designed by the Internet Engineering Task Force to replace IPv4 and will dramatically expand available IP addresses.
    [Show full text]
  • Application Protocol Data Unit Meaning
    Application Protocol Data Unit Meaning Oracular and self Walter ponces her prunelle amity enshrined and clubbings jauntily. Uniformed and flattering Wait often uniting some instinct up-country or allows injuriously. Pixilated and trichitic Stanleigh always strum hurtlessly and unstepping his extensity. NXP SE05x T1 Over I2C Specification NXP Semiconductors. The session layer provides the mechanism for opening closing and managing a session between end-user application processes ie a semi-permanent dialogue. Uses MAC addresses to connect devices and define permissions to leather and commit data 1. What are Layer 7 in networking? What eating the application protocols? Application Level Protocols Department of Computer Science. The present invention pertains to the convert of Protocol Data Unit PDU session. Network protocols often stay to transport large chunks of physician which are layer in. The term packet denotes an information unit whose box and tranquil is remote network-layer entity. What is application level security? What does APDU stand or Hop sound to rot the meaning of APDU The Acronym AbbreviationSlang APDU means application-layer protocol data system by. In the context of smart cards an application protocol data unit APDU is the communication unit or a bin card reader and a smart all The structure of the APDU is defined by ISOIEC 716-4 Organization. Application level security is also known target end-to-end security or message level security. PDU Protocol Data Unit Definition TechTerms. TCPIP vs OSI What's the Difference Between his Two Models. The OSI Model Cengage. As an APDU Application Protocol Data Unit which omit the communication unit advance a.
    [Show full text]
  • Connecting to the Internet Date
    Connecting to the Internet Dial-up Connection: Computers that are serving only as clients need not be connected to the internet permanently. Computers connected to the internet via a dial- up connection usually are assigned a dynamic IP address by their ISP (Internet Service Provider). Leased Line Connection: Servers must always be connected to the internet. No dial- up connection via modem is used, but a leased line. Costs vary depending on bandwidth, distance and supplementary services. Internet Protocol, IP • The Internet Protocol is connection-less, datagram-oriented, packet-oriented. Packets in IP may be sent several times, lost, and reordered. No bandwidth No video or graphics No mobile connection No Static IP address Only 4 billion user support IP Addresses and Ports The IP protocol defines IP addresses. An IP address specifies a single computer. A computer can have several IP addresses, depending on its network connection (modem, network card, multiple network cards, …). • An IP address is 32 bit long and usually written as 4 8 bit numbers separated by periods. (Example: 134.28.70.1). A port is an endpoint to a logical connection on a computer. Ports are used by applications to transfer information through the logical connection. Every computer has 65536 (216) ports. Some well-known port numbers are associated with well-known services (such as FTP, HTTP) that use specific higher-level protocols. Naming a web Every computer on the internet is identified by one or many IP addresses. Computers can be identified using their IP address, e.g., 134.28.70.1. Easier and more convenient are domain names.
    [Show full text]
  • Internet Protocol Suite
    InternetInternet ProtocolProtocol SuiteSuite Srinidhi Varadarajan InternetInternet ProtocolProtocol Suite:Suite: TransportTransport • TCP: Transmission Control Protocol • Byte stream transfer • Reliable, connection-oriented service • Point-to-point (one-to-one) service only • UDP: User Datagram Protocol • Unreliable (“best effort”) datagram service • Point-to-point, multicast (one-to-many), and • broadcast (one-to-all) InternetInternet ProtocolProtocol Suite:Suite: NetworkNetwork z IP: Internet Protocol – Unreliable service – Performs routing – Supported by routing protocols, • e.g. RIP, IS-IS, • OSPF, IGP, and BGP z ICMP: Internet Control Message Protocol – Used by IP (primarily) to exchange error and control messages with other nodes z IGMP: Internet Group Management Protocol – Used for controlling multicast (one-to-many transmission) for UDP datagrams InternetInternet ProtocolProtocol Suite:Suite: DataData LinkLink z ARP: Address Resolution Protocol – Translates from an IP (network) address to a network interface (hardware) address, e.g. IP address-to-Ethernet address or IP address-to- FDDI address z RARP: Reverse Address Resolution Protocol – Translates from a network interface (hardware) address to an IP (network) address AddressAddress ResolutionResolution ProtocolProtocol (ARP)(ARP) ARP Query What is the Ethernet Address of 130.245.20.2 Ethernet ARP Response IP Source 0A:03:23:65:09:FB IP Destination IP: 130.245.20.1 IP: 130.245.20.2 Ethernet: 0A:03:21:60:09:FA Ethernet: 0A:03:23:65:09:FB z Maps IP addresses to Ethernet Addresses
    [Show full text]
  • Bluetooth Protocol Architecture Pdf
    Bluetooth Protocol Architecture Pdf Girlish Ethan suggest some hazard after belligerent Hussein bastardizes intelligently. Judicial and vertebrate Winslow outlined her publicness compiled while Eddie tittupped some blazons notably. Cheap-jack Calvin always transfixes his heartwood if Quinton is unpathetic or forjudged unfortunately. However, following the disconnect, the server does not delete the messages as it does in the offline model. The relay agent assumes that bluetooth protocol architecture pdf. The authoritative for media packet as conversation are charged money, so technically speaking, or sample is bluetooth protocol architecture pdf. Telndiscusses some information contains an invisible band and other features to bluetooth protocol architecture pdf. Bluetooth also requires the interoperability of protocols to accommodate heterogeneous equipment and their re-use The Bluetooth architecture defines a small. To exchange attribute id value was erroneous data packets to be a packet scheduler always new connection along with patterns that of bluetooth protocol architecture pdf. Jabwt implementation matter described in a read or ll_terminate_ind pdus are called bluetooth protocol architecture pdf. The only difference between the two routes through the system is that all packets passing through HCI experience some latency. All devices being invited to bluetooth protocol architecture pdf. In a single data is used in an constrained environments as a bluetooth protocol architecture pdf. Nwhere n models provide access. These are expected that is alterall not know as telnet protocol and architecture protocol of safety and frequency. Slave broadcast packet to bluetooth protocol architecture pdf. Number Of Completed Packets Command. The link key is inside a prune message is provided to synchronize a connection to achieve current keys during discovery architecture bluetooth protocol architecture pdf.
    [Show full text]
  • Function of Tcp Ip Protocol Suite
    Function Of Tcp Ip Protocol Suite politically?Stewart is painstaking:Expectable Willardshe uprises aspersing stalagmitically or overwhelms and submerses some prodigiousness her Tomsk. multilaterally,Is Josef spectroscopical however cliffy or perforative Myron deek when unprosperously thirls some microbesor unvoices. patronizing Defines how protocols of protocol stack implements a function of advertisements are associated with only to infinity can be aware of interfacing with a sysadmin as. The unsuspecting hapless user may cause his application to crash or otherwise fail. But obscure protocol suite and ip makes sure that. The user id indicates that large number of a secret or product support this functionality of a network adapter card. This beforehand because all routes in equal distance vector table are included in each announcement. TCPIP is a shorthand for the memories most important protocols used to salt the Internet work The Internet. Therefore, MBGP can create routes for both unicast and multicast traffic. The TCPIP suite has different core protocols that work outweigh the Internet layer which. The DoD model is the input that was used to plan or develop the TCPIP suite. The basis on cause this fraud network exists is the TCPIP protocol suite. The TCPIP Stack around the internet protocol suite is trump set of communication protocols used by. Ip functionality of functions which they use of a function of every computing platform independent of equal to connect to protect applications. When tcp protocol suite and function at each level. Connections are made to the first host in the anycast address group to respond. What is OSI Model 7 Layers Explained Imperva.
    [Show full text]
  • Protocol Data Unit for Application Layer
    Protocol Data Unit For Application Layer Averse Riccardo still mumms: gemmiferous and nickelous Matthieu budges quite holus-bolus but blurs her excogitation discernibly. If split-level or fetial Saw usually poulticed his rematch chutes jocularly or cry correctly and poorly, how unshared is Doug? Epiblastic and unexaggerated Hewe never repones his florescences! What is peer to peer process in osi model? What can you do with Packet Tracer? RARP: Reverse Address Resolution Protocol. Within your computer, optic, you may need a different type of modem. The SYN bit is used to acknowledge packet arrival. The PCI classes, Presentation, Data link and Physical layer. The original version of the model defined seven layers. PDUs carried in the erased PHY packets are also lost. Ack before a tcp segment as for data unit layer protocol application layer above at each layer of. You can unsubscribe at any time. The responder is still in the CLOSE_WAIT state, until the are! Making statements based on opinion; back them up with references or personal experience. In each segment of the PDUs at the data from one computer to another protocol stacks each! The point at which the services of an OSI layer are made available to the next higher layer. Confused by the OSI Model? ASE has the same IP address as the router to which it is connected. Each of these environments builds upon and uses the services provided by the environment below it to accomplish specific tasks. This process continues until the packet reaches the physical layer. ASE on a circuit and back.
    [Show full text]
  • Ipsec and IKE Administration Guide
    IPsec and IKE Administration Guide Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. Part No: 816–7264–10 April 2003 Copyright 2003 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved. This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, docs.sun.com, AnswerBook, AnswerBook2, SunOS, Sun ONE Certificate Server, and Solaris are trademarks, registered trademarks, or service marks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. The OPEN LOOK and Sun™ Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering efforts of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, which license also covers Sun’s licensees who implement OPEN LOOK GUIs and otherwise comply with Sun’s written license agreements.
    [Show full text]
  • Which Is NOT a PDU(Protocol Data Unit) ? A) Frame B) Packet C) Segment D) Datagram E) HTTP *
    Which is NOT a PDU(Protocol Data Unit) ? A) Frame B) Packet C) Segment D) Datagram E) HTTP * Apache is a(n): A) email server program B) DNS server program C) DHCP server program D) HTTP (or web) server program * E) Operating system The Chrome web browser should run on the _________ layer. A) application * B) transport C) internet D) data link E) physical According to the encapsulation and de-encapsulation process between standard layers, the data field of a frame most likely includes a(n) : A) IP packet * B) sending station's MAC address C) receiving station's MAC address D) TCP segment E) application PDU (protocol data unit) According to the encapsulation and de-encapsulation process between standard layers, the data field of a packet may include a(n) : A) UDP datagram B) TCP segment C) application PDU (protocol data unit) D) Ethernet frame E) UDP datagram or TCP segment* Establishing a logical connection(or handshaking) between two computers requires the exchange of __________ messages. A) 0 B) 1 C) 2 D) 3* E) 5 The real-life analogy of an IP packet is: A) the Jayne’s letter to Brian B) the airplane that delivers the Jayne’s letter C) the envelop that contains the Jayne’s letter * D) Jayne and Brian’s mailing addresses E) Jayne and Brian’s houses Standard details of network cables should be defined in the _____ layer A) application B) transport C) internet D) data link E) physical* Which of the following is NOT a layer in the hybrid TCP/IP-OSI architecture? A) physical B) session* C) internet D) data link E) transport Which correctly
    [Show full text]
  • TCP Protocol Wars
    June 2015 Volume 18, Number 2 A Quarterly Technical Publication for From The Editor Internet and Intranet Professionals The Transmission Control Protocol (TCP) is one of the core protocols used in today’s Internet. This issue of IPJ is almost entirely devoted In This Issue to discussions about TCP. Anyone who has studied TCP/IP will have marveled at the “ASCII Art” state diagram for TCP on page 23 of RFC 793, published in 1981. This diagram is a good illustration of From the Editor ...................... 1 both the power and the limitations of using only text characters to draw a “picture.” I am happy to report that efforts to define a new Multipath TCP ....................... 2 format for the RFC series of documents are nearing completion. We will report further on this new RFC format in a future issue. TCP Protocol Wars ............... 15 Your mobile device contains several interfaces, such as USB, WiFi, Cellular Data, and Bluetooth. Most, if not all, of these interfaces can be used for Internet communications, specifically to carry TCP/IP Fragments ............................. 23 datagrams. In our first article, Geoff Huston looks at an emerging standard, Multipath TCP (MPTCP), which allows TCP to operate Call for Papers ...................... 26 several simultaneous connections using different interfaces. Although TCP has not fundamentally changed since its introduction Supporters and Sponsors ...... 27 in 1981, much work has gone into improving TCP performance in the presence of network congestion and variations in network through- put. Our second article, entitled “TCP Protocol Wars,” recalls a term from the late 1980s that referred to the battle between TCP/IP and the ISO/OSI Protocol Suite.
    [Show full text]