ISO/OSI

OSI stands for Open Systems Interconnection, where open stands to say non-
proprietary. It is a 7-layer architecture with each layer having specific functionality to
perform. All these 7 layers work collaboratively to transmit the data from one person to
another across the globe. The OSI reference model was developed by ISO –
‘International Organization for Standardization‘, in the year 1984.
The OSI model provides a theoretical foundation for understanding network
communication. However, it is usually not directly implemented in its entirety in real-
world networking hardware or software. Instead, specific
protocols and technologies are often designed based on the principles outlined in
the OSI model to facilitate efficient data transmission and networking operations

What is OSI Model?

The OSI model, created in 1984 by ISO, is a reference framework that explains the
process of transmitting data between computers. It is divided into seven layers that
work together to carry out specialised network functions, allowing for a more
systematic approach to networking.

Data Flow In OSI Model

When we transfer information from one device to another, it travels through 7 layers of
OSI model. First data travels down through 7 layers from the sender’s end and then
climbs back 7 layers on the receiver’s end.
Data flows through the OSI model in a step-by-step process:
 Application Layer: Applications create the data.
 Presentation Layer: Data is formatted and encrypted.
 Session Layer: Connections are established and managed.
 Transport Layer: Data is broken into segments for reliable delivery.
 Network Layer: Segments are packaged into packets and routed.
 Data Link Layer: Packets are framed and sent to the next device.
 Physical Layer: Frames are converted into bits and transmitted physically.
Each layer adds specific information to ensure the data reaches its destination
correctly, and these steps are reversed upon arrival.

Let’s look at it with an Example:

Luffy sends an e-mail to his friend Zoro.
Step 1: Luffy interacts with e-mail application like Gmail, outlook, etc. Writes his email
to send. (This happens in Layer 7: Application layer)
Step 2: Mail application prepares for data transmission like encrypting data and
formatting it for transmission. (This happens in Layer 6: Presentation Layer)
Step 3: There is a connection established between the sender and receiver on the
internet. (This happens in Layer 5: Session Layer)
Step 4: Email data is broken into smaller segments. It adds sequence number and error-
checking information to maintain the reliability of the information. (This happens
in Layer 4: Transport Layer)
Step 5: Addressing of packets is done in order to find the best route for transfer. (This
happens in Layer 3: Network Layer)
Step 6: Data packets are encapsulated into frames, then MAC address is added for
local devices and then it checks for error using error detection. (This happens in Layer
2: Data Link Layer)
Step 7: Lastly Frames are transmitted in the form of electrical/ optical signals over a
physical network medium like ethernet cable or WiFi.
After the email reaches the receiver i.e. Zoro, the process will reverse and decrypt the
e-mail content. At last, the email will be shown on Zoro’s email client.
The OSI model consists of seven abstraction layers arranged in a top-down order:
1. Physical Layer
2. Data Link Layer
3. Network Layer
4. Transport Layer
5. Session Layer
6. Presentation Layer
7. Application Layer
Physical Layer – Layer 1
The lowest layer of the OSI reference model is the physical layer. It is responsible for
the actual physical connection between the devices. The physical layer contains
information in the form of bits. It is responsible for transmitting individual bits from one
node to the next. When receiving data, this layer will get the signal received and convert
it into 0s and 1s and send them to the Data Link layer, which will put the frame back
together.

Functions of the Physical Layer

 Bit Synchronization: The physical layer provides the synchronization of the bits
by providing a clock. This clock controls both sender and receiver thus providing
synchronization at the bit level.
 Bit Rate Control: The Physical layer also defines the transmission rate i.e. the
number of bits sent per second.
 Physical Topologies: Physical layer specifies how the different, devices/nodes
are arranged in a network i.e. bus, star, or mesh topology.
 Transmission Mode: Physical layer also defines how the data flows between the
two connected devices. The various transmission modes possible are Simplex,
half-duplex and full-duplex.
Note:
 Hub, Repeater, Modem, and Cables are Physical Layer devices.
 Network Layer, Data Link Layer, and Physical Layer are also known as Lower
Layers or Hardware Layers.
Data Link Layer (DLL) – Layer 2
The data link layer is responsible for the node-to-node delivery of the message. The
main function of this layer is to make sure data transfer is error-free from one node to
another, over the physical layer. When a packet arrives in a network, it is the
responsibility of the DLL to transmit it to the Host using its MACaddress.
The Data Link Layer is divided into two sublayers:
 Logical Link Control (LLC)
 Media Access Control (MAC)
The packet received from the Network layer is further divided into frames depending on
the frame size of the NIC(Network Interface Card). DLL also encapsulates Sender and
Receiver’s MAC address in the header.
The Receiver’s MAC address is obtained by placing an ARP(Address Resolution
Protocol) request onto the wire asking “Who has that IP address?” and the destination
host will reply with its MAC address.
Functions of the Data Link Layer
 Framing: Framing is a function of the data link layer. It provides a way for a sender
to transmit a set of bits that are meaningful to the receiver. This can be
accomplished by attaching special bit patterns to the beginning and end of the
frame.
 Physical Addressing: After creating frames, the Data link layer adds physical
addresses (MAC addresses) of the sender and/or receiver in the header of each
frame.
 Error Control: The data link layer provides the mechanism of error control in
which it detects and retransmits damaged or lost frames.
 Flow Control: The data rate must be constant on both sides else the data may get
corrupted thus, flow control coordinates the amount of data that can be sent before
receiving an acknowledgment.
 Access Control: When a single communication channel is shared by multiple
devices, the MAC sub-layer of the data link layer helps to determine which device
has control over the channel at a given time.

Note:
 Packet in the Data Link layer is referred to as Frame.
 Data Link layer is handled by the NIC (Network Interface Card) and device drivers
of host machines.
 Switch & Bridge are Data Link Layer devices.

Network Layer – Layer 3

The network layer works for the transmission of data from one host to the other located
in different networks. It also takes care of packet routing i.e. selection of the shortest
path to transmit the packet, from the number of routes available. The sender &
receiver’s IP addresses are placed in the header by the network layer.
Functions of the Network Layer
 Routing: The network layer protocols determine which route is suitable from
source to destination. This function of the network layer is known as routing.
 Logical Addressing: To identify each device inter-network uniquely, the network
layer defines an addressing scheme. The sender & receiver’s IP addresses are
placed in the header by the network layer. Such an address distinguishes each
device uniquely and universally.
Note:
 Segment in the Network layer is referred to as Packet.
 Network layer is implemented by networking devices such as routers and
switches.
Transport Layer – Layer 4
The transport layer provides services to the application layer and takes services from
the network layer. The data in the transport layer is referred to as Segments. It is
responsible for the end-to-end delivery of the complete message. The transport layer
also provides the acknowledgment of the successful data transmission and re-transmits
the data if an error is found.
At the sender’s side: The transport layer receives the formatted data from the upper
layers, performs Segmentation, and also implements Flow and error control to
ensure proper data transmission. It also adds Source and Destination port numbers in
its header and forwards the segmented data to the Network Layer.
Note: The sender needs to know the port number associated with the receiver’s
application.
Generally, this destination port number is configured, either by default or manually. For
example, when a web application requests a web server, it typically uses port number
80, because this is the default port assigned to web applications. Many applications
have default ports assigned.
At the receiver’s side: Transport Layer reads the port number from its header and
forwards the Data which it has received to the respective application. It also performs
sequencing and reassembling of the segmented data.
Functions of the Transport Layer
 Segmentation and Reassembly: This layer accepts the message from the
(session) layer, and breaks the message into smaller units. Each of the segments
produced has a header associated with it. The transport layer at the destination
station reassembles the message.
 Service Point Addressing: To deliver the message to the correct process, the
transport layer header includes a type of address called service point address or
port address. Thus by specifying this address, the transport layer makes sure that
the message is delivered to the correct process.
Services Provided by Transport Layer
 Connection-Oriented Service
 Connectionless Service
1. Connection-Oriented Service: It is a three-phase process that includes:
 Connection Establishment
 Data Transfer
 Termination/disconnection
In this type of transmission, the receiving device sends an acknowledgment, back to the
source after a packet or group of packets is received. This type of transmission is
reliable and secure.
2. Connectionless service: It is a one-phase process and includes Data Transfer. In
this type of transmission, the receiver does not acknowledge receipt of a packet. This
approach allows for much faster communication between devices. Connection-oriented
service is more reliable than connectionless Service.
Note:
 Data in the Transport Layer is called Segments.
 Transport layer is operated by the Operating System. It is a part of the OS and
communicates with the Application Layer by making system calls.
 The transport layer is called as Heart of the OSI model.
 Device or Protocol Use : TCP, UDP NetBIOS, PPTP

Session Layer – Layer 5

This layer is responsible for the establishment of connection, maintenance of sessions,
and authentication, and also ensures security.
Functions of the Session Layer
 Session Establishment, Maintenance, and Termination: The layer allows the
two processes to establish, use, and terminate a connection.
 Synchronization: This layer allows a process to add checkpoints that are
considered synchronization points in the data. These synchronization points help to
identify the error so that the data is re-synchronized properly, and ends of the
messages are not cut prematurely and data loss is avoided.
 Dialog Controller: The session layer allows two systems to start communication
with each other in half-duplex or full-duplex.
Note:
 All the below 3 layers(including Session Layer) are integrated as a single layer in
the TCP/IP model as the “Application Layer”.
 Implementation of these 3 layers is done by the network application itself. These
are also known as Upper Layers or Software Layers.
 Device or Protocol Use : NetBIOS, PPTP.

Example
Let us consider a scenario where a user wants to send a message through some
Messenger application running in their browser. The “Messenger” here acts as the
application layer which provides the user with an interface to create the data. This
message or so-called Data is compressed, optionally encrypted (if the data is sensitive),
and converted into bits (0’s and 1’s) so that it can be transmitted.

Communication in Session Layer

Presentation Layer – Layer 6

The presentation layer is also called the Translation layer. The data from the
application layer is extracted here and manipulated as per the required format to
transmit over the network.
Functions of the Presentation Layer
 Translation: For example, ASCII to EBCDIC.
 Encryption/ Decryption: Data encryption translates the data into another form or
code. The encrypted data is known as the ciphertext and the decrypted data is
known as plain text. A key value is used for encrypting as well as decrypting data.
 Compression: Reduces the number of bits that need to be transmitted on the
network.
Note: Device or Protocol Use: JPEG, MPEG, GIF.
Application Layer – Layer 7
At the very top of the OSI Reference Model stack of layers, we find the Application layer
which is implemented by the network applications. These applications produce the data
to be transferred over the network. This layer also serves as a window for the application
services to access the network and for displaying the received information to the user.
Example: Application – Browsers, Skype Messenger, etc.
Note: The application Layer is also called Desktop Layer.
Device or Protocol Use : SMTP.
Functions of the Application Layer
The main functions of the application layer are given below.
 Network Virtual Terminal(NVT): It allows a user to log on to a remote host.
 File Transfer Access and Management(FTAM): This application allows a user to
access files in a remote host, retrieve files in a remote host, and manage or
control files from a remote computer.
 Mail Services: Provide email service.
 Directory Services: This application provides distributed database sources
and access for global information about various objects and services.
Note: The OSI model acts as a reference model and is not implemented on the Internet
because of its late invention. The current model being used is the TCP/IP model.
OSI Model – Layer Architecture
Information
Layer Layer Form (Data
No Name Responsibility Unit) Device or Protocol

Helps in
identifying the
Application
client and Message SMTP
Layer
synchronizing
7 communication.
 Information
Layer Layer Form (Data
No Name Responsibility Unit) Device or Protocol

Data from the

application
layer is
Presentation extracted and
Message JPEG, MPEG, GIF
Layer manipulated in
the required
format for
6 transmission.

Establishes
Connection,
Message
Maintenance,
Session (or
Ensures Gateway
Layer encrypted
Authentication
message)
and Ensures
5 security.

Take Service
from Network
Transport Layer and
Segment Firewall
Layer provide it to the
Application
4 Layer.

Transmission
of data from
one host to
Network
another, Packet Router
Layer
located in
different
3 networks.

Node to Node
Data Link
Delivery of Frame Switch, Bridge
Layer
2 Message.
 Information
Layer Layer Form (Data
No Name Responsibility Unit) Device or Protocol

Establishing
Physical
Physical Hub, Repeater, Modem,
Connections Bits
Layer Cables
between
1 Devices.

OSI vs TCP/IP Model

TCP/IP protocol ( Transfer Control Protocol/Internet Protocol ) was created by U.S.
Department of Defense’s Advanced Research Projects Agency (ARPA) in 1970s.
Some key differences between the OSI model and the TCP/IP Model are:
 TCP/IP model consists of 4 layers but OSI model has 7 layers. Layers 5,6,7 of the
OSI model are combined into the Application Layer of TCP/IP model and OSI
layers 1 and 2 are combined into Network Access Layers of TCP/IP protocol.
 The TCP/IP model is older than the OSI model, hence it is a foundational protocol
that defines how should data be transferred online.
 Compared to the OSI model, the TCP/IP model has less strict layer boundaries.
 All layers of the TCP/IP model are needed for data transmission but in the OSI
model, some applications can skip certain layers. Only layers 1,2 and 3 of the OSI
model are necessary for data transmission.

OSI vs TCP/IP


Advantages of OSI Model
The OSI Model defines the communication of a computing system into 7 different layers.
Its advantages include:
 It divides network communication into 7 layers which makes it easier to understand
and troubleshoot.
 It standardizes network communications, as each layer has fixed functions and
protocols.
 Diagnosing network problems is easier with the OSI model.
 It is easier to improve with advancements as each layer can get updates
separately.
Disadvantages of OSI Model
 Complexity: The OSI Model has seven layers, which can be complicated and hard
to understand for beginners.
 Not Practical: In real-life networking, most systems use a simpler model called the
Internet protocol suite (TCP/IP), so the OSI Model isn’t always directly applicable.
 Slow Adoption: When it was introduced, the OSI Model was not quickly adopted
by the industry, which preferred the simpler and already-established TCP/IP model.
 Overhead: Each layer in the OSI Model adds its own set of rules and operations,
which can make the process more time-consuming and less efficient.
 Theoretical: The OSI Model is more of a theoretical framework, meaning it’s great
for understanding concepts but not always practical for implementation.
2. TCP and UDP
TCP UDP
Full form It stands It stands for User
for Transmission Control Datagram Protocol.
Protocol.
Type of connection It is a connection- It is a connectionless
oriented protocol, which protocol, which means
means that the that it sends the data
connection needs to be without checking whether
established before the the system is ready to
data is transmitted over receive or not.
the network.
Reliable TCP is a reliable protocol UDP is an unreliable
as it provides assurance protocol as it does not
for the delivery of data take the guarantee for the
packets. delivery of packets.
Speed TCP is slower than UDP as UDP is faster than TCP as
it performs error it does not guarantee the
checking, flow control, delivery of data packets.
and provides assurance
for the delivery of data
packets
Header size The size of TCP is 20 The size of the UDP is 8
bytes. bytes.
 Acknowledgment TCP uses the three-way- UDP does not wait for any
handshake concept. In acknowledgment; it just
this concept, if the sender sends the data.
receives the ACK, then the
sender will send the data.
TCP also has the ability to
resend the lost data.
Flow control mechanism It follows the flow control This protocol follows no
mechanism in which too such mechanism.
many packets cannot be
sent to the receiver at the
same time.
Error checking TCP performs error It does not perform any
checking by using a error checking, and also
checksum. When the data does not resend the lost
is corrected, then the data data packets.
is retransmitted to the
receiver.
Applications This protocol is mainly This protocol is used
used where a secure and where fast
reliable communication communication is
process is required, like required and does not
military services, web care about the reliability
browsing, and e-mail. like VoIP, game
streaming, video and
music streaming, etc.

NETWORK PROTOCOLS

A network protocol is a set of rules that govern data communication between different
devices in the network. It determines what is being communicated, how it is being
communicated, and when it is being communicated. It permits connected devices to
communicate with each other, irrespective of internal and structural differences.
It is essential to understand how devices communicate over a network by recognizing
network protocols. The Open Systems Interconnection (OSI), the most widely used
model, illustrates how computer systems interact with one another over a network. The
communication mechanism between two network devices is shown by seven different
layers in the OSI model. Every layer in the OSI model works based on different network
protocols. At every layer, one or more protocols are there for network communication.
To enable network-to-network connections, the Internet Protocol (IP), for instance,
routes data by controlling information like the source and destination addresses of data
packets. It is known as a network layer protocol.
Types of Network Protocols
In most cases, communication across a network like the Internet uses the OSI model.
The OSI model has a total of seven layers. Secured connections, network management,
and network communication are the three main tasks that the network
protocol performs. The purpose of protocols is to link different devices.
The protocols can be broadly classified into three major categories:
 Network Communication
 Network Management
 Network Security
1. Network Communication
Communication protocols are really important for the functioning of a network. They are
so crucial that it is not possible to have computer networks without them. These
protocols formally set out the rules and formats through which data is transferred. These
protocols handle syntax, semantics, error detection, synchronization, and
authentication. Below mentioned are some network communication protocol:
Hypertext Transfer Protocol(HTTP)
It is a layer 7 protocol that is designed for transferring a hypertext between two or more
systems. HTTP works on a client-server model, most of the data sharing over the web
is done through using HTTP.
Transmission Control Protocol(TCP)
TCP layouts a reliable stream delivery by using sequenced acknowledgment. It is
a connection-oriented protocol i.e., it establishes a connection between applications
before sending any data. It is used for communicating over a network. It has many
applications such as emails, FTP, streaming media, etc.
User Datagram Protocol(UDP)
It is a connectionless protocol that lay-out a basic but unreliable message service. It
adds no flow control, reliability, or error-recovery functions. UPD is functional in cases
where reliability is not required. It is used when we want faster transmission,
for multicasting and broadcasting connections, etc.
Border Gateway Protocol(BGP)
BGP is a routing protocol that controls how packets pass through the router in an
independent system one or more networks run by a single organization and connect to
different networks. It connects the endpoints of a LAN with other LANs and it also
connects endpoints in different LANs to one another.
Address Resolution Protocol(ARP)
ARP is a protocol that helps in mapping logical addresses to the physical addresses
acknowledged in a local network. For mapping and maintaining a correlation between
these logical and physical addresses a table known as ARP cache is used.
Internet Protocol(IP)
It is a protocol through which data is sent from one host to another over the internet. It
is used for addressing and routing data packets so that they can reach their destination.
Dynamic Host Configuration Protocol(DHCP)
it’s a protocol for network management and it’s used for the method of automating the
process of configuring devices on IP networks. A DHCP server automatically assigns
an IP address and various other configurational changes to devices on a network so
they can communicate with other IP networks. it also allows devices to use various
services such as NTP, DNS, or any other protocol based on TCP or UDP.
2. Network Management
These protocols assist in describing the procedures and policies that are used in
monitoring, maintaining, and managing the computer network. These protocols also
help in communicating these requirements across the network to ensure stable
communication. Network management protocols can also be used
for troubleshooting connections between a host and a client.
Internet Control Message Protocol(ICMP)
It is a layer 3 protocol that is used by network devices to forward operational information
and error messages. ICMP is used for reporting congestions, network errors, diagnostic
purposes, and timeouts.
Simple Network Management Protocol(SNMP)
It is a layer 7 protocol that is used for managing nodes on an IP network. There are
three main components in the SNMP protocol i.e., SNMP agent, SNMP manager, and
managed device. SNMP agent has the local knowledge of management details, it
translates those details into a form that is compatible with the SNMP manager. The
manager presents data acquired from SNMP agents, thus helping in monitoring network
glitches, and network performance, and troubleshooting them.
Gopher
It is a type of file retrieval protocol that provides downloadable files with some
description for easy management, retrieving, and searching of files. All the files are
arranged on a remote computer in a stratified manner. Gopher is an old protocol and it
is not much used nowadays.
File Transfer Protocol(FTP)
FTP is a Client/server protocol that is used for moving files to or from a host computer,
it allows users to download files, programs, web pages, and other things that are
available on other services.
Post Office Protocol(POP3)
It is a protocol that a local mail client uses to get email messages from a remote email
server over a TCP/IP connection. Email servers hosted by ISPs also use
the POP3 protocol to hold and receive emails intended for their users. Eventually, these
users will use email client software to look at their mailbox on the remote server and to
download their emails. After the email client downloads the emails, they are generally
deleted from the servers.
Telnet
It is a protocol that allows the user to connect to a remote computer program and to use
it i.e., it is designed for remote connectivity. Telnet creates a connection between a host
machine and a remote endpoint to enable a remote session.
3. Network Security
These protocols secure the data in passage over a network. These protocols also
determine how the network secures data from any unauthorized attempts to extract or
review data. These protocols make sure that no unauthorized devices, users, or
services can access the network data. Primarily, these protocols depend on encryption
to secure data.
Secure Socket Layer(SSL)
It is a network security protocol mainly used for protecting sensitive data and securing
internet connections. SSL allows both server-to-server and client-to-server
communication. All the data transferred through SSL is encrypted thus stopping any
unauthorized person from accessing it.
Hypertext Transfer Protocol(HTTPS)
It is the secured version of HTTP. this protocol ensures secure communication between
two computers where one sends the request through the browser and the other fetches
the data from the web server.
Transport Layer Security(TLS)
It is a security protocol designed for data security and privacy over the internet, its
functionality is encryption, checking the integrity of data i.e., whether it has been
tampered with or not, and authentication. It is generally used for encrypted
communication between servers and web apps, like a web browser loading a website,
it can also be used for encryption of messages, emails, and VoIP.
Some Other Protocols
Internet Message Access Protocol (IMAP)
 ICMP protocol is used to retrieve message from the mail server. By using ICMP
mail user can view and manage mails on his system.
Session Initiation Protocol (SIP)
 SIP is used in video, voice, and messaging application. This protocol is used to
initiating, Managing, Terminating the session between two users while they are
communicating.
Real-Time Transport Protocol (RTP)
 This protocol is used to forward audio, video over IP network. This protocol is used
with SIP protocol to send audio, video at real-time.
Rout Access Protocol (RAP)
 RAP is used in network management. It helps to user for accessing the nearest
router for communication. RAP is less efficient as compared to SNMP.
Point To Point Tunnelling Protocol (PPTP)
 It is used to implement VPN ( Virtual Private Network ). PPTP protocol append
PPP frame in IP datagram for transmission through IP based network.
Trivial File Transfer Protocol (TFTP)
 TFTP is the simplified version of FTP. TFTP is also used to transfer file over
internet
Resource Location Protocol (RLP)
 RLP is used to assign the resource such as server, printer, or other devices over
the internet to the user. It is used to locate the resource to the client for broadcast
query.

IP Security
IPSec refers to a collection of communication rules or protocols used to establish
secure network connections. Internet Protocol (IP) is the common standard that
controls how data is transmitted across the internet. IPSec enhances the protocol’s
security by introducing encryption and authentication. For example, it encrypts data at
the source and then decrypts it at the destination. It also verifies the source of the
data.
Uses of IP Security
IPsec can be used to do the following things:
 To encrypt application layer data.
 To provide security for routers sending routing data across the public internet.
 To provide authentication without encryption, like to authenticate that the data
originates from a known sender.
 To protect network data by setting up circuits using IPsec tunneling in which all
data being sent between the two endpoints is encrypted, as with a Virtual Private
Network(VPN) connection.
What is IPSec Encyrption?
IPSec encryption is a software function that encrypts data to protect it from unauthorized
access. An encryption key encrypts data, which must be decrypted. IPSec supports a
variety of encryption algorithms, including AES, Blowfish, Triple DES, ChaCha, and
DES-CBC. IPSec combines asymmetric and symmetric encryption to provide both
speed and security during data transmission. In asymmetric encryption, the encryption
key is made public, while the decryption key remains private. Symmetric encryption
employs the same public key to encrypt and decrypts data. IPSec builds a secure
connection using asymmetric encryption and then switches to symmetric encryption to
speed up data transmission.
Components of IP Security
It has the following components:
 Encapsulating Security Payload (ESP)
 Authentication Header (AH)
 Internet Key Exchange (IKE)
1. Encapsulating Security Payload (ESP): It provides data integrity, encryption,
authentication, and anti-replay. It also provides authentication for payload.
2. Authentication Header (AH): It also provides data integrity, authentication, and anti-
replay and it does not provide encryption. The anti-replay protection protects against
the unauthorized transmission of packets. It does not protect data confidentiality.

IP Header

3. Internet Key Exchange (IKE): It is a network security protocol designed to

dynamically exchange encryption keys and find a way over Security Association (SA)
between 2 devices. The Security Association (SA) establishes shared security attributes
between 2 network entities to support secure communication. The Key Management
Protocol (ISAKMP) and Internet Security Association provides a framework for
authentication and key exchange. ISAKMP tells how the setup of the Security
Associations (SAs) and how direct connections between two hosts are using
IPsec. Internet Key Exchange (IKE) provides message content protection and also an
open frame for implementing standard algorithms such as SHA and MD5. The
algorithm’s IP sec users produce a unique identifier for each packet. This identifier then
allows a device to determine whether a packet has been correct or not. Packets that are
not authorized are discarded and not given to the receiver.

Packets in Internet Protocol

IP Security Architecture
IPSec (IP Security) architecture uses two protocols to secure the traffic or data flow.
These protocols are ESP (Encapsulation Security Payload) and AH (Authentication
Header). IPSec Architecture includes protocols, algorithms, DOI, and Key Management.
All these components are very important in order to provide the three main services:
 Confidentiality
 Authenticity
 Integrity

IP Security Architecture

Working on IP Security
 The host checks if the packet should be transmitted using IPsec or not. This packet
traffic triggers the security policy for itself. This is done when the system sending
the packet applies appropriate encryption. The incoming packets are also checked
by the host that they are encrypted properly or not.
 Then IKE Phase 1 starts in which the 2 hosts( using IPsec ) authenticate
themselves to each other to start a secure channel. It has 2 modes. The Main
 mode provides greater security and the Aggressive mode which enables the host
to establish an IPsec circuit more quickly.
 The channel created in the last step is then used to securely negotiate the way the
IP circuit will encrypt data across the IP circuit.
 Now, the IKE Phase 2 is conducted over the secure channel in which the two hosts
negotiate the type of cryptographic algorithms to use on the session and agree on
secret keying material to be used with those algorithms.
 Then the data is exchanged across the newly created IPsec encrypted tunnel.
These packets are encrypted and decrypted by the hosts using IPsec SAs.
 When the communication between the hosts is completed or the session times out
then the IPsec tunnel is terminated by discarding the keys by both hosts.
What are IPSec modes?
 Tunnel: The IPSec tunnel mode is appropriate for sending data over public
networks because it improves data security against unauthorised parties. The
computer encrypts all data, including the payload and header, and adds a new
header to it.
 Transport: IPSec transport mode encrypts only the data packet’s payload while
leaving the IP header unchanged. The unencrypted packet header
enables routers to determine the destination address of each data packet. As a
result, IPSec transport is utilized in a closed and trusted network, such as to
secure a direct link between two computers.
Features of IPSec
 Authentication: IPSec provides authentication of IP packets using digital
signatures or shared secrets. This helps ensure that the packets are not tampered
with or forged.
 Confidentiality: IPSec provides confidentiality by encrypting IP packets,
preventing eavesdropping on the network traffic.
 Integrity: IPSec provides integrity by ensuring that IP packets have not been
modified or corrupted during transmission.
 Key management: IPSec provides key management services, including key
exchange and key revocation, to ensure that cryptographic keys are securely
managed.
 Tunneling: IPSec supports tunneling, allowing IP packets to be encapsulated
within another protocol, such as GRE (Generic Routing Encapsulation) or L2TP
(Layer 2 Tunneling Protocol).
 Flexibility: IPSec can be configured to provide security for a wide range of
network topologies, including point-to-point, site-to-site, and remote access
connections.
 Interoperability: IPSec is an open standard protocol, which means that it is
supported by a wide range of vendors and can be used in heterogeneous
environments.
What is IPSec VPN?
VPN, or virtual private network, is a networking software that enables users to browse
the internet anonymously and securely. An IPSec VPN is a type of VPN software that
uses the IPSec protocol to establish encrypted tunnels over the internet. It offers end-
to-end encryption, which means that data is broken down at the computer and then
collected at the receiving server.
Advantages of IPSec
 Strong security: IPSec provides strong cryptographic security services that help
protect sensitive data and ensure network privacy and integrity.
 Wide compatibility: IPSec is an open standard protocol that is widely supported
by vendors and can be used in heterogeneous environments.
 Flexibility: IPSec can be configured to provide security for a wide range of
network topologies, including point-to-point, site-to-site, and remote access
connections.
 Scalability: IPSec can be used to secure large-scale networks and can be scaled
up or down as needed.
 Improved network performance: IPSec can help improve network performance
by reducing network congestion and improving network efficiency.
Disadvantages of IPSec
 Configuration complexity: IPSec can be complex to configure and requires
specialized knowledge and skills.
 Compatibility issues: IPSec can have compatibility issues with some network
devices and applications, which can lead to interoperability problems.
 Performance impact: IPSec can impact network performance due to the overhead
of encryption and decryption of IP packets.
 Key management: IPSec requires effective key management to ensure the
security of the cryptographic keys used for encryption and authentication.
 Limited protection: IPSec only provides protection for IP traffic, and other
protocols such as ICMP, DNS, and routing protocols may still be vulnerable to
attacks.

Digital Signature
A Digital Signature is a verification method made by the recipient to ensure the message
was sent from the authenticated identity. When a customer signs a cheque, the bank
must verify that he issued that specific cheque. In this case, a signature on a document
acts as a sign of authentication and verifies that the document is authentic.
Suppose we have:
 Alice is the entity that sends a message or initiates communication.
 Bob represents the recipient or receiver of the message.
 Eve represents an eavesdropper or adversary who may attempt to intercept or
tamper with the communication.
In Public Key cryptography (also known as Asymmetric cryptography), the
communication process is as follows:
 Alice encrypts the message using Bob’s public key.
 The encrypted message reaches Bob.
 Bob decrypts the message sent by Alice using his private key.
Now, suppose when Alice sends a message to Bob, then Bob will check if the sender is
authentic; to ensure that it was Alice who sent the message, not Eve. For this, Bob can
ask Alice to sign the message electronically. So we can say that an electronic signature
can prove that Alice is authentic and is the one sending the message. We called this
type of signature a digital signature.
Digital Signature is a verification method. Digital signatures do not provide confidential
communication. If you want to achieve confidentiality, both the message and the
signature must be encrypted using either a secret key or a public key cryptosystem.
This additional layer of security can be incorporated into a basic digital signature
scheme.

Model of Digital Signature Process

Methods of Digital Signature

These two are standard Approaches to implement the Digital Signature:
 Rivest-Shamir-Adleman (RSA)
 Digital Signature Algorithm (DSA)
Rivest-Shamir-Adleman (RSA)
In the RSA approach, the message that needs to be signed is first fed into a hash
function that generates a secure hash code of fixed length. The sender’s private key is
then used to encrypt the hash code which makes it signature. The next step involves
sending both the signature and the message to the intended receiver. For validation
purposes, after receiving the message, the recipient first computes its hash-code. The
sender’s public key is applied by recipient to decrypt this already encrypted signature.
In case if decrypted signature corresponds to recipient-produced hashcode, that
means that signature would be considered as valid. Since only the sender has access
to the private key, only they could have produced a valid signature.
You can refer the below diagram for RSA, here,
 M = Message or Plaintext
 H = Hash Function
 || = bundle the plantext and hash function (hash digest)
 E = Encryption Algorithm
 D = Decryption Algorithm
 PUa = Public key of sender
 PRa = Private key of sender

RSA approach

Digital Signature Algorithm (DSA)

The DSA (Digital Signature Algorithm) approach involves using of a hash function to
create a hash code, same as RSA. This hash code is combined with a randomly
generated number k as an input to a signature function. The signature function
depends on the sender’s private key (PRa) as well as a set of parameters that are
known to a group of communicating principals. This set can be considered as a global
public key (PUG). The output of the signature function is a signature with two
components, s and r. When an incoming message is received, a hash code is
generated for the message. This hash code is then combined with the signature and
input into a verification function. The verification function depends on the global public
key as well as the sender’s public key (PUa) which is paired with the sender’s private
key. The output of the verification function returns a value equal to the signature’s
component r, if the signature is valid. The signature function is designed in such a way
that only the sender, with knowledge of the private key, can produce a valid signature.
You can refer below diagram for DSA, where,
 M = Message or Plaintext
 H = Hash Function
 || = bundle the plantext and hash function (hash digest)
 E = Encryption Algorithm
 D = Decryption Algorithm
 PUa = Public key of sender
 PRa = Private key of sender
 Sig = Signature function
 Ver = Verification function
 PUG = Global public Key
 DSA Approach

Primary Termologies
 User’s Private Key (PR): This key is publicly known and can be shared with
anyone. It’s used to verify digital signatures created with a corresponding private
key.
 User’s Public Key (PU): A top-secret cryptographic key only possessed by the
user is used in DSA algorithm’s digital signature generation. As it is, the private key
must be kept secret and secure because it proves that a given user is genuine.
 Signing (Sig): Signing involves creating a digital signature with the help of a user’s
private key. In case of DSA, this process requires mathematical operations to be
performed on the message that should be signed using a given private key in order
to generate a unique signature for that message.
 Verifying (Ver): Verifying is the process of verifying whether or not a digital
signature has been forged using its corresponding public key. In DSA, this involves
comparing the messages hash against the verification value through mathematical
operations between two binary strings – one representing an encrypted data and
another one representing plain-text original message.
Steps to Perform DSA
The Digital Signature Algorithm (DSA) is a public-key technique (i.e., assymetric
cryptography) and it is used to provide only the digital signature function, and it cannot
be used for encryption or key exchange.
The Steps to perform the Digital Signature Algorithm can be broadly divided into:
 Global Public-Key Components
 User’s Private Key
 User’s Public Key
 Signing
 Verifying
1. Global Public-Key Components
There are three parameters that are public and can be shared to a set of users.
 A prime number p is chosen with a length between 512 and 1024 bits such that q
divides (p – 1). So, p is prime number where 2L-1 < p <2L for 512<= L<=1024 and
L is a multiple of 64; i.e., bit length of between 512 and 1024 bits in increments of
64 bits.
 Next, an N-bit prime number q is selected. So, q is prime divisor of (p – 1), where
2N-1 < q < 2N i.e., bit length of N bits.
 Finally, g is selected to be of the form h(p-1)/q mod p, where h is an integer
between 1 and (p – 1) with the limitation that g must be greater than 1. So, g is =
h(p – 1)/q mod p, where h is any integer with 1 < h < (p – 1) such that h(p-1)/q mod
p > 1.
If a user has these numbers, then it can selects a private key and generates a public
key.
2. User’s Private Key
The private key x should be chosen randomly or pseudorandomly and it must be a
number from 1 to (q – 1), so x is random or pseudorandom integer with 0 < x < q.
3. User’s Public Key
The public key is computed from the private key as y = gx mod p. The computation of
y given x is simple. But, given the public key y, it is believed to be computationally
infeasible to choose x, which is the discrete logarithm of y to the base g, mod p.
4. Signing
If a user want to develop a signature, a user needs to calculates two quantities, r and
s, that are functions of the public key components (p, q, g), the hash code of the
message H(M, the user’s private key (x), and an integer k that must be generated
randomly or pseudorandomly and be unique for each signing. k is generated randomly
or pseudorandomly integer such that 0<k < q.

Signing

5. Verification
Let M, r′, and s′ be the received versions of M, r, and s, respectively.
Verification is performed using the formulas shown in below:
 w = (s′)-1 mod q
 u1 = [H(M′)w] mod q
 u2 = (r′)w mod q
 v = [(gu1 yu2) mod p] mod q
The receiver needs to generate a quantity v that is a function of the public key
components, the sender’s public key, and the hash code of the message. If this value
matches the r value of the signature, then the signature is considered as valid.
TEST: v = r′
 Verification

Now, at the end it will test on the value r, and it does not depend on the message or
plaintext as, r is the function of k and the three global public-key components as
mentioned above. The multiplicative inverse of k (mod q) when passed to the function
that also has as inputs the message hash code and the user’s private key. The
structure of this function is such that the receiver can recover r using the incoming
message and signature, the public key of the user, and the global public key.
It is given that there is difficulty in taking discrete logarithms, it is not feasible for an
attacker to recover k from r or to recover x from s. The only computationally
demanding task in signature generation is the exponential calculation gk mod p.
Because this value does not depend on the message to be signed, it can be computed
ahead of time. Indeed, a user could precalculate a number of values of r to be used to
sign documents as needed. The only other somewhat demanding task is the
determination of a multiplicative inverse, k-1 .
Services
 Message Authentication: A secure digital signature scheme, like a secure
conventional signature (one that cannot be easily copied) can provide message
authentication (also referred to as data-origin authentication). Bob can easily
confirm that the plaintext/message is sent by Alice as Alice’s public key is used for
verification and the Alice’s public key woult not verify the signature signed by Eve’s
private key. Hence, A digital signature provides message authentication.
 Message Integrity: When we sign a whole message, its integrity remains intact
because if the message changes, we won’t get the same signature. Nowadays,
digital signature methods use a special function called a hash function in both
signing and verifying to ensure the message’s integrity.
 Nonrepudiation: If Alice signs a message and later claims she didn’t, can Bob
provide evidence that she did? For example, if Alice instructs a bank (Bob) to
transfer $10,000 to Ted’s account and then denies sending the message, Bob
needs to keep the signed message and use Alice’s public key to recreate it.
However, this approach may not work if Alice changes her keys or disputes the
 authenticity of the file. A solution is involving a trusted third party. This trusted party
can authenticate messages and prevent Alice from denying them. In this setup,
Alice sends her message along with her identity, Bob’s identity, and her signature
to the trusted center. The center verifies the message’s authenticity and
timestamps it before creating its own signature. This process ensures that if Alice
denies sending the message later, the center can provide evidence to settle the
dispute. Encryption can also be added for confidentiality. Thus, nonrepudiation is
achievable through a trusted party.
Advantages of DSA
Authentication: At some point, digital signatures ensure strong identity authentication
for the sender. The recipient can be sure that the message or document was signed by
the purported signatory.
 Integrity: Digital signatures ensure the integrity of the content. If something is
altered in the content after the signature is made, then it becomes invalid with
respect to verifying the content.
 Non-Repudiation: A digital signature gives non-repudiation, meaning the sender
cannot disclaim his creation of that document post factum. Most relevant in legal
and contractual issues.
 Efficiency: Digital signatures make the process of signing electronic and automate
it, giving way to fast online transactions free from the need of manual verification,
paperwork, and a physical signature.
 Security: As long as the whole digital signing process is well organized, digital
signatures may prove to be secure. Cryptographic public key cryptography and
hashing algorithms prevent unauthorized parties from forging digital signatures.
 World Acceptance: Such a mechanism (digital signatures) to represent the
conclusion of the related transaction in case of legal or contractual terms is known
and widely accepted all over the world.
 Timestamping: Timestamping would also make another secure layer against
replay attacks and against the freshness of the signature.
 Cost Savings: The digital signing process discontinues the need for transporting
documents, thereby saving on costs to be done with printing, courier services, and
manual handling.
Disadvantages of DSA
 Key Management Complexity: Cryptographic keys that are used for signing
documents must be properly managed. Generating, storing, and distributing keys
in a secure manner are all complicated procedures that need to be attended to,
and revocation has to be handled carefully.
 Infrastructure Dependence: Digital signatures are built on a secure and reliable
infrastructure of Public Key Infrastructure (PKI) and Certificate Authorities. If the
infrastructure is compromised or becomes unavailable, it may compromise trust in
digital signatures.
 Legal and Regulatory Challenges: Although many people are increasingly using
digital signatures, there might still be legal and regulatory challenges in some
places. It will be very important to observe local laws and standards.
 Initial Setup Costs: A proper setup of an extensive digital signature system may
include the cost of obtaining certificates for digital certificates, putting in place
safety measures, and training of the users.
 Offline Usability: In the event of not having access to the signer’s private key,
digital signatures are found to be challenged. Solutions of hardware tokens and
secure elements add to the complexity.
 User Education: Education of the proper application and value of digital
signatures is necessary in order that the users should be educated in use. The
correct measures to be taken against vulnerability, as well as being aware of any
possible threat, are important in successful implementation.
 Vulnerability to Key Compromise: Private keys need to be safeguarded from
unauthorized access since one compromised private key can initiate fraudulent
signatures.

FIREWALL
A firewall can be defined as a special type of network security device or a software
program that monitors and filters incoming and outgoing network traffic based on a
defined set of security rules. It acts as a barrier between internal private networks
and external sources (such as the public Internet).

The primary purpose of a firewall is to allow non-threatening traffic and prevent malicious
or unwanted data traffic for protecting the computer from viruses and attacks. A firewall
is a cybersecurity tool that filters network traffic and helps users block malicious software
from accessing the Internet in infected computers.

Network Firewalls
Network Firewalls are the devices that are used to prevent private networks from
unauthorized access. A Firewall is a security solution for the computers or devices that
are connected to a network, they can be either in the form of hardware as well as in
form of software. It monitors and controls the incoming and outgoing traffic (the amount
of data moving across a computer network at any given time ).
The major purpose of the network firewall is to protect an inner network by separating it
from the outer network. An inner Network can be simply called a network created inside
an organization and a network that is not in the range of an inner network can be
considered an Outer Network.
A firewall is a network security device, either hardware or software-based, which
monitors all incoming and outgoing traffic and based on a defined set of security rules
accepts, rejects, or drops that specific traffic.
 Accept: allow the traffic
 Reject: block the traffic but reply with an “unreachable error”
 Drop: block the traffic with no reply
A firewall is a type of network security device that filters incoming and outgoing network
traffic with security policies that have previously been set up inside an organization. A
firewall is essentially the wall that separates a private internal network from the open
Internet at its very basic level.

Types of Network Firewalls

Packet Filters
It is a technique used to control network access by monitoring outgoing and incoming
packets and allowing them to pass or halt based on the source and destination Internet
Protocol (IP) addresses, protocols, and ports. This firewall is also known as a static
firewall.

Packet Filter Firwall

Stateful Inspection Firewalls

It is also a type of packet filtering that is used to control how data packets move through
a firewall. It is also called dynamic packet filtering. These firewalls can inspect that if the
packet belongs to a particular session or not. It only permits communication if and only
if, the session is perfectly established between two endpoints else it will block the
communication.

Application Layer Firewalls

These firewalls can examine application layer (of OSI model) information like
an HTTP request. If finds some suspicious application that can be responsible for
harming our network or that is not safe for our network then it gets blocked right away.

Next-generation Firewalls
These firewalls are called intelligent firewalls. These firewalls can perform all the tasks
that are performed by the other types of firewalls that we learned previously but on top
of that, it includes additional features like application awareness and control, integrated
intrusion prevention, and cloud-delivered threat intelligence.

Circuit-level Gateways
A circuit-level gateway is a firewall that provides User Datagram Protocol (UDP)
and Transmission Control Protocol (TCP) connection security and works between an
Open Systems Interconnection (OSI) network model’s transport and application layers
such as the session layer.

Software Firewall
The software firewall is a type of computer software that runs on our computers. It
protects our system from any external attacks such as unauthorized access, malicious
attacks, etc. by notifying us about the danger that can occur if we open a particular mail
or if we try to open a website that is not secure.

Hardware Firewall
A hardware firewall is a physical appliance that is deployed to enforce a network
boundary. All network links crossing this boundary pass-through this firewall, which
enables it to perform an inspection of both inbound and outbound network traffic and
enforce access controls and other security policies.

Cloud Firewall
These are software-based, cloud-deployed network devices. This cloud-based firewall
protects a private network from any unwanted access. Unlike traditional firewalls, a
cloud firewall filters data at the cloud level.
Hardware Firewall vs Software Firewall
A hardware firewall is a separate physical device placed between a network and its
connected devices. It monitors and controls incoming and outgoing network traffic
based on set security rules. Setting up a hardware firewall requires skilled personnel for
proper installation and ongoing management.
In contrast, a software firewall runs on a server or virtual machine. It operates on a
security-focused operating system, typically using standard hardware resources.
Software firewalls can often be quickly implemented using cloud automation tools.
Both hardware and software firewalls are crucial for network security. The choice
between them depends on specific needs and deployment contexts.
Working of Firewalls
Firewalls can control and monitor the amount of incoming or outgoing traffic of our
network. The data that comes to our network is in the forms of packets(a small unit of
data), it is tough to identify whether the packet is safe for our network or not, this gives
a great chance to the hackers and intruders to bombard our networks with various
viruses, malware, spam, etc.
There is no as such best firewall architecture. The choice of firewall architecture for any
network depends upon its use cases, requirements, budgets etc. In our network if we
are having threat at Application layer then Application layer firewall can be best. If we
are having threat at session layer then circuit level gateways can be best.
Advantages
 Monitors Network Traffic : A network firewall monitors and analyzes traffic by
inspecting whether the traffic or packets passing through our network is safe for
our network or not. By doing so, it keeps our network away from any malicious
content that can harm our network.
 Halt Hacking: In a society where everyone is connected to technology, it becomes
more important to keep firewalls in our network and use the internet safely.
 Stops Viruses : Viruses can come from anywhere, such as from an insecure
website, from a spam message, or any threat, so it becomes more important to
have a strong defense system (i.e. firewall in this case), a virus attack can easily
shut off a whole network. In such a situation, a firewall plays a vital role.
 Better Security: If it is about monitoring and analyzing the network from time to
time and establishing a malware-free, virus-free, spam-free environment so
network firewall will provide better security to our network.
 Increase Privacy: By protecting the network and providing better security, we get
a network that can be trusted.
Disadvantages
 Cost: Depending on the type of firewall, it can be costly, usually, the hardware
firewalls are more costly than the software ones.
 Restricts User: Restricting users can be a disadvantage for large organizations,
because of its tough security mechanism. A firewall can restrict the employees to
do a certain operation even though it’s a necessary operation.
 Issues With The Speed of The Network: Since the firewalls have to monitor
every packet passing through the network, this can slow down operations needed
to be performed, or it can simply lead to slowing down the network.
 Maintenance: Firewalls require continuous updates and maintenance with every
change in the networking technology. As the development of new viruses is
increasing continuously that can damage your system.

Checksum
Checksum is the error detection method used by upper layer protocols and is
considered to be more reliable than LRC, VRC and CRC. This method makes
the use of Checksum Generator on Sender side and Checksum Checker on
Receiver side.
 At the Sender side, the data is divided into equal subunits of n bit length by the
checksum generator. This bit is generally of 16-bit length. These subunits are
then added together using one’s complement method. This sum is of n bits. The
resultant bit is then complemented. This complemented sum which is called
checksum is appended to the end of original data unit and is then transmitted to
Receiver.


 The Receiver after receiving data + checksum passes it to checksum checker.
Checksum checker divides this data unit into various subunits of equal length
and adds all these subunits. These subunits also contain checksum as one of
the subunits. The resultant bit is then complemented. If the complemented
result is zero, it means the data is error-free. If the result is non-zero it means
the data contains an error and Receiver rejects it.
 Example –
If the data unit to be transmitted is 10101001 00111001, the following
procedure is used at Sender site and Receiver site.
 Sender Site :

 10101001 subunit 1
00111001 subunit 2
11100010 sum (using 1s complement)
00011101 checksum (complement of sum)
 Data transmitted to Receiver is –



 Receiver Site :

 10101001 subunit 1
00111001 subunit 2
00011101 checksum
11111111 sum
00000000 sum's complement

Result is zero, it means no error.

 Advantage :
The checksum detects all the errors involving an odd number of bits as well as
the error involving an even number of bits.
  Disadvantage :
The main problem is that the error goes undetected if one or more bits of a
subunit is damaged and the corresponding bit or bits of a subunit are damaged
and the corresponding bit or bits of opposite value in second subunit are also
damaged. This is because the sum of those columns remains unchanged.
 Example –
If the data transmitted along with checksum is 10101001 00111001 00011101.
But the data received at destination is 00101001 10111001 00011101.
 Receiver Site :

 00101001 1st bit of subunit 1 is damaged
10111001 1st bit of subunit 2 is damaged
00011101 checksum
11111111 sum
00000000 Ok 1's complement
 Although data is corrupted, the error is undetected.

Flow Control

o It is a set of procedures that tells the sender how much data it can transmit before
the data overwhelms the receiver.
o The receiving device has limited speed and limited memory to store the data.
Therefore, the receiving device must be able to inform the sending device to stop
the transmission temporarily before the limits are reached.
o It requires a buffer, a block of memory for storing the information until they are
processed.

Two methods have been developed to control the flow of data:

o Stop-and-wait
o Sliding window

Stop-and-wait

Simple Stop and Wait

At Sender
 Rule 1) Send one data packet at a time.
 Rule 2) Send the next packet only after receiving acknowledgment for the
previous.
At Receiver
 Rule 1) Send acknowledgement after receiving and consuming a data packet.
 Rule 2) After consuming packet acknowledgement need to be sent (Flow Control)

Problems Associated with Stop and Wait

1. Lost Data
Assume the sender transmits the data packet and it is lost. The receiver has been
waiting for the data for a long time. Because the data is not received by the receiver, it
does not transmit an acknowledgment. The sender does not receive an
acknowledgment, it will not send the next packet. This problem is caused by a loss of
data.

2. Lost Acknowledgement
Assume the sender sends the data, which is also received by the receiver. The receiver
sends an acknowledgment after receiving the packet. In this situation, the
acknowledgment is lost in the network. The sender does not send the next data packet
because it does not receive acknowledgement, under the stop and wait protocol, the
next packet cannot be transmitted until the preceding packet’s acknowledgment is
received.
3. Delayed Acknowledgement/Data
Assume the sender sends the data, which is also received by the receiver. The receiver
then transmits the acknowledgment, which is received after the sender’s timeout period.
After a timeout on the sender side, a long-delayed acknowledgement might be wrongly
considered as acknowledgement of some other recent packet.

Stop and Wait for ARQ (Automatic Repeat Request)

The above 3 problems are resolved by Stop and Wait for ARQ (Automatic Repeat
Request) that does both error control and flow control.

1. Time Out
Timeout refers to the duration for which the sender waits for an acknowledgment (ACK)
from the receiver after transmitting a data packet. If the sender does not receive an ACK
within this timeout period, it assumes that the frame was lost or corrupted and
retransmits the frame.
2. Sequence Number (Data)
In Stop-and-Wait ARQ, the sender assigns sequence numbers to each data frame it
sends. This allows the receiver to identify and acknowledge each frame individually,
ensuring reliable delivery of data packets. After sending a frame, the sender waits for
an acknowledgment before sending the next frame.

3. Sequence Number(Acknowledgement)
Similarly, sequence numbers are also used in acknowledgments (ACKs) sent by the
receiver to acknowledge received data frames. When the receiver successfully receives
a data frame, it sends an ACK back to the sender, indicating the sequence number of
the next expected frame. The sender uses this ACK to determine whether the
transmission was successful and whether it can proceed to send the next frame.
Working of Stop and Wait for ARQ
 Sender A sends a data frame or packet with sequence number 0.
 Receiver B, after receiving the data frame, sends an acknowledgement with
sequence number 1 (the sequence number of the next expected data frame or
packet)
There is only a one-bit sequence number that implies that both sender and receiver
have a buffer for one frame or packet only.

In the Stop-and-wait method, the sender waits for an acknowledgement after every frame
it sends.

o When acknowledgement is received, then only next frame is sent. The process of
alternately sending and waiting of a frame continues until the sender transmits the
EOT (End of transmission) frame.

Advantages of Stop and Wait ARQ

 Simple Implementation: Stop and Wait ARQ is a simple protocol that is easy to
implement in both hardware and software. It does not require complex algorithms
or hardware components, making it an inexpensive and efficient option.
 Error Detection: Stop and Wait ARQ detects errors in the transmitted data by
using checksums or cyclic redundancy checks (CRC). If an error is detected, the
receiver sends a negative acknowledgment (NAK) to the sender, indicating that the
data needs to be retransmitted.
 Reliable: Stop and Wait ARQ ensures that the data is transmitted reliably and in
order. The receiver cannot move on to the next data packet until it receives the
current one. This ensures that the data is received in the correct order and
eliminates the possibility of data corruption.
 Flow Control: Stop and Wait ARQ can be used for flow control, where the receiver
can control the rate at which the sender transmits data. This is useful in situations
where the receiver has limited buffer space or processing power.
 Backward Compatibility: Stop and Wait ARQ is compatible with many existing
systems and protocols, making it a popular choice for communication over
unreliable channels.
Disadvantages of Stop and Wait ARQ
 Low Efficiency: Stop and Wait ARQ has low efficiency as it requires the sender to
wait for an acknowledgment from the receiver before sending the next data packet.
This results in a low data transmission rate, especially for large data sets.
 High Latency: Stop and Wait ARQ introduces additional latency in the
transmission of data, as the sender must wait for an acknowledgment before
sending the next packet. This can be a problem for real-time applications such as
video streaming or online gaming.
 Limited Bandwidth Utilization: Stop and Wait ARQ does not utilize the available
bandwidth efficiently, as the sender can transmit only one data packet at a time.
This results in underutilization of the channel, which can be a problem in situations
where the available bandwidth is limited.
 Limited Error Recovery: Stop and Wait ARQ has limited error recovery
capabilities. If a data packet is lost or corrupted, the sender must retransmit the
entire packet, which can be time-consuming and can result in further delays.
 Vulnerable to Channel Noise: Stop and Wait ARQ is vulnerable to channel noise,
which can cause errors in the transmitted data. This can result in frequent
retransmissions and can impact the overall efficiency of the protocol.

Sliding Window

Sliding window protocols are data link layer protocols for reliable and
sequential delivery of data frames. The sliding window is also used
in Transmission Control Protocol.

In this protocol, multiple frames can be sent by a sender at a time before

receiving an acknowledgment from the receiver. The term sliding window
refers to the imaginary boxes to hold frames. Sliding window method is also
known as windowing.

Working Principle

In these protocols, the sender has a buffer called the sending window and the
receiver has buffer called the receiving window.

The size of the sending window determines the sequence number of the
outbound frames. If the sequence number of the frames is an n-bit field, then
the range of sequence numbers that can be assigned is 0 to 2𝑛−1.
Consequently, the size of the sending window is 2 𝑛−1. Thus in order to
accommodate a sending window size of 2 𝑛−1, a n-bit sequence number is
chosen.

The sequence numbers are numbered as modulo-n. For example, if the

sending window size is 4, then the sequence numbers will be 0, 1, 2, 3, 0, 1,
2, 3, 0, 1, and so on. The number of bits in the sequence number is 2 to
generate the binary sequence 00, 01, 10, 11.

The size of the receiving window is the maximum number of frames that the
receiver can accept at a time. It determines the maximum number of frames
that the sender can send before receiving acknowledgment.

Example

Suppose that we have sender window and receiver window each of size 4. So
the sequence numbering of both the windows will be 0,1,2,3,0,1,2 and so on.
The following diagram shows the positions of the windows after sending the
frames and receiving acknowledgments.
 o The Sliding Window is a method of flow control in which a sender can transmit the
several frames before getting an acknowledgement.
o In Sliding Window Control, multiple frames can be sent one after the another due
to which capacity of the communication channel can be utilized efficiently.
o A single ACK acknowledge multiple frames.
o Sliding Window refers to imaginary boxes at both the sender and receiver end.
o The window can hold the frames at either end, and it provides the upper limit on
the number of frames that can be transmitted before the acknowledgement.
o Frames can be acknowledged even when the window is not completely filled.
o The window has a specific size in which they are numbered as modulo-n means
that they are numbered from 0 to n-1. For example, if n = 8, the frames are
numbered from 0,1,2,3,4,5,6,7,0,1,2,3,4,5,6,7,0,1........
o The size of the window is represented as n-1. Therefore, maximum n-1 frames can
be sent before acknowledgement.
o When the receiver sends the ACK, it includes the number of the next frame that it
wants to receive. For example, to acknowledge the string of frames ending with
frame number 4, the receiver will send the ACK containing the number 5. When
the sender sees the ACK with the number 5, it got to know that the frames from 0
through 4 have been received.

Sender Window

o At the beginning of a transmission, the sender window contains n-1 frames, and
when they are sent out, the left boundary moves inward shrinking the size of the
window. For example, if the size of the window is w if three frames are sent out,
then the number of frames left out in the sender window is w-3.
o Once the ACK has arrived, then the sender window expands to the number which
will be equal to the number of frames acknowledged by ACK.
o For example, the size of the window is 7, and if frames 0 through 4 have been sent
out and no acknowledgement has arrived, then the sender window contains only
 two frames, i.e., 5 and 6. Now, if ACK has arrived with a number 4 which means that
0 through 3 frames have arrived undamaged and the sender window is expanded
to include the next four frames. Therefore, the sender window contains six frames
(5,6,7,0,1,2).

Receiver Window

o At the beginning of transmission, the receiver window does not contain n frames,
but it contains n-1 spaces for frames.
o When the new frame arrives, the size of the window shrinks.
o The receiver window does not represent the number of frames received, but it
represents the number of frames that can be received before an ACK is sent. For
example, the size of the window is w, if three frames are received then the number
of spaces available in the window is (w-3).
o Once the acknowledgement is sent, the receiver window expands by the number
equal to the number of frames acknowledged.
o Suppose the size of the window is 7 means that the receiver window contains seven
spaces for seven frames. If the one frame is received, then the receiver window
shrinks and moving the boundary from 0 to 1. In this way, window shrinks one by
one, so window now contains the six spaces. If frames from 0 through 4 have sent,
then the window contains two spaces before an acknowledgement is sent.
Stop-and-wait ARQ

Stop-and-wait ARQ is a technique used to retransmit the data in case of damaged or lost
frames.

This technique works on the principle that the sender will not transmit the next frame until
it receives the acknowledgement of the last transmitted frame.

Four features are required for the retransmission:

o The sending device keeps a copy of the last transmitted frame until the
acknowledgement is received. Keeping the copy allows the sender to retransmit
the data if the frame is not received correctly.
o Both the data frames and the ACK frames are numbered alternately 0 and 1 so that
they can be identified individually. Suppose data 1 frame acknowledges the data 0
frame means that the data 0 frame has been arrived correctly and expects to
receive data 1 frame.
o If an error occurs in the last transmitted frame, then the receiver sends the NAK
frame which is not numbered. On receiving the NAK frame, sender retransmits the
data.
o It works with the timer. If the acknowledgement is not received within the allotted
time, then the sender assumes that the frame is lost during the transmission, so it
will retransmit the frame.

Two possibilities of the retransmission:

 o Damaged Frame: When the receiver receives a damaged frame, i.e., the frame
contains an error, then it returns the NAK frame. For example, when the data 0
frame is sent, and then the receiver sends the ACK 1 frame means that the data 0
has arrived correctly, and transmits the data 1 frame. The sender transmits the next
frame: data 1. It reaches undamaged, and the receiver returns ACK 0. The sender
transmits the next frame: data 0. The receiver reports an error and returns the NAK
frame. The sender retransmits the data 0 frame.
o Lost Frame: Sender is equipped with the timer and starts when the frame is
transmitted. Sometimes the frame has not arrived at the receiving end so that it
can be acknowledged neither positively nor negatively. The sender waits for
acknowledgement until the timer goes off. If the timer goes off, it retransmits the
last transmitted frame.

Sliding Window ARQ

SlidingWindow ARQ is a technique used for continuous transmission error control.

Three Features used for retransmission:

o In this case, the sender keeps the copies of all the transmitted frames until they
have been acknowledged. Suppose the frames from 0 through 4 have been
transmitted, and the last acknowledgement was for frame 2, the sender has to keep
the copies of frames 3 and 4 until they receive correctly.
o The receiver can send either NAK or ACK depending on the conditions. The NAK
frame tells the sender that the data have been received damaged. Since the sliding
window is a continuous transmission mechanism, both ACK and NAK must be
numbered for the identification of a frame. The ACK frame consists of a number
that represents the next frame which the receiver expects to receive. The NAK
frame consists of a number that represents the damaged frame.
o The sliding window ARQ is equipped with the timer to handle the lost
acknowledgements. Suppose then n-1 frames have been sent before receiving any
acknowledgement. The sender waits for the acknowledgement, so it starts the
timer and waits before sending any more. If the allotted time runs out, the sender
retransmits one or all the frames depending upon the protocol used.
Two protocols used in sliding window ARQ:

o Go-Back-n ARQ: In Go-Back-N ARQ protocol, if one frame is lost or damaged,

then it retransmits all the frames after which it does not receive the positive ACK.

Three possibilities can occur for retransmission:

o Damaged Frame: When the frame is damaged, then the receiver sends a NAK
frame.

In the above figure, three frames have been transmitted before an error discovered in the
third frame. In this case, ACK 2 has been returned telling that the frames 0,1 have been
received successfully without any error. The receiver discovers the error in data 2 frame,
so it returns the NAK 2 frame. The frame 3 is also discarded as it is transmitted after the
damaged frame. Therefore, the sender retransmits the frames 2,3.

o Lost Data Frame: In Sliding window protocols, data frames are sent sequentially.
If any of the frames is lost, then the next frame arrive at the receiver is out of
sequence. The receiver checks the sequence number of each of the frame,
discovers the frame that has been skipped, and returns the NAK for the missing
frame. The sending device retransmits the frame indicated by NAK as well as the
frames transmitted after the lost frame.
 o Lost Acknowledgement: The sender can send as many frames as the windows
allow before waiting for any acknowledgement. Once the limit of the window is
reached, the sender has no more frames to send; it must wait for the
acknowledgement. If the acknowledgement is lost, then the sender could wait
forever. To avoid such situation, the sender is equipped with the timer that starts
counting whenever the window capacity is reached. If the acknowledgement has
not been received within the time limit, then the sender retransmits the frame since
the last ACK.

Selective-Reject ARQ

o Selective-Reject ARQ technique is more efficient than Go-Back-n ARQ.

o In this technique, only those frames are retransmitted for which negative
acknowledgement (NAK) has been received.
o The receiver storage buffer keeps all the damaged frames on hold until the frame
in error is correctly received.
o The receiver must have an appropriate logic for reinserting the frames in a correct
order.
o The sender must consist of a searching mechanism that selects only the requested
frame for retransmission.
CSMA
CSMA is a mechanism that senses the state of the shared channel to prevent or recover
data packets from a collision. It is also used to control the flow of data packets over the
network so that the packets are not get lost, and data integrity is maintained. In CSMA,
when two or more data packets are sent at the same time on a shared channel, the
chances of collision occurred. Due to the collision, the receiver does not get any
information regarding the sender's data packets. And the lost information needs to be
resented so that the receiver can get it. Therefore we need to sense the channel before
transmitting data packets on a network. It is divided into two parts, CSMA CA (Collision
Avoidance) and CSMA CD (Collision Detection).

CSMA CD
The Carrier Sense Multiple Access/ Collision Detection protocol is used to detect a
collision in the media access control (MAC) layer. Once the collision was detected, the
CSMA CD immediately stopped the transmission by sending the signal so that the sender
does not waste all the time to send the data packet. Suppose a collision is detected from
each station while broadcasting the packets. In that case, the CSMA CD immediately sends
a jam signal to stop transmission and waits for a random time context before transmitting
another data packet. If the channel is found free, it immediately sends the data and returns
it.

Advantage and Disadvantage of CSMA CD

Advantages of CSMA CD:

1. It is used for collision detection on a shared channel within a very short time.
2. CSMA CD is better than CSMA for collision detection.
 3. CSMA CD is used to avoid any form of waste transmission.
4. When necessary, it is used to use or share the same amount of bandwidth at each
station.
5. It has lower CSMA CD overhead as compared to the CSMA CA.

Disadvantage of CSMA CD

1. It is not suitable for long-distance networks because as the distance increases,

CSMA CD' efficiency decreases.
2. It can detect collision only up to 2500 meters, and beyond this range, it cannot
detect collisions.
3. When multiple devices are added to a CSMA CD, collision detection performance
is reduced.

CSMA/CA
CSMA stands for Carrier Sense Multiple Access with Collision Avoidance. It means that
it is a network protocol that uses to avoid a collision rather than allowing it to occur, and
it does not deal with the recovery of packets after a collision. It is similar to the CSMA CD
protocol that operates in the media access control layer. In CSMA CA, whenever a station
sends a data frame to a channel, it checks whether it is in use. If the shared channel is
busy, the station waits until the channel enters idle mode. Hence, we can say that it
reduces the chances of collisions and makes better use of the medium to send data
packets more efficiently.

Advantage and Disadvantage of CSMA CA

Advantage of CSMA CA

1. When the size of data packets is large, the chances of collision in CSMA CA is less.
2. It controls the data packets and sends the data when the receiver wants to send
them.
3. It is used to prevent collision rather than collision detection on the shared channel.
4. CSMA CA avoids wasted transmission of data over the channel.
5. It is best suited for wireless transmission in a network.
 6. It avoids unnecessary data traffic on the network with the help of the RTS/ CTS
extension.

The disadvantage of CSMA CA

1. Sometime CSMA/CA takes much waiting time as usual to transmit the data packet.
2. It consumes more bandwidth by each station.
3. Its efficiency is less than a CSMA CD.