《Inetnet History,Technology and Security》学习笔记
前言
本文为观看Cousera的Michigan《Internet History, Technology and Security》教程的个人学习笔记,包括了每个week的概要和个人感想,供个人温故。week 1为中文,之后就用英文写了,不为其他,只是觉得看英文视频用英文总结,这样更自然些。
week1
- 二战时期出现了许多伟大的发明,改变了和平时代我们的生活方式。
- 战争时期的交流需要,出现了无线电等。
- 战争中由于信息加密和解密的需求,出现了机器,而加密与解密是机器发展的核心。
- 无数的人投身于此,机器发展迅速 。
- 早期的计算机和现在的差距很大,早期的计算机体积大而笨重,运行速度慢,耗能多,不是很能达到人们的需求。
- 战争推动了计算机的发展,早期的计算机都用于军方的加密与破译。
- 战争结束,计算机的用途由军事向和平时期的用途转化,由机械向电子转化。
Bombe是二战时期的一台高级计算机,主要用于密码破译。 - enigma 用于加密的电子器械。
week2
-
BOMBA = polish code-breaking machine
-
Bletchley Park :All of computations,computer sicience Internet history technology started here
-
colussus
-
lorenz machine
-
alan turing 图灵的破译站发明了名为BOMBE的破译机
-
phone line networking
-
dia-up access
you can connect to others without going out.
but you cannot connect with others in long distance
The characters were encoded as sound
pretty common in the 1970s -
lease line
it's very expensive and its cost depends on distance
the store and forward networking
it awesome but slow
it transport in queue
people added more hops to cut back expense -
BITNET is also awesome but slow,they are mainly used to send mails
-
Arprnet
people can send mails faster and communicate more effectively -
Efficient message transmissin :
Packet Switching:
use software to break data into pieces and use router to transmission.
the router likes a post office,it delivers all sorts of data pieces in different ways,all data are labeled,but this way may lead to a unstop loop,and it took nearly 20 years to solve it. -
Supercomputer program was drived by astonomy,and the gorvenment put a lot into it,the program also bring the development of market and industry. The path to network is not flat.
-
NSF net The project to creat the first nationwide TCP/IP network for all users was awarded to the University of Michigan
-
michigan's state-wide network
-
感受:网络的发展是以方便交流为主线的,通过一代又一代才华横溢的人们的努力和创造以及政府的大量投入,才将网络的发展一点一点推动,起初网络的发展较慢,成本高而且难以推广,效率低下,但是后来的发展十分迅猛,人们的聪明才智发挥到了极致,其中packet switching让人印象深刻。
week 3
- cern - high -energy(physics):It's a place which is for nuclear reserch.(even if the work is hard,we stil need joy and living.)this is the beginning of the Web.1.The internet was infrastructure the web gave the Internet a "user"interface and URLS.2.The Web was invented by the people here.3.CERN developed browsers and servers
- Robert cailous established the World Wide Wed is primarily to collaborate creation and edit documentation with reserchers around the world,And it is sharing high energy physics publications among the academic community.In his view,the major strength of his web editor and browswer is that it can opened each element is a new window and it handled links as connections as opposed to 'ugly' URLs.
- The web gives the Internet a "user interface and and URLs",and it's invented by Berners-Lee and Robert cailliau.Cern invented the browswers and servers - with a goal of world hyperlinked documents.
- The first server of America is invented by Paul Kunz SLAC,and it a database of 300000 paper.
- 1993:gopher is dominant.
- Steve jobs built NeXT computer.
- 90s is a period which the Web has a exposive growth.1990 the Web is used in academia and 1993 the web is everywhere in 1993~1994,since mid-1990s,the Cable Modem to the home started.
- People in NCSA invented the Mosaic browser,which is the first widely uesed browser and it can show pictures.
- Mosaic was the first"consunmer" web browser developed at NCSA
- NCSA created the http wed server which is the basic for the Apache web server.
- -while most of the NCSA programmers formed Netscape and made their fortunes.NCSA released their browser for free and focused on building standards to keep the web open.
- 感受:这段时期,网络的发展是缘自核物理研究的需要,许多人投身于此,这时出现了浏览器和万维网等东西,慢慢推广了到生活,网络得以“平民化”。这时的网络虽然令人耳目一新,但是速度依然很慢,用起来不是很方便。
week4
- Great changes have taken place in 1994s, actually,it is half year.
- Netscape Founded in April, 1994
- WWW Conf:May 25-26-27 1994,CERN,Geneva(Switzerland)
- WWW Conf: October 17-19, 1994, Chicago.
- October 1994, Tim Berners-Lee Founded the (W3C) at Mit
- November 8,1994-Window 95 beta2-Witha vengance!
- Microsoft worked to suffocate Netscape;
- JavaScriot was invented to compete with Visual Basic within 10 days;
- Netscape slowly leaked out into Open source as Mozilla-which became FireFox;
- FireFOx's serch box gave the small Mozilla Foundation millins of dollar of revenue;
- Some people are laid off from netscape, about 12 people of them founded the Mozilla Foundation and a lot of people joined the project. After a sort of effort, they got success and try to do something to affect a part of the world.
- Brendan Eich's goal in creating JavaScript :1. For it to be accessible to beginning programmers who were willing to dive in and paly with the language. 2.For it to be highly customizable,with no single set of guidelines dictating best pratices.
- As Microsoft worked to suffocate Netscape:
- JavaScript was invented to compete with Visual Basic(1995)
- Netscape slowly leaked out into Open Source as Mozilla - which later became FIreFox(late 1990's)
- Fire Fox's search box gave the small Mailla Foundation millins of dollars of revenue.
- Did Microsoft Save the world-Wide Wed?1. Netscape wanted to make the web browser, web server, and web protocols propritary and owned by them. 2. The web browser would be $50-$100 and sold separately. 3. This threatened to make the desktop operation system irrelevent.
- World-Wide-Web Consortium. 1. The W3c was formed in October 1994. 2. Led by Tim berners-Lee who moved from CERN to MIT. 3.Goal was to develop standards for the web and avoid proprietary balkanizatin of the Web. 3. Many large companie (Microsoft,IBM,etc) joined quickly.
Event
- Larry Smarr wanted to make supercomputer avaliavle to physicisis.
- Univerity of Michgan sneaked in 1.54MB/sec instead of 56kb/sec backbone for their NSFNet proposal.
- Tim Berner-Less and Robert Cailliau were building a system for network hosted documentation.
- Paul Kunz was trying to make his article database easier to use.
- Joseph Hardin wanted to make supercomputers more user friendly.
- Mitchell Baker - Just wanted us to have a free and open sourse browser.
The Woed Land Rush
- In the late 1990's there were many fortunes to be made - simoky by being firt in a market.
- Everything was "novel" when it was re-invented on the web.
- New brands were quickly established and becamoe dominant.
The modern Internet
- In the late 1990s in the boom there was a great deal of Fiber optic that was installed in the Us
- High speed and long distance were cheap and common
- Many national bakbone network emerged - commercial, government,academic.etc.
- There networks swap data at "peering points" so we see one seamless Internet - after about 1999 - this was all pretty boring - it just woked.
week5
Research network:
- it isn't efficency enough.
Packet switching:
- Then the Packet Switching was invented, a message is broke into pieces and saved in packets. Then the packets were transported in different way to one destination. Finally, these messages are reassembled in right sequence.
- The Packet Switching has such charactirastic:1.Chanllenge: in a simple approach, like store-and-forwanrd, large messages block small ones. 2. Break each message into packets. 3. Can allow the packets from a single message to reavel over different paths, dynamicall adjusting for use. 4. Use special-purpose compuetr, called routers, for the traffic controled.
Shared Network:
-
In order to keep cost low and the connections short geographically - data would be forwarded through several router.
-
Getting across the country usually takes about 10 "hops".
-
Network designers continually add and remove links to links to "tune" their networks.
-
The process :Host A->Router->...->Router->Host B..
Layered Network Model:
- A layered approach allows the problem of designing a network to be broken into more manageable sub problems.
- Best-known model:TCP/IP--the " Internet Protocal Suite".
- There was also a 7 layer OSI: open System Interconnecion Model.
- Four layers:
- Application Layer: Web, E-Mail, File Transfer.
- Transport Layer Web. E-mail, File Transfer.
Layered Architecture
- The Physical and Internet Layers are like trucks and trains - they haul stuff and get it to the right loading dock - it takes multiple steps
- The Transport layer checks to see if the trucks made it and send the stuff again if necessary.
- Internetwork Layer(IP): Simble,Unreliable.
- Link Layer(Ethernet,WiFi):Physical Connections.
Four layers
- Link Layer
- As your data crosses the country may use a different physical medium for each "hop".
- Wire , Wireless, Fiber Optic, et.
- The link is "one hop" - Is it up or down? Connected or not?
- Very narrow focus - no view at all of the "while Internet".
- Physical addresses are to allow systems to identify themselves on the ends of a single link;
- Physical addresses go no farther than one link.
- Sometimes links like Wifi and Wired Ethernet are shared with multiple computers.
Sharing Nicely - Avoiding Chaos
- Wait for silence
- Begin Transmitting data
- Listen for your own data
- if you cannot hear your own data clearly. assume a collisoin , stop to wait before trying again
- Each sysstem waits a different amout of time to avoid "too much Politeness"
Ehternet
- Invented at PARC
- The first Local - Area- Network
- Connected PC's to laser printers
- Inspired by an earlier wirless network called Aloha from the University of Hawaii.
- If two computers transmit data simultaneously, they will tranport the data back and transmit it again.
Internet Protocol Layer
- Goal:Gets your data from this computer to the other computer half way across the world
- Each router knows about nearby routers.
- IP is best effort - it is OK to drop data if things go bad...
IP Addresses
- The IP address is the worldwide number whitch is associated with one particular work station or server
- Every system which will send packets directly out across the Internet must have a unique IP address
- IP addresses are based on where station is connected
- IP addresses are not controlled by a single organization - address ranges are assigned
- They are like phone numbers - they get recognized once in a great while
IP Address Format
- Four numbers with dots - each number 1-255(32 bits)
- Kind of like phone numbers with an "area code"
- The prefix of the address is "which network", the two number of IP address is the simble of places, the later two number of IP adress stand for the computer.
- While the data is traversing the Internet - all that matters is the network number
- Routers ask each other for information
Non - Routable Addresses
- A typical home router does Network Address Translation(NAT)
- Your ISP gives your home router a real global routable address
- Your router gives out local addresses in a special range(192.168..)
- The router maps remote addresses for each connention you make from within your home network
Peering into the Internet
- Most systems have a command that will reveal the route taken across the internet(traceroute on Mac and tracert on Windows)
- Each IP packet has a field called "Time to Live"-TTL
- The TTL is used to deal with loops in the network - normally if routers got confused and ended up with a loop - the network would clog up rapodly
How traceroute works
- Normal packet are sent with a Time to Liv(TTL) oof 255 hops
- Trace route sends a packet with TTL=1,TTL=2
- So each packet gets part-way there and then gets dropped and traceroute gets a notification of where the drop happens
- This builds a map of the nodes that a packet visits when crossing the Internet.
The perfect is the enemy of the good
- IP Does:Best dffort to get data across bunch of hops from one network to another network
- IP Does Not: Guarantee delivery - if things go bad - the data can vanish
- Best effort to keep track of the good and bad path of trafic - tries to pick better path when possiple
- This makes it fast and scaable to very large networks - and ultimate "reliable" because it does not try to do too much
havest
- (Perhaps, those are not completely correct)
- The prefix of the IP address is stand for a specific network, the later two number is aabout "translation".
- Every TTL is between 0-255, when it increases to 0, the packet will be throw away by the router.
- The speed of data transportation is very fast so that we don't have to control the place the data goes, just "random".
week6
Review: The Magic of IP
- What it does - Tries to get one packet across a 5-20 of hops from one network to another network
- Keeps track of the good and bad paths for traffic - tries to pick better paths when possile
- But no guarantee of delievery - if things go bad - the data vanishes
- This makes it fast and scalable - and ultimately "reliable " because t does not try to do too "everything"
Internet Protocol
- So many links/hops
- So many routes
- Thinks can change gynamically and IP has o react(links up/down)
- IP can drop packets
Transport Protocol (TCP)
- Built on top of IP
- Assumes IP might lose some data
- In case data gets lost - we keep a copy of the data a we send until we get and acknowledgement
- if it takes "too long "- just send it again
- TCP is to compensate for the possible errors in the IP layer as wel as make best use of available resources
- The TCP break messages into pieces。
Domain Name System
- Numeric addresses like 141.211.63.45 are great for Internet routers but lousy for people
- Each campus end up with a lot of net work(141.2221..,65.43.21.*)
- Sometimes(rarely) The IP address number sget regniczed
- When server physically move they nedd new IP addresses
DNS:Internet Address Book
- The Domain Name System is a big faast distributed databese of Internet names to Internet "phone numbers"
- IP Addresses refelct technical "geography"
- 141.211.63.44 - read left to right like a phone number
- Damain names relect organizational structure
- www.si.unich.edu - read right to left like postal address
- 2455 North Quad. Ann Arbor MI 48109 USA Earth
week 7
Quick Review
- Link layer: gets the data onto the link, and manages collisions on s single hop
- Internet layer:moves the daata over one hop,trying to get it "closer" to its destination
- Transport layer: Assumes that the internet layer may lose data, so request retransmission when needed--provides a nice reliable pipe from source to destination
Ports
- Like extensions in a phone number
- The IP address network number (the are code ) gets to the LAN
- The IP address host number (the telephone number )gets you to the destination machine
- The port (the exension) gets you to a specific application
HTTP - Hypertext Transport
- The dominant Application Layer Protocol on the Internet
- Invented for the Web - to Retrieve HTML, Images, Documents etc
- Extended to be data in addition to documents - RSS, Web Services etc..
- Basic Concept -Make a Connection - Request a document - Retrieve the Document - Close the Connection
HTTP Request / Response Cycle
- You click on a link, information will be sent to the Browswer, and the Browser sends HTTP request to Web Server,then the server sents HTTP Response back ,finally we can see documents in the Browser.
- Click->requset->reponse->display
- Markup language describes how this doc, how this page supposed to be shown.
Internet Standards
- www.ietf.org
- The standard for all of the Internet protocols (inner workings)are developed by an organization
- Internet Engineering Task Force(IETF)
- Standard are called "RFCs" - "Request for Comments"
Application Layer Summary
- We start with a "pipe" abstraction - we can send and receive data on the same "socket"
- We can optionally add a security layer to TCP using SSL - Secure Socket Layer (aka TLS - Transport LAYer Security)
- We use well known "port numbers" so that applications can find a particular application wihin a server such as a mail server, web service ,etc.
The Internet: An Amazing Design
- Hundreds of millions of computers
- Thousand of routers inside the Internet
- Hundreds of millins of simultabeous connections
- Trillions of byte of data moved per seccond aroung the world
- And it works
The Internet
- It is said that "The Internet is the largest single engineering effort ever created by mankind"
- It was created to work in an organic way - to repair itself and automatically adjust when parts fail
- No one part of the Internet knows all of the Internet (like life)
- It is never 100% up - but it seems up all the time
We are not done experimenting
- There is still very active exploration on how network technology can be improved
- Content-Centric Networking is only one advanced idea
- Router in the future can have lots of memoy - lets try not to send the sane piece of data more than once.
week8
Confidentiality
- Prevent unauthorized viewing of private information
Integrity
- Information is from who you think it is from and has not been modified since it was sent.
Terminology
- Plaintext is a message that will be put into secret form.
- Ciphertext is a transformed version of plaintext that is unintelligible.
Two kinds of systems
- Two basic types of cryptosystems exist, secret-key and public-key.
- In a secret-key scheme,the key used for encryption must be the same key used for decryption. Also called symmetric-key cryptosystem.
- Secret-key cryptosystems have the problem of secure key distribution to all parties using the cryptosystem.
Cryptographic Hash
- Input->cryptographic hash function->Digest
- A tiny change in input will lead to completely change in digest.
- A reliable site will never store your plaintext, when you reset you original key, you can just reset it without getting your original key.
Messge Integrity
- When you get a message from someine, did that message realy come from whi=o you think it came from?
- Was the message altered while in transit or is the copy you received the same as the copy that was sent?
Simple Message Signing
- Shared secret transported securely 'out of band'
- Before sending the message, concatente the secret to the message
- Compute the SHA1 digest of the message+secret
- Send message + digest across insecure transport.
Secret Key Shortcomings
- Every pair of people/systems need a secret key
- In the Internet, key distribution cannot be via the Internet because communications are insecure until you get the key!
- For the Internet to work we need an approach where keys can cross the insecure Internet and be intercepted without compromising security.
Public Key
- A message encrypted with one of the keys can only be decrypted with the pther key.
- It is computationally infeasible to recover one key from the other.
- Public-key cryptosystems solve the problem of secure key distribution because the public key can be openly revealed to anyone without weakening the cryptosystem.
Generating Public/Private Pairs
- Choose two large random prime numbers
- Multiply them
- Compute public and private keys from that very large number.
Tansport Layer Security(TLS)
- Use to be called "Secure Sockets Layer"(SSL)
- Can view it as an extra layer "betwwen" TCP and the application layer
- It is very difficult but no imposiible to break this security - normal people do have the necessary compute resources to break TLS
- Encrypting and decryption takes resources - so we use it for things whenn it is needed
- The IP and TCP are unaware whether data has been encrypted
Public-Key Issues
- Public-key crptosystems have the problem of securely associating a public key with an individual
- I am about to type in my credit card and sent it - am I being Phished?
- The remote server sent me a public key.
- Should I use it? Is this really Amazon's Public key?
Summary
- Message Confidentiality/Message Integrity
- Encrypting / Decrypting
- Message digests and message signing
- Shared Secret Key/Public Private Key