IB Computer Science Syllabus Notes

    with notes by Dave Mulkey, Germany, 2015

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Topic 3—Networks (9 hours)

3.1 Networks (9 hours)

Assessment statement

Explanations and Examples

Network
fundamentals

3.1.1


Identify different types of networks.

LAN - Local Area Network - a network inside one organization or one building

traditionally made of wires and hubs connecting servers and clients.  Typically in a business, connecting employee's PCs to the company's servers.

WAN - Wide Area Network - a network that spans many computers in widely separate locations, e.g. separate cities for example, linking bank offices and ATMs.  WANS usually include connections that are public, e.g. not owned by the company - like the public telephone lines


VLAN - Virtual LAN - it seems to be a LAN, and is all controlled by one organization.  Commonly PART of a LAN, isolated with no connection to other parts of the actual physical LAN.  Makes sense for security purposes, isolating sensitive resources.


WLAN - Wireless LAN also called WIFI - using mostly radio connections to "access point" hubs, with wires connecting the hubs to the servers.  Rarely provides direct wireless connections between clients and servers, as cables (wires) are much faster.


SAN - Storage Area Network - a network containing large amounts of storage (HDD).  Usually virtualized so users don't need to worry about the actual machines containing the storage devices - commonly "data centers"


VPN - Virtual Private Network - provides secure, private connections between clients and servers, running across public connections like phone line - typically running across the Internet

Security issues (encryption) are very important here.


PAN - Personal Area Network - used to connect devices belonging to one user, or maybe a family.  Typically running through wireless router in a home.


P2P - Peer to Peer - communicates between "equal" clients, without using servers.  Commonly used in the Internet to exchange files directly between client PCs.

3.1.2


Outline the importance of standards in the construction of networks.

ASCII  - Before networks (1950's and 1960's) computers were all non-standard, custom built devices.  They used "custom" storage methods, including non-standard character-code systems. Once there were enough computers containing enough data to make communication and data exchange useful, standard storage systems were needed.  Then ASCII was invented in the early 1960's, making it possible to exchange data and information easily.   Original ASCII was 7-bits plus a parity bit (128 codes).  Later this expanded to 8-bits (without a parity bit) to provide 256 codes.


UNICODE - Much later (1990s) this was expanded to UNICODE, because ASCII did not include codes for "foreign" languages like Chinese, Russian, Persian, etc.   UNICODE is 16-bits, providing codes for 65536 different characters.


Ethernet - a standard for LAN connections.  This includes a communication protocol, as well as a standard type of connection card and standard cables.  Without such standards, we could not ensure that new machines could connect successfully to an existing network.


3.1.3


Describe how communication over networks is broken down into different layers.


Students must not know the names of all the levels, but at least:
Applications (SW)
Protocols (OS)
Physical (HW)


OSI - Open System Interconnection

By establishing STANDARD layers with specific responsibilities, it's possible to implement communication (networking) with interchangeable modules.  For example, if a new Operating System is created (e.g. Android), it's responsibilities must be implemented (programmed) inside the OS.  But it's not necessary to also create a new browser (although this might actually be optimized for the system).


http://1.bp.blogspot.com/-yPHtWF43D8c/TY-PxT-KqNI/AAAAAAAAAAo/1OaBHHrsEKE/s1600/osi-model-7-layers.png

3.1.4


Identify the technologies required to provide a VPN.

VPN = Virtual Private Network
Client machine, server, connection (probably via Internet),
encryption software, client software (not necessarily a browser),

often a "relay" server (but not necessarily)

3.1.5


Evaluate the use of a VPN.

Virtual Private Network - VPN provides "the best of both worlds" -
- mobility -  convenience through remote connections

- security - equivalent safety to that provided in a LAN

This permits employees - including important administrators -

to work from home or during a trip, but still have access to

sensitive and private data stored on the company's servers.

This often uses non-standard, hence secure, communication protocols. 
A simple version uses non-standard PORT numbers

for the communication channel.  Simple VPNs only make connections
between one client and one server. More complex

versions may provide direct connections between clients, e.g P2P.

Data transmission

3.1.6


Define the terms: protocol, data packet.

Protocol = a clear and effective set of rules for communication,
  including specific steps for starting a conversation, continuing
  the conversation, making decisions about when to continue or
  stop, and a specific way for ending the conversation


Data Packet = a small collection of data that is part of a larger
  communication.  For example, a video may be broken into
  smaller packets - maybe 16 KiloBytes each - that are "streamed"
  one after another out to the client.  Notice that in the Internet,
  there is no guarantee that packets will arrive in the same order
  they were sent, so the recipient must reassemble the packets
  in the correct order to make a complete and coherent whole.


Examples of Commonly Used Protocols


TCP/IP = Transmission Control Protocol / Internet Protocol

includes IP addresses, packet-switching strategies,
error correction strategies, handshaking methodologies, etc


HTTP = Hyper Text Transport Protocol
used by clients and servers in the WWW

An HTTP session is a sequence of network request-response transactions. An HTTP client initiates a request by establishing a Transmission Control Protocol (TCP) connection to a particular port on a server (typically port 80; see List of TCP and UDP port numbers). An HTTP server listening on that port waits for a client's request message. Upon receiving the request, the server sends back a status line, such as "HTTP/1.1 200 OK", and a message of its own. The body of this message is typically the requested resource, although an error message or other information may also be returned. (Wikipedia)


FTP = File Transport Protocol

This was the most common protocol used in the Internet before
the WWW was invented in 1990.


SMTP = Simple Mail Transfer Protocol

used by email servers to send email from one to another

Notice that this is a "push" technology - email is SENT to
the recipient, whereas HTTP is a "pull" technology - web-pages
are requested before they are sent.


3.1.7


Explain why protocols are necessary.

Integrity - means that the data arrives unchanged, reliably.

It is common that electro-magnetic interference or other faults
corrupt data during transmission.  


Error Checking - The data is sent in packets and each packet
contains some error-checking codes, for example

a check-sum for the entire packet, which is a complicated

calculation done on all the bytes in the packet.  When a packet

arrives, the recipient performs the check-sum algorithm to check
whether the result matches the result that was transmitted.  If the

results don't match, the recipient sends an error message back

to the transmitter and asks for a retransmission.


Parity Check - For smaller transmissions, such as a password in a LAN,
we might use
parity checks.  This is a single bit that accompanies a Byte,
tellings whether the sum of all the bits is
even or odd. 
Again, the recipient checks whether the received parity bit correctly matches
the received Byte - if not it asks for retransmission
 


Flow Control - If a server is busy, like CNN during an important
news event, then a client might request a web-page and the

web-page does not arrive quickly.  Then the client might assume

that the request never arrived, so it sends another request.  If lots

of clients are making repeated requests, the server will queue-up
all the requests, making a longer an longer list of unfinished work.

This can make the server slower and slower, and eventually the
server needs to be shut don't.  Flow Control should prevent such

disasters, by cleverly managing the flow of data and requests. 
For example, it's better to immediately send back a "busy" message,

rather than just NOT sending the requested data - causing the
client to wait an unpredictable amount of time.  If multiple servers
are available, perhaps in various geographical locations (like Google's servers)
flow control can re-route requests to a less busy server.


Deadlock - when two (or more) competing tasks are each preventing each other from finishing.  So the system keeps trying over and over again to finish one of the tasks, but keeps getting interrupted by the other.  In modern OS's, this seldom happens, but a common example is a PC that has too many processes running and is unsuccessfully trying to "swap" some of them to virtual memory.  Every swap operation takes time, and this overhead makes the system unstable - we call this "thrashing".  Deadlock implies that the problem is NEVER going to end.


Congestion - similar to deadlock, but only causing a significant slowdown. 
This usually refers to the communication channels

(wires and routers) rather than the servers.


How do protocols help?  

Protocols are a set of RULES that control how communication happens.  For example, if a client sends a request to a server, the protocol might require an immediate response - either the requested data or a message saying that the server is busy and there may be a delay.  Even if the data will be sent quickly, the server might still send an acknowledge message, saying that it received the request. Another example is handshaking.  When two devices start communicating, they must agree on the transmission speed that will be used.  If the speed is set too high, there may be lots and lots of errors, resulting in lots and lots of retransmissions, meaning the high transmission speed actually slows down communication.  Packet sizes, error-detection protocols and flow control (choose a different channel or server) all contribute to fewer problems and overall faster data transfer.

3.1.8


Explain why the speed of data transmission across a network can vary.

Depending on the amount of traffic in the network and the frequency of errors (due to interference), transmission speed can speed up or slow down.  It would be foolish for a server to transmit data 10 times faster than the client can actually receive it.  Also, the server may have other things to do (many client connections), so it might choose to send lots of small packets at a high speed, rather than very large packets at a slower speed.

3.1.9


Explain why compression of data is often necessary when transmitting across a network.

In the distant past, file sizes were quite small - several kilobytes of text.  The advent of multimedia (pictures, videos and sound) significantly increased file sizes.  A normal picture is well over 1 MegaByte.  And there are lots and lots of files being transmitted in most networks.  Sending all this data in uncompressed form would saturate (overwhelm) the available bandwidth, resulting in substantial delays.  So compression is commonly used to reduce file sizes and hence reduce the overall amount of data being transmitted (traffic).  This is effective as long as the client receiving the data is powerful enough to decompress the data quickly.  If not, then we can use lossy compression, where some details are simply removed (lost).  A typical example is to send a low-resolution version of a video, say 320x200, rather than an HD (high definition) version at 1920x1080.  This means 30 times less data is transmitted, but then a lot details are removed when so many pixels are removed.  Some researchers claim that 50% of Internet traffic is videos.  If these were all uncompressed (raw), nothing would work any more.

3.1.10


Outline the characteristics of different transmission media.

Metal cables (copper) - CAT 5 cables work reliably up to 100 meters, at speeds like 100 Megabits per second.  Cables can be relatively expensive in a large building with a long cable to each client, and with substantial installation costs for drilling holes and making connections.  But the cables are highly reliable and provide relatively good security, since physical access is required if someone wishes to steal data.


Wireless (WIFI) - radio signals like 802.11n, which supports well over 100 Megabits per second.  Unfortunately WIFI is subject to substantial interference from steel in walls and other radio signals.  WIFI is generally inexpensive to install, especially because many devices can share the same "access point" (hub), without needing a cable for each device.  The range is substantially less than 100 meters (more like 30 m).  Reliability is generally good due to adjustable transmission speeds and good error-detection, but security is poor since the signal can be received outside the building.


Fibre Optic - tiny glass fibres, bundled inside a protective cable wall.  The fibres carry light (optical signals, rather than electricity.  The light signals are considerably faster than electrical signals, they are NOT disrupted by electro-magnetic interference, and the optical fibres are a lot thinner than metal cables - so one optical fibre cable carries a lot more data (higher bandwidth) than similarly sized copper cable.  Hence speed (actually bandwidth) is much higher.  But fibre cables are a lot more expensive than copper, requiring significantly more sophisticated manufacturing techniques.  Also, the fibre must connect into a special box that converts the optical signals to electronic signals, and these boxes are also expensive.  Besides high bandwidth, one large attraction of fibre is that it will not attract lightning strikes and will not "short-out" when wet, making it very popular for use outside of buildings.  The light signals decay slowly, so distances of 50 kilometers or more are possible, making fibre optic the principal medium for the Internet Backbone.  "Hacking" into a fibre optic signal is considerably more difficult than tapping into a copper cable, so security is considerably better.

3.1.11


Explain how data is transmitted by packet switching.

Here is a good explanation of Packet Switching at HowStuffWorks

Wireless networking

3.1.12


Outline the advantages and disadvantages of wireless networks.

Physical issues are outlined above in 3.1.10.

Wireless is very popular now because it provides high mobility (no need to be connected to a cable) at low installation costs.  A university can outfit the entire campus with WIFI connections by installing hundreds of access points.  A cabled version would require a huge number of cables, and users would have difficulty moving around.  The combination of high mobility and low cost have made WIFI the primary network technology for most homes and most public locations.  Cables are still popular in businesses who require a higher level of security.  A combination of the two - providing secure cables for some purposes and convenient WIFI for other purposes - is very popular in the business world.

3.1.13


Describe the hardware and software components of a wireless network.

WIFI Hardware -


 Access points - radio receivers that communicate with digital devices like   

    laptops and Smartphones.


 Cables -  Most access points are then connected by a cable to a telephone

     line or into a cabled LAN.


WIFI Enabled Device - computer, Smartphone, television, etc.  Any device with an antenna and a WIFI chip/card and a suitable OS.  If a device does NOT contain WIFI support, a "dongle" might be added and plugged into a USB port, assuming the OS will support this.  This might not work in an older computer.


Mobile Devices - devices like tablets and Smartphones are purposely designed for portability, depending on batteries and designed to be small and easily carried around.  These are virtually all intended for WIFI connections, and probably don't contain a network cable connector (RJ 45).


WIFI Software -

WIFI support is provided as standard modules in most OS's installed in devices requiring the support.  Application software is normally the same for WIFI or cabled networks, so no specific applications are required.  It might be the case that NOT ALL browsers run on a device - say a Smartphone - but probably SOME browser will work.


Cloud -  Mobile devices make extensive use of "cloud computing", especially online data storage and browser-based "apps".  This adds to the portability of the device, making personal data available around the world by storing it on a web-server.

3.1.14


Describe the characteristics of wireless networks.

WIFI - 802.11 hubs like you see at home and in school, at MacDonalds and the airport, etc.  Data rates around 100 Megabits per second.


3G = 3rd generation - that is the cell phone (handy) network providing WEB DATA access. 
This is NOT what you need for cell phone voice calls.  But you could use it for VoIP
(Voice Over IP).  "a minimum data rate of 2 Mbit/s for stationary or walking users,
and 384 kbit/s in a moving vehicle," (Wikipedia)


WiMAX Worldwide Interoperability for Microwave Access -
"is a
wireless communications standard designed to provide 30 to 40 megabit-per-second
data rates,
[1] with the 2011 update providing up to 1 Gbit/s[2] for fixed stations" (Wikipedia)

Limited versions of WiMAX are available in various places around the world,
but usage is still not very common.  


Future Networks???


3.1.15


Describe the different methods of network security.

WEP - Wired Equivalent Privacy - this was the first encryption technology widely used in WIFI.  It uses a 40-bit key. "Although its name implies that it is as secure as a wired connection, WEP has been demonstrated to have numerous flaws and has been deprecated in favour of newer standards such as WPA2." (Wikipedia)


WPA2 - WiFi Protected Access - "makes use of the Advanced Encryption Standard (AES) block cipher" (Wikipedia)  This is considerably more secure than WEP, using up to 256 bits for the key.  It has not yet been "cracked".


MAC - Media Access Control - a unique identifier for every network device in the world (!!)  Some WIFI access points require the MAC address to be added to the list of permitted devices, so a new user with a new device will be denied access.  This is considerably safer than WEP or WPA2, because knowing the key is not enough - your device must be added into the approved list by a system administrator.  This would be impractical in a public area like a school, but is quite easily done in a home network.


userID - This happens at a higher level than other protocols.  For example, if you want to use WIFI in a hotel, your computer is allowed direct connection to the hotel's network.  Then you must supply a user ID and a password before the network will allow you to connect to the Internet.  The hotel might charge for the service, and so the network will limit the number of days that your account is valid.

3.1.16

Evaluate the advantages and disadvantages of each method of network security.

userID - simple to implement (requires only software), easy to manage, very flexible.


MAC - more trouble to set up and manage than others, but highest level of security (assuming we can trust the administrator).  Limits the number and variety of devices that can be used.


WEP - easy to setup and use, but "broken" because the key is too short


WPA2 - easy to setup and use, not "broken" like WEP, but less secure than MAC because any device can be used as long as the user knows the key


Discussion Questions


(1) Explain 2 differences between the World-Wide-Web and a Wide-Area-Network.


(2) Outline a sensible SECURITY system for use in a Peer-to-Peer network.


(3) The OSI Layers model is supposed to provide standardization for Network communications.

     Explain why other standards like ASCII, UNICODE and HTML are still needed, even though
     they are not part of the OSI standard.


(4) Explain why SOFTWARE is more important than HARDWARE when setting up a VPN.


(5) Explain why WIFI and VPN might BOTH be needed to provide mobility for some users.


(6) Explain the different roles of HTTP and HTML in the World-Wide-Web.


(7) Oultine 2 advantages that make Optical Fibre better than Copper Cables for outdoor use.


(8) Outline the most important difference between how SMTP transfers email
    and how HTTP distributes web-pages.


(9) Explain the importance of check-sums ina packet-switching system.


(10) Explain two essential differences between MAC security and userID security
      in a wireless network connection.


~~~~~~~~


(11) Assume that a bank director wishes to be able to work from home.
He wants to access secret documents as well as public documents from his bank's servers.


   (a) Outline one advantage and one disadvantage of using a wireless (WIFI) connection at home.


   (b) Outline one advantage and one disadvantage of using VPN.

  (c )  Explain why he might be able to work WITHOUT using HTTP.


  (d)  Explain why the documents probably contain ASCII codes.


  (e)  Outline 2 ways that ENCRYPTION might be used in this system.


~~~~~~~~