Security Basics mailing list archives
Re: Session layer in OSI and TCP/IP
From: sandthakur () gmail com
Date: 14 Jul 2010 19:21:04 -0000
My answer are inline with your queries, Naruto, According to OSI model session layer provides connection establishment, management and termination. So does this mean that in OSI TCP 3-way handshake and graceful connection termination is initiated by session layer and the transport layer is concerned with data transfer and reliability of communication only? But in TCP/IP the connection establishment and termination along with reliability are part of the transport layer and no session layer is used. Is this statement correct? Sandeep> Please refer the image from the below url first for better understanding of realtime protocol suit (TCP/IP) with respect to international standard (ISO OSI; this is not a protocol suit by itself; this is a standard for implementation of networking protocol suites). http://homepages.uel.ac.uk/u0306091/TCP_IP9.gif The function of transport layer as per standard OSI will be implemented as is or with slight enhancements. In otherwords, connection establishment, reset task will be done at transport layer, you may refer OSI or TCP/IP. Similarly session layer is above the transport layer and nothing to do with connection establishment (three-way handshake procedure). Essentially, session layer will refer to protocols that fall under that layer or the session related to application itself which requires network service. Eg.- I want to browse a website. a) So according to OSI, firstly I resolve domain name using the DNS in application layer, then my web browser asks the session layer to initiate a session. Session layer asks the transport layer to make suitable TCP packets to perform a 3 way handshake. Then HTTP packets are transported using the transport layer. Sandeep> DNS is a concept which work across the networks. Yes, as you said the program which usually runs at application layer maintains the session incase required, which inturn are the services/features from session layer, similarly the presentation layers functions to the application layer program. Hence, all these are actually clubbed into one layer in TCP/IP as the program/protocol suite itself does most of these actions of (Application, Presentation, Session) layers. Transport layer when receives its top layer packets, it has nothing to do with top layer packets rather establish the connection from source port/address to dest port/address using flagging mechanism in handshake procedure and transfer it further. Network layer has role in it when request has to go out of the network. IP protocols helps in doing this... b) According to TCP/IP, firstly I resolve domain name using DNS in application layer. Then my application layer requests the transport layer to connect to a webserver on port 80. Transport layer makes a TCP 3-way handshake. After connection establishment HTTP packets are transported using transport layer. Sandeep> This is correct. Regards Sandeep Thakur, CEH, CHFI, ECSA, ISO 27001 LA, ... so on Reach me here for any queries with respect to IT Security and its culture: http://groups.google.com/group/nforceit ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 13)
- <Possible follow-ups>
- Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 13)
- Re: Session layer in OSI and TCP/IP dwg5901 (Jul 14)
- Re: Session layer in OSI and TCP/IP sandthakur (Jul 14)
- Re: Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 16)
- Re: Session layer in OSI and TCP/IP dwg5901 (Jul 19)
- Re: Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 19)
- Re: Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 19)
- Re: Session layer in OSI and TCP/IP Andy Colson (Jul 19)
- Re: Session layer in OSI and TCP/IP orlin (Jul 19)
- Re: Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 16)
- Re: Session layer in OSI and TCP/IP Kurt Buff (Jul 19)
- Re: Session layer in OSI and TCP/IP Charlie Clark (Jul 19)
- Re: Session layer in OSI and TCP/IP Naruto Uzumaki (Jul 19)
- RE: Session layer in OSI and TCP/IP David Gillett (Jul 19)