/ COMPUTER-FUNDAMENTAL

HTTP, SSL, and TLS

HTTP (Hypertext Transfer Protocol)


HTTP is a protocol that be able to communicate between web browser and web server.
Server and client can share their data in HTTP protocol.
HTTP can send any type of data.


The difference between HTTP and HTTPS

HTTP : a communication between client and server in web.
HTTPS encapsulates session data through SSL or TLS, not using normal text in socket communication.


SSL

SSL is the standard technology for keeping an internet connection secure and safeguarding any data that is being sent between two systems.


TLS

TLS is more secure version of SSL.
When a client and server establish a SSL/TLS connection, they establish a unique session.


DTLS

It is based on TLS.
It is communication protocol designed to protect privacy and prevent eavesdropping and tampering.


Why DTLS is more secure?

  • Packet reordering
  • Flow control
  • Reliability assurance

    SSL, TLS, DTLS is more secure than IPsec.
    DTLS uses UDP, otherwise, TLS uses TCP.

TCP/IP core protocol

runtime2 TCP/IP protocols add a header to data inherited from the layer above it.

  • Layer 7,6, and 5 : Data and instructions (=payload) are generated by applications running on source host.
  • Layer 4 : A transport layer protocol (TCP or UDP), adds a header to the payload.
  • Includes a port number to identify the receiving applicaion.
  • Layer 3 : Network layer adds it’s own header and becomes a packet.
  • Layer 2 : Packet is passed to Data link layer on NIC, which encapsulates data with its own header and trailer, creating a frame.
  • Layer 1 : Physical layer on the NIC recieves the frame and places the transmission on the network.

    <br/s> Receiving host de-encapsulates the message at each layer in reverse order and presents payload to the receiving applicaion.
    Connectivity devices (switch, router, firewall) are specialized devices that allow two or more networks to connect and exahange data.

runtime2 TCP

TCP operates in the transport layer (layer 4) of OSI model.

  • Connection-oriented : TCP ensures that a connection or session is established by using a three-step process called a “three-way handshare”
  • Sequence and checksum : TCP sends a character string (called checksum) that is checked by the destination host along with a sequence number of each segment.
  • Flow control : rate of transmission based on “how quickly recipient can accept data.”

runtime2

  • Three-way handshare
  • Request for a connection
  • Response to the request
  • Connection established

runtime2 UDP

UDP is an unreliable, connectionless protocol.

  • No three-way handshare.
  • Not gurantee delivery of data.
  • No error checking, sequencing, or flow control.
  • UCP is more efficient than TCP, but connection is worse.

runtime2 IP (Internet Protocol)

IP operates at the Network layer (layer 3) of the OSI model.
Specifies where data should be delivered.
Identifies the data’s source and destination IP address.

IP is an unreliable, connectionless protocol.

  • No gurantee delivery of data
  • No session is established before data is transmitted.

runtime2 HTTP communication

client - request - server - response - client

  • Connectionless : it cuts connection just as get response.
  • Stateless : Just as connection finish, it doesn’t remain the information.

  • Advantages
    It is good for unknown users.
    It can deal with more request and response than the maximum of client - server.

  • Disadvanatge
    It loses the previous condition.
    Cookie exists because of lost condition.

URL (Uniform Resource Locator)

The location of resources in Internet
The address or path to approach a specific file in web server