UNIT 5

Communication and the

Internet
Contents
01. Network 02. Network Security

03. The internet and

the world wide web

Dr.MTK
Network

An arrangement of computers and other devices

connected together to share resources and data.

Network Service
An app running on a server which provides
facilities or operations such as data storage, printing
or communications.

Dr.MTK
“
A network is a collection of two or more
computers that are connected together for the
purpose of sharing resources and data. Many
networks include servers. A server is a powerful
computer that provides the network with
services, such as storing file. A small network
might have one server, whereas a large business
network could have tens or hundreds of servers.
Why networks used?

The network allows multiple users:

- To read/write personal files on a central server.
- To access shared files among several users.
- To download data or updates to computer programs.
- To send data to a shared printer.
- To access the internet.
- To communicate with each other.

Dr.MTK
“
L AN (Local area network)

A network that covers a relatively small

geographical area, often a single site. This
is often a single site, such as home, a
hospital or a factory.
“
W LAN (Wireless Local area network)

A local area network in which connected

devices use high-frequency radio waves to
communicate. A wireless router allows all the
computer devices in a household to access the
internet and share devices such as printers and
external hard drives.
“
WAN (Wide area network)

A network that covers a large geographical

area, usually across several sites of an
organisation. It connects together two or more
LANs and is usually under shared ownership.
The largest wide area network is the internet.
“
PAN (Personal area network)

A network communicating between computer

devices, such as laptops, mobile phones,
tablets, media players, speakers and printers.
They may be devices belonging to one person or
to several. It is a network used for data
transmission over short distances.
“
T he devices usually communicate wirelessly
over distance of up to 10 metres by radio waves
using a technology called Bluetooth.

Bluetooth a protocol for the short-range

wireless interconnection of mobile phones,
computers and other electronic devices.
Dr.MTK
“
T here are two main models relating to
computer networks:

1. Client-Server network

2. Peer-To-Peer network
Client-Server Network

• There is at least one server, which is a powerful computer that provides a service or services to the network,
individual computers are referred to as the client computers.

• The server will authenticate the user and then give the user access to the files that he/she has been given
permission to access.

• The server provides services to the clients as required.

Dr.MTK
Client-Server Network

A client accesses data or files from a server using the following process:

1. A client will make a connection to the server using its address. The server will know the address of the client
because this will be included in the request for a connection.

2. Once the connection has been made, the client will make a service request to the server.

3. If the request is valid, the server will send the requested data to the client using the address identified in step
1.

Dr.MTK
Peer-to-Peer Network

• A network that doesn’t have any dedicated servers. Each computer can act as both a client and a server.
• Each computer in a peer-to-peer network can provide a service, such as share some files or provide access to a
printer.
• Each computer can also request services from any other computer that has been configured to provide that
service.
• Some instant messaging systems use a peer-to-peer service to allow users to chat in real time.
• There is no central server that you sign on to and your messages are sent directly to the recipient.

Dr.MTK
Dr.MTK
“
There are several different ways that the
connections between networked devices
can be arranged. Four network
topologies:
1. Bus
2. Ring
3. Star
4. Mesh
Bus

▪ A bus network consists of a single cable to which each networked device is connected.
▪ Messages are sent along the cable in the form of electronic signals. At each end of the cable is a terminator.
▪ A bus network only has one cable, only one message can be sent at any one time.
▪ A bus network needs a system to deal with multiple devices sending a message at the same time.
▪ A collision occurs when two or more network devices send a message at the same time, making all the
message unreadable.

Dr.MTK
Bus

Dr.MTK
Bus

Dr.MTK
Ring

▪ A ring network is a network in which the cable connects one network device to another in a closed loop, or ring.
▪ Each network device has what can be thought of as an ‘in’ and an ‘out’ connection.
▪ Messages sent on a ring network all travel in the same direction and, unlike a bus network, there are no
collisions.
▪ Data is passed from one device to the next around the ring until it reaches its destination.

Dr.MTK
Ring

Dr.MTK
Ring

Dr.MTK
Star

▪ In a star topology, each network device is connected to a central point (hub or switch).
▪ A central hub receives and directs messages to the correct recipients.
▪ The star topology is the most widely used, but it does require a lot of cabling because each device is connected
to the central point.

Dr.MTK
Star

Dr.MTK
Star

Dr.MTK
Mesh

▪ Two types of mesh topology - fully connected and partially connected.

▪ In fully connected mesh network, every network device is connected to every other network device.
▪ In partially connected nesh network, some network devices may be connected to multiple other devices.
However, others might only be connected to one other device.
▪ Each device in a mesh network will pass messages on to other devices within the network.
▪ Mesh networks can be wired or wireless.
▪ The largest mesh network of all is the Internet.

Dr.MTK
Mesh

Dr.MTK
Mesh

Dr.MTK
Dr.MTK
Network Data Speed

▪ Being able to measure the speed of a network allows you to:

▪ Discover whether an equipment upgrade is necessary
▪ Estimate how long it will take to download a file
▪ Discover whether actual performance lives up to the promises made by the service provider

▪ Measured in bits per seconds (bps, b/s, or bit/s)

▪ Latency – the delay encountered by data travelling through a network.
▪ The amount of data that can be carried from one point to another on a network in a given period of time is
referred to as its bandwidth which is expressed as bits per second (bps).

Dr.MTK
Dr.MTK
Protocol

▪ A protocol is a set of rules that control how communications between devices are formatted and how these
communication will be sent/received.
▪ There are many different protocols for different purposes.

Dr.MTK
Email Protocol

Dr.MTK
Network Protocol

▪ Ethernet – it is a family of protocols that are used in wired LANs. They cover everything from the physical parts
of a network, such as type of cable or optical fibre and type of connector to be used, to the logical parts, such
as how data is sent and checked for errors and the speed that data can be transmitted.
▪ Wifi - a digital communications protocol that sets out how data is transmitted on wireless LANs,
▪ TCP - The transmission Control Protocol provides a reliable connection between computers.
▪ TCP does reliable connection by:
▪ Specifying that the receiving computer sends acknowledgements that each section of the data sent has been
received
▪ Using checksums to ensure that the data received is accurate
▪ Allowing the receiving computer to tell the sending computer to slow down transmission. This means the
receiving computer has time to process the received data (this is called flow control)
▪ Ensuring that data sent up to the application layer contains no duplicates and is in the correct order.
▪ TCPDr.MTK
is used when you access web pages, send/receive email or upload/download files.
TCP/IP

▪ Transmission Control
Protocol/Internet
Protocol

Dr.MTK
Data Packet

▪ Packet – a small quantity of

data being sent through a
network. The packet is labelled
with the sender’s address
(source), the recipient’s address
(destination), how many packets
are being transmitted and the
position of this packet in the
complete message.

Dr.MTK
Protocol

▪ HTTP – The hypertext transfer protocol (HTTP) is used when sending and receiving data between web browsers
and web servers. The HTTP protocol covers how data should be formatted, what commands the web server and
web browser should understand and how they should react to each command.
▪ HTTPS – The Hypertext Transfer Protocol Secure (HTTPS) is the secure version of HTTP. The data between your
web browser and the web server is encrypted. It should prevent the data being sent/received from being read
by a third party.
▪ FTP - File Transfer Protocol is used to transfer files over a network that uses the TCP protocol, such as the
Internet.
▪ IP – Internet Protocol deals with:
▪ The addressing system to identify individual computers/servers on the network
▪ Splitting data into packets and adding the packet header with details such as the sender/receiver addresses.

Dr.MTK
Application
Layer
Protocol

Dr.MTK
Benefits of using Networking Layer

▪ It makes the overall model easier to understand by dividing it into functional parts.
▪ Each layer is specialized to perform a particular function.
▪ The different layers can be combined in different ways.
▪ One layer can be developed or changed without affecting the other layers.
▪ It makes it easier to identify and correct networking errors and problems.
▪ It provides a universal standard for hardware and software manufacturers to follow.

Dr.MTK
Mobile Communication

▪ A wireless network distributed through cells where each cell includes a fixed location transceiver known as a
base station. Each cell offers coverage of between 9 and 21 miles.
▪ When a user moves out of range, the signal falls and the base station makes a request to transfer control to
another base station that is receiving the strongest signals without notifying the subscriber called handover.
▪ GSM (Global system for Mobile Communications)
▪ Generation, 2G, 3G, 4G and 5G

Dr.MTK
Mobile Communication

Dr.MTK
Network Security

▪ Network security activities designed to protect a network and its data from threats such as virus, hacker
attacks, denial of service attacks, data interception and theft, and equipment failure.
▪ Confidentiality – a situation where you would expect something to be kept secret.
▪ Some ways to protect data confidentiality include:
▪ Ensuring only authorized users can access the parts of a network and its resources that they have a reason to
require.
▪ Stopping misuse
▪ Encrypting data

Dr.MTK
Network Security

▪ Correctness – Use of the network to communicate and store data must not change the data or allow the data to
be changed without authorization.
▪ Availability – A network is useless if data cannot be accessed when it is needed.
▪ Denial of Service (DoS) – an attack on a network that attempts to prevent legitimate users from accessing its
services.
▪ DoS attacks can
▪ Slow down network performance or stop it working altogether
▪ Delete data
▪ Allow data to be stolen or eavesdropped on
▪ Alter data or program code
▪ REASON WHY SECURITY IS IMPORTANT (TO READ page 222)

Dr.MTK
Authentication and Validation

▪ Authentication – The process of checking the identity of a user of a computer system or network.
▪ Two-factor authentication – a security check where users have to type in the code from a portable hardware
device called a ‘secure token’ or from an SMS message sent to their mobile phone.
▪ Access control – decides which users have access to which data, and what they are allowed to do with it.

Dr.MTK
Authentication and Validation

▪ Authentication – The process of checking the identity of a user of a computer system or network.
▪ Two-factor authentication – a security check where users have to type in the code from a portable hardware
device called a ‘secure token’ or from an SMS message sent to their mobile phone.
▪ Access control – Method that controls whether a particular user will gain access to a particular file. Access
control also decides if that user gets:
▪ Read-only access – the user can open the file and read its contents, but not modify the contents or delete the
file.
▪ Read and write access (modify access) – the user can read the file, alter the contents and then save the
changes.

Dr.MTK
Firewall

▪ A network security system that monitors and controls data that is moving from one network to another.
▪ A firewall inspects incoming and outgoing data and uses a set of rules.
▪ These rules decide whether to allow the data to move from one network to another or not.
▪ The rules in a firewall are designed to secure the internal network from a range of potential threats.
▪ The organization that owns the firewall can customize the rules so that the firewall is suitable for their particular
circumstances.
▪ Firewalls can be software or hardware based.

Dr.MTK
Physical Security

▪ Physical security ensures that critical parts of the network can only be physically accessed by authorized
people, such as the network technicians or a system administrator.
▪ It also includes protecting against theft of equipment. It might involve installing a burglar alarm, security tagging
and physically locking down equipment, etc.
▪ Physical security is very important because anyone with physical access to the server can more easily bypass
the security provided by the authentication system or access control system.

Dr.MTK
Cloud Storage Security

▪ Advantages on Availability of data

▪ Cloud storage provider maintain the hardware and software needed to make the data available.
▪ The amount of storage available to an organization can easily be changed as and when required.
▪ Having data stored off-site means that it is protected from loss due to fire, theft of computers/servers, electrical
failure, and so on.
▪ Many cloud storage systems also manage the back-u[ of your data.

Dr.MTK
Cloud Storage Security

▪ Disadvantages on Availability of data

▪ Relying on a third-party storage provider to keep your organization running.
▪ Data stored anywhere accessible via the Internet carries the risk of other people gaining access to it.
▪ Users of cloud storage provider might have its servers located in a different country to your organisation. Some
types of data can only legally be stored in countries that have similar data protection laws to our own.
▪ Access to cloud storage is dependent on having a reliable, high-speed Internet connection available.
▪ These can be reduced by the following:
▪ Many cloud storage providers will store your data at multiple locations so that fire, flood, hardware or electrical
failure should have no major impact on accessing your data.
▪ You can encrypt your data so that it is much more difficult to read while it is either being transformed to/from
the cloud storage provider or stored on the provider’s servers.

Dr.MTK
Network-attached Storage (NAS)

▪ NAS is a hardware device that is connected to a network to provide file storage for any device connected to that
network.
▪ A typical NAS device designed for home use could consist of a single hard drive and associated network
hardware, while an organization’s NaS device might consist of many hard drives and the associated network
hardware.
▪ NAS devices often include a wide range of additional features, such as allowing access over the Internet, and
specialist apps to allow smartphones and tablets to access the files stored on the NAS easily.
▪ Disadvantages:
▪ Often NAS devices are designed for ease of use rather than being secure.
▪ Once a NAS is connected to the Internet it becomes possible for it to be hacked remotely.

Dr.MTK
Ways to Prevent Security risk on NAS

▪ Decide if the data does indeed have to be accessible over the Internet and if NAS is the correct storage device
for the data.
▪ If the data needs to be available over the Internet, then ensure you use a complex password.
▪ Remove any default passwords and ensure that all software patches (updates) are applied.

Dr.MTK
Cyber Attack

▪ Any kind of electronic attack on a computer system, server, network or other IT device. These attacks might be
designed to :
▪ Gain access to data contained within the system
▪ Delete or modify information
▪ Make the system unavailable for use
▪ Physically damage a device connected to the network

Dr.MTK
Types of Cyber Attack

▪ Social Engineering – any kind of attack on a computer system or network that takes advantage of how people
behave and respond to certain situations.
▪ Phishing – Attempting to get confidential information by sending a user a message that appears to come from a
trustworthy person or organization.
▪ Shoulder Surfing – Gaining access to information by watching someone enter it into a computer system.
▪ Pharming – Directing internet users to a fake website that looks like a real one, in order to obtain personal
information such as passwords, account numbers, etc.

Dr.MTK
Technical Weakness (Vulnerability)

▪ Unpatched Software – software hasn’t had the latest security updates applied to it, making it vulnerable to
attack.
▪ USB Devices – it can potentially be a security threat because it might contain malware that could be transferred
to your system or copy data to the attacker via the internet.
▪ Eavesdropping – Intercepting data being sent to/from another computer system. A person can eavesdrop on a
conversation without the speakers knowing about it, eavesdropping on a network is simply reading data without
actually copying or stealing it.
▪ Code vulnerability - a computer program (the code) that has been written in such a way that it creates a
security issue that may be taken advantage of to gain access to the computer system or data within it.

Dr.MTK
Protecting Against Security Weakness

▪ Code Vulnerability can be minimized by two ways:

▪ 1. Review by another programmer, usually someone who is more senior and has more experience of writing
secure code.
▪ 2. An automatic review by using a specialist piece of software.

▪ Modular Testing - testing each block of code as it is completed to ensure the code works as expected.
▪ Audit trail – a record of activities that have taken place on a computer system. This record is generated
automatically and will record what has happened and who or what made the change.

Dr.MTK
Reduce the chance of cyber attack

▪ Use an audit trail.

▪ Use secure operating system.
▪ Provide effective network security.

Dr.MTK
Identifying Vulnerabilities

1. Ethical Hacking – it is looking for weakness in software and systems so that they can be improved while
hacking is seen as ‘bad’ if someone is trying to gain access to a system to steal data or cause damage.
2. Penetration Testing – also called pen testing is where the IT systems of an organization are deliberately
attacked to find any weaknesses. These attacks are authorized by the organization and are therefore legal. The
attacks might be run by employees of the organization or by a business that has been contracted to run the
tests.
3. Using Commercial analysis tools
4. Reviews of network and user policies

Dr.MTK
Thank you

Dr.May Thu Kyaw

[email protected]