Topic 3: Networks

Download Report

Transcript Topic 3: Networks

Abbr
Full Name
Description
LAN
Local Area
Network
E.g. School or business network. Usually confined to one building. Uses wired
communications protocols like Ethernet.
WLAN
Wireless LAN
The same as a LAN but using wireless technologies, e.g. wifi, rather than
wires.
VLAN
Virtual LAN
A subgroup of computers on a LAN that are treated alike (e.g. in terms of
security or bandwidth) regardless of their physical proximity on the
network.
WAN
Wide Area
Network
Any communications network that connects geographically dispersed hosts,
usually across regional or national boundaries. Often a network of LANs
belonging to a multinational company linked by leased lines.
SAN
Storage Area
Network
A network not normally accessible from the main LAN on which the hosts are
predominantly high-capacity storage devices, such as tape drives.
PAN
Personal Area
Network
A short-range network of personal devices, such as cellphones, tablets and
audio headsets, often utilizing Bluetooth short-range radio.
Link: http://en.wikipedia.org/wiki/Computer_network
• An intranet is like a private internet. It is made up of web
pages and viewed through a browser, but access is restricted
to users within an organization.
• An extranet is an intranet that has been opened up to provide
limited access to a selection of users outside the organization.
Companies use extranets in a bid to welcome their customers
or suppliers into their organization and facilitate cooperation
and collaboration.
• The internet is a network of networks connected using IP
(Internet Protocol). It powers a large range of communication
media such as the World-Wide Web (documents connected by
hyperlinks), email, chat, gaming, newsgroups, etc
• A Virtual Private Network is a network uses the public
internet for communication, but which has security features
such as usernames, passwords and encryption, to restrict
access to a select group of users.
• It behaves like a private network even though it uses the
public internet.
• The obvious benefit is that resources such as files, printers and
databases can be shared over remote hosts without having to
provide dedicated lines between them.
• Another benefit is reduced cost. It is possible to connect hosts
securely using leased lines. Leased line costs can be extremely
high, whereas fully featured VPN software is freely available as
open source.
• A disadvantage is that because VPN traffic travels on a public
network, strong security measures are required.
Client (IB’s awful definition)
Desktop computer or terminal used
to access a computer-based
system.
Client (better definition)
A computer on a network that
gains access to central data files,
programs, and peripheral
devices through a server.
Server
1. A program that provides
services requested by
client programs.
2. A computer that provides
services to another
computer connected over
a network.
Client-Server
A network architecture in which a system is
divided between server tasks performed on the
instructions received from clients, requesting
information.
• Strictly, a server is a piece of software that listens for client
requests on a particular set of ports and responds to those
requests
• Like with “firewall”, the word “server” can refer to the
software, or the hardware on which the software is running
• Almost always, a server is a dedicated machine that does
nothing else
• It’s just a computer with special modifications like extra
processors, lots or RAM, huge storage capacity
• It’s often big and flat so it can fit in a server rack
• There are different types of server: file server, web server,
database server, etc
• Every computer linked to
every other
• No server
• Can be faster than clientserver architecture, especially
when special algorithms are
used, e.g. torrenting
• Less secure because services
such as filtering, antivirus,
firewalls are delegated to
each peer
• Port (IB definition): An access point for data entry or exit.
• A port can either be hardware (the various sockets at the back
of your PC, eg serial port, USB port), or it can be software, in
which case it is a logical channel for data communication,
identified by a number from 0-65536 (216)
• Ports allow computers to decide which application should
handle data received on a network, e.g. outgoing email runs
on port 25, HTTP runs on port 80, FTP runs on port 20
• A firewall is a program that restricts data allowed into and out of a
network, on the basis of a set of rules
• One of the ways it does this is to close certain ports
• Try playing World of Warcraft using the school’s internet
connection. You will fail. Why? Because the WoW software uses
certain port numbers but the school’s firewall blocks traffic on those
ports
• The word “firewall” can refer to the software itself, or the hardware
on which the software runs. Often a firewall is a dedicated machine
that does nothing else
package echoserver;
import java.io.*;
import java.net.*;
This is an echo server written in
Java. It listens for connections on
port 8001. When it receives
something, it just sends the same
thing straight back to where it
came from.
public class EchoServer {
public static void main(String[] args) throws IOException {
int portNumber = 8001;
try (
ServerSocket serverSocket =
new ServerSocket(portNumber);
Socket clientSocket = serverSocket.accept();
PrintWriter out =
new PrintWriter(clientSocket.getOutputStream(), true);
BufferedReader in = new BufferedReader(
new InputStreamReader(clientSocket.getInputStream()));
) {
String inputLine;
while ((inputLine = in.readLine()) != null) {
out.println(inputLine);
}
} catch (IOException e) {
System.out.println("Exception caught when trying to listen on port "
+ portNumber + " or listening for a connection");
System.out.println(e.getMessage());
}
}
}
• A proxy is a machine that brokers the
communication between two other
machines
• Only one machine in the school is
connected to the internet: the web proxy
• Test this by typing “What is my ip” in
Google. You will get the same answer
whatever school computer you use
• When you request a web page, you in fact
ask the proxy, and the proxy gets it from
the web and gives it to you
• Hence it can check you are not going to
dodgy websites
• A web proxy reduces the need for internet
connections and allows security features,
e.g. virus checking and content filtering, to
be centralised for all users
• Provider: Usually short for Internet Service Provider, a provider offers a
number of internet-related services, such as:
•
•
•
•
access to the internet
email
website hosting
application/database hosting
• There are different sizes of ISP and small ISPs will have their own, larger ISPs
who provide them with services.
• The biggest ISPs, who don't need their own ISP, are called Tier 1 Providers.
• Providers offer different ways to connect to the internet depending on your
speed and bandwidth requirements.
• For remote customers, or customers where there is limited telephone
system coverage, access may be offered by satellite.
Dial-up ISDN ADSL T1 Gigabit Ethernet Fibre Optic
Slow ----------------------- Medium ---------------------------- Fast
• Directions
• Simplex: One-way, e.g. a radio broadcast
• Half-duplex: Two-way, but not at the same time, e.g. walkie-talkie
• Full-duplex: Two-way, and at the same time, e.g. telephone
• Speed measure in bps (bits per second) not Bps (bytes per
second)
• Dial-up is slow at around 56 kbps
• Broadband is faster – currently up to around 10 mbps
• WiFi is wireless broadband but fairly short range
• WiMax (Worldwide Interoperability for Microwave Access) is
higher bandwidth and longer range wireless
• Nice article here: Wikipedia – Internet Access
• Asymmetric Digital Subscriber Line
• Asymmetric because you can download much faster than you can
upload
• Carried over a normal telephone line but at such high frequencies
that it is separable from voice
• Hence ADSL can be used at the same time as voice, unlike a dial-up
connect, which hogs the line
• It uses the POTS (Plain Old Telephone System) to carry a digital
signal, unlike an dial-up modem, which is analogue
• So it's a myth that the telephone system is analogue – it can carry
analogue (voice) and digital (data) at the same time, just like the TV
signal, which used to be analogue and is now digital
• Analogue signals are created by smoothly varying voltages; digital
signals are created by abrupt step-changes in voltage. Same
medium, different signals.
A data packet is a formatted unit of data carried on a packet-switched
network. It comprises control information (header) and payload. The
header contains information about the payload, such as length,
destination address. The payload is the data that is to be sent.
Packet switched communication
• Data broken into small packets (e.g. 64kb maximum for IP)
• Packets may take totally different routes to their destination
• Packets reassembled and sequenced at destination into coherent
data
• Example: Internet
Circuit switched communication
• Dedicated channel established between both parties
• Data sent in one go, in order, and received likewise
• Example: Landline telephone connection
• Full use of available bandwidth. In a telephone call (circuit switched) even
if both parties are saying nothing, the channel is still established and
nobody else can use the available bandwidth. With packet switching, the
instant my data has been sent, the bandwidth is free to be used by other
parties. (Imagine chatting on Facebook: It may seem like messages are
going backwards and forwards constantly, but in fact your computer is
spending 99.9% of its time waiting for you to finish typing, and only 0.1% of
it's time actually sending your messages.)
• More secure, because it's difficult to intercept packets that are taking
different routes across the network.
• Devices of different speeds can communicate easily. In circuit-switched
networks both parties have to agree to communicate at the speed of the
slower party.
• Resilient to communications hardware failure. If one channel goes down,
packets will just take a different route. In circuit-switched networks, loss of
a channel can mean no communication is possible at all.
• Nice link here.
• 01010100011010000110010100100000011100010111010101
10100101100011011010110010000001100010011100100110
11110111011101101110001000000110011001101111011110
00001000000110101001110101011011010111000001110011
00100000011011110111011001100101011100100010000001
11010001101000011001010010000001101100011000010111
10100111100100100000011001000110111101100111001011
10
• Protocol: An internationally agreed set of rules to ensure transfer of
data between devices. A standard protocol is one that is recognized
as the standard for a specific type of transfer.
• Data is just a huge sequence of 1's and 0's – a protocol is an agreed
way of deciding what it all means
• For example, the first 32 bits might encode the address of the
sender, the next 32 bits encode the address of the receiver, etc
• Examples are:
• HTTP (Hypertext Transfer Protocol): for sending and receiving web pages
• TCP (Transmission Control Protocol): for making sure that data packets get
received and sequenced properly
• IP (Internet Protocol): for making sure that data sent across a network gets
to the right host (computer)
• SMTP (Simple Message Transfer Protocol): for sending email
• ASCII is an example of an extremely simple protocol
• Bits are interpreted in groups of 8 and each group corresponds
to a character, e.g. 01000001 = “A” and 00111111 = “?”
• A protocol error occurs when the receiver interprets data
using the wrong protocol and ends up with total nonsense
• You are now ready to cause your own protocol error:
• Open up Windows notepad
• Choose File, Open (select All Files)
• Open up an image file (gif, jpeg, png, etc)
• Notepad will dutifully interpret the file as text, and you will
end up with meaningless junk
• This is essentially a protocol error
• Data integrity: Some protocols can detect packet loss and request that a
lost packet be resent. They also have sequence numbers so that packets
can be reordered if they arrive in the wrong order.
• Flow control: One host on a network might be able to send data much
faster than another one can receive it. Some protocols can establish a
common data transmission speed between hosts to avoid this problem.
• Deadlock: This occurs when all hosts are waiting to receive data before
they can continue sending. Hence nothing happens and they just sit there
waiting. Some protocols have timers that can detect and prevent deadlock
situations.
• Congestion: Some protocols can detect network congestion and reduce
their data transmission rate to protect the network from collapse.
• Error checking: Some protocols use some sort of checksum field to detect
errors. The checksum contains information about the payload data, such as
"how many 1's there are". The receiver performs the same calculation on
the received data and so can detect if there has been an error in
transmission. (In practice error-checking can be very much more
complicated than this!)
• Handshaking (old IB definition): The exchange of
predetermined signals when a connection is established
between two devices or components.
• The process of by which two devices on a network agree upon
which protocol they are going to use for their communication.
• A good example is dial-up modems, which have to decide what
rate data will be sent at, what checks will be done, etc. Have
you ever heard the “squealing” an acoustic modem makes
when it first connects? That is in fact the handshaking
procedure.
• Another example is when you reset your Broadband router at
home. The lights slowly come on one-by-one and flash and
blink before they finally settle down. That's the handshaking
procedure.
• Usernames identify, passwords authenticate
• Other authentication methods: fingerprints, retinal scan
• Access control: read, write, delete, etc – different user types with different
privileges.
• Encryption protects data from unauthorised access, but it doesn't stop it from
being deleted.
• Antivirus software is designed to detect and prevent infection by computer
viruses. It is generally used a the point of entry/exit to a network (a "gateway"),
but periodic scans of local files are also desirable.
• Back-up is the process of making an extra copy of data in case it gets deleted or
corrupted. Although it makes it less likely that data will be lost, it actually
makes it more likely that private data will be subject to unauthorised access.
Back-ups should normally be stored off-site or away from the original media so
that, say, a fire doesn't destroy both the original and the back-up.
• Firewalls control what traffic is allowed into and out of a network. They can do
this on the basis of source/destination address, port number, or data contents.
• Physical measures, e.g. alarms, cameras, walls, doors, locks. Wireless networks
are dangerous precisely because attackers can sidestep physical security
measures.
• Denial of Service: An attack designed to overload a server. A basic
technique would be to write a program that makes hundreds of
requests to a particular site every second.
• Man-in-the-Middle: An attack in which an undetected third party
intercepts communications between two people. See next slide
• Phishing: Generally this is done by creating a mock-up of a web
page (eg a bank login page) and providing a hyperlink that looks like
it goes to the correct site, but really goes to the mock-up site. The
html is simple:
• <a href="http://178.45.2.203/login.php">http://www.hsbc.com</a>
• Trojan Horse: This is a malicious program designed to look like a
trusted program. You enter data thinking it is the trusted program
and it sends your details to the hacker.
• Spoofing: This is the name given to faking your identity online,
usually faking an email, IP or MAC address.
• Spyware: This is software that runs undetected on your system and
records your activity. A keylogger is an example.
Link looks
genuine
But in fact this is where
it takes you. If you click
on this link you will find
a fake page, complete
with the bank's logo,
and a login in prompt.
If you are stupid
enough to enter your
password, it will be
sent straight to the
hackers and your bank
account will be
emptied.
Alice
Hi Bob, it's Alice. Give me your key…
Mallory
Bob
Alice
Mallory
Hi Bob, it's Alice. Give me your key…
Bob
Alice
Mallory
Bob's key
Bob
Alice
Alice
Alice
Mallory's key
Data encrypted with Mallory's key
Mallory
Bob
Mallory
Bob
Mallory
Data encrypted with Bob's key
Bob
Note that Alice and Bob think they are talking to each other. They have no idea that
their communication is being intercepted. Note also that Mallory has to get in on the
key exchange. If he arrives after the key exchange he is too late.
Plaintext
Ciphertext
The quick
brown
fox…
*!F@G(DW
*%$P&...
Encryption
Network
*!F@G(DW
*%$P&...
Ciphertext
Decryption
The quick
brown
fox…
Plaintext
• There are hundreds of ways of encrypting text.
• Some are very simple and easy to break. e.g. a simple Caesar
cipher: Every A becomes a B, every B becomes a C, … every Z
becomes an A.
• Modern techniques conduct mathematical operations on the
bits of the plaintext in order to create the ciphertext. They use
large numbers called encryption keys to encipher and
decipher.
• There are three main types of encryption:
• Hashing: One-way encryption. Once text is encrypted, it cannot be
decrypted. Think: What could this be useful for?
• Symmetric key encryption: The same key is used to encrypt and decrypt
data. Think: What are the challenges with this method?
• Asymmetric key encryption: One key is used to encrypt data, another is
used to decrypt it. Think: What are the advantages of this method?
(Hint: it is also known as "public key" encryption.)
The hashing function turns any sequence of bits into a fixed-length
number or "hash". Can you see why it can't be possible to get
back from the hash to the plaintext?
This could be
anything. A
password, an
executable file,
etc.
Hashing
algorithm
D377C900F1FEA462
• It doesn't matter how long the plain text is, the hash is always
the same length (here it's 256 bits)
• What use can it be to have an encryption function that you
can't decrypt?? Answer: I can store a hash of your password
and compare it to the hash of the password you just entered.
In this way I can know that you entered the correct password,
without every having to know your password.
• You can tell that software is genuine using the same idea.
• Same key used to encrypt and decrypt data
• As long as keys are truly private, then this method is extremely
secure.
• Big problem: Key exchange. How do we get to the situation
where we both have the same key? You can't just email it!
• I have two keys, a public key and a private key
• Data is encrypted using the public key, and
decrypted using the private key
• No key exchange problem! I can email my
public key.
• I must never give anyone my private key
though.
You can think of the public
key as an open padlock that
only you have the key for.
Anyone can lock something
for you, but no-one can then
open it except you.
Here is a nice clip with some hilarious animations that made me laugh out loud.
http://www.youtube.com/watch?v=M7kEpw1tn50
Note that he public key cannot decrypt data that it was used to encrypt. This is not the same proposition as with
hashing though, because the data is encryptable at some level. How does this work then? Well, imagine you have a
very large number N that has only two (very large) prime factors, p 1 and p2. It turns out that it is prohibitively difficult
to find out what those two prime factors are if you only know N. However, if you have N and one of its factors, it is
extremely easy to find out what the other factor is. So N is like the public key. I can send it out all over the place,
confident that no-one can ever factorise it. Meanwhile, p1 is like the private key, that I can use to find out p2. This is not
exactly how the mathematics works in asymmetric key encryption but the difficulty of factoring N is crucial, as is
something called Fermat's little theorem.
• A MAC (Media Access Control) address is a code number
attached to a network card
• Network software uses MAC addresses to route packets of
data
• Sometimes MAC addresses are used to identify legitimate
users
• ISM uses MAC filtering like this. When you get your device
registered for use on the network, it is your device's MAC
address that they authorise.
• MAC addresses can be sniffed from a network and spoofed, so
on their own they are not strong security measures.
• Media
• Metal wires: fluctuating electrical voltages
• Fibre optic cable: visible light bouncing off the walls inside a cable
• Wireless: electromagnetic spectrum, including radio, IR, wireless
• Considerations when choosing alternatives:
•
•
•
•
Speed
Reliability
Cost
Security
• Calculated in bits per second (bps)
• Not Bps! (That would be Bytes per second.)
• What is your data transfer rate if you 25MB in 1 minute and 40 seconds?
• 25MB = 25 x 1000 x 1000 x 8 = 200 million bits
• 1 minutes and 40 seconds is 100 seconds
• So the data rate in bps is 200,000,000/100 = 2,000,000 bps or 2Mbps
• Bandwidth: The maximum theoretical data transmission speed that
your network provider has allocated you. Eg You can get more
internet bandwidth by paying your ISP more. Most LANs today run
at 100Mbps or 1Gbps, depending on the available network
hardware.
• Transmission medium: Copper wire, fibre optic cable, wireless,
satellite, all have different maximum speeds.
• Length of line: All data travels at some speed less than the speed of
light. Therefore the distance that data has to travel affects the time
it takes.
• Network traffic: This is a measure of how much data is being sent
on the network. Networks can get congested just like roads.
Malware and viruses can make unauthorised connections to other
hosts and thereby increase network traffic. A denial-of-service (DoS)
attack is deliberately designed to overload a portion of a network to
stop it from functioning properly.
• All compression methods seek to eliminate redundant bits in file
encoding
• Consider these two methods of encoding in binary a string of 127
zeroes:
• 00000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000
• 11111110
• This example is called “run-length encoding”. It is one of hundreds
of different methods, most of which are highly mathematical.
• Lossless: The file gets compressed but no data is lost. The original
file can be re-created from the compressed version.
• Lossy: The file gets compressed and some data is lost. The original
file can never be re-created from the compressed version.
• Lossy compression rates are higher than lossless ones (of course)
• Here's a Youtube video:
http://www.youtube.com/watch?v=2Qo5prktYNQ
•
•
•
•
Watch the IT Guy's video (27 minutes)
Definition
(Basic) Technologies required
Things to think about:
• What are the social and ethical effects of VPN use?
• Concept questions:
• To what extent is the school network a private network? What makes it
private? What makes it open?
• To what extent to VPNs prevent data from being intercepted during
transmission?
• Critical evaluation:
• Watch the CyberGhost VPN advert (2 minutes)
• Critically evaluate CyberGhost's offering. Do you believe their promises?
Why might they not be able to provide the level of freedom and security
that they offer?
•
•
A virtual private network is a connection between hosts that uses the public internet to send encrypted information. Because
the information is encrypted, the hosts can be considered to be on a private network, even though they are connecting
through a public communication medium.
Technologies:
• Internet connection (router, ISP), encryption
•
Social and ethical effects:
• People can work from home
• Governments have less control
• Could support illicit or morally objectionable activities
•
Concept questions:
• The school network is a private network to the extent that it uses wired technology and has walls, doors and security guards to
physically restrict access. Someone passing on the street would have to get into the school and plug their computer into a network
socket to try to hack the system. However, the school uses wifi, which could be accessible from the road outside the school, so a
potential hacker could situate themselves there. Also, the school makes some server content available through the public internet.
In order for this information to be considered private, the school must use adequate security measures, such as usernames
(identification), passwords (authentication) and encryption.
• Because VPNs use the public internet, there is nothing to stop hackers from intercepting the IP packets being sent and received.
However, the contents of the packets is encrypted, and assuming the encryption is strong enough, the hacker would not be able to
read the contents of the communication. Thus the communication could potentially be disrupted if the packets could not find an
alternative route, but the information itself is secure.
•
CyberGhost video:
• In some countries, the sending and receiving of encrypted data is illegal, and so by using CyberGhost's software you could be acting
against the law.
• Some traffic will go via CyberGhost's servers. How do you know CyberGhost themselves can be trusted with your information?
• CyberGhost are American. US companies are under increasing pressure from legislation like the Patriot Act, to release information
on demand to the American security agencies. This could include records of what you have been doing online.
Dear Mr Tulsiani,
On Friday, December 6th there will be a
seminar about energy in the AMR from 3:15 to
4:45. There will be two guest speakers, one
from ADB and the other from WWF, to give
inside on how they reduce the use of energy
within their company. This seminar will allow
ISM to try and come up with new strategies to
reduce of our overall energy consumption
through different activities.
All students are invited and we hope to see you
there,
Eco Council
Dear Mr Tulsiani,
On Friday, December 6th there will be a
seminar about energy in the AMR from 3:15 to
4:45. There will be two guest speakers, one
from ADB and the other from WWF, to give
inside on how they reduce the use of energy
within their company. This seminar will allow
ISM to try and come up with new strategies to
reduce of our overall energy consumption
through different activities.
All students are invited and we hope to see you
there,
Eco Council
Rohan Tulsiani
Rohan Tulsiani
Rohan Tulsiani
Room 1082
Room 1082
High School
Room 1082
High School
High School
High School
International School Manila
International School Manila
International School Manila
International
School Manila
High School
Room 1082
Rohan
Tulsiani
Dear Mr Tulsiani,
On Friday, December 6th there will be a seminar about energy
in the AMR from 3:15 to 4:45. There will be two guest speakers,
one from ADB and the other from WWF, to give inside on how
they reduce the use of energy within their company. This seminar
will allow ISM to try and come up with new strategies to reduce
of our overall energy consumption through different activities.
All students are invited and we hope to see you there,
Eco Council
Important points:
• Each envelope has (1) contents
and (2) an address
• One envelope can become the
contents of another envelope
International
School Manila
Rubani School
Riyadh
International
School Paris
British School
Berlin
United World
College
Singapore
American School
of Dubai
• Thousands of messages
are being sent around
the world at the same
time
• The mail man at this
layer only deals with
getting the envelopes
from one school to
another
• He only ever sees brown
envelopes
• He has zero knowledge
and zero interest of the
contents of the
envelopes
Elementary
School
High School
Middle School
Middle School
Elementary
School
High School
• The mail man at this
layer only deals with
getting the envelopes to
the right part of the
school
• He only ever sees blue
envelopes
• He has zero knowledge
and zero interest of the
contents of the
envelopes
Room 1082
Room 4017
Room 2067
Room 3030
Room P045
Room 1124
• The mail man at this
layer only deals with
getting the envelopes to
the right room
• He only ever sees green
envelopes
• He has zero knowledge
and zero interest of the
contents of the
envelopes
Rohan Tulsiani
Lucas Ramos
Adelle Dimitui
Cristian Ayala
Angelo Hilario
Jin Sun Park
• The mail man at this
layer only deals with
getting the envelopes to
the right person
• He only ever sees white
envelopes
• He has zero knowledge
and zero interest of the
contents of the
envelopes
Physical Layer
eg Ethernet
Network Layer
eg IP
Transport
Layer
eg TCP
Application
Layer
eg HTTP
Message
eg Web
page
Important points:
• There are actually seven layers, but you
don't need to know them (shown here are
the four layers of the TCP/IP suite)
• Each "envelope" is called a packet, alhough
packets at different levels often have
different names (physical = "frame",
network = "datagram", transport =
"segment")
• One packet can be the contents of another
• There are several alternative protocols at
each layer
• The technology at each layer knows nothing
about the protocols used above or below
• Seven layers
• You don't need to
know the details
• But you need to
understand the
principle that each
layer is an
abstraction
• This allows
software and
hardware at each
layer to
concentrate on
one thing, without
worrying about
other layers
• Standardizes communication
• Without these standards, different systems would not be able
to communicate with each other
• Standard communication protocols govern how sequences of
bits are interpreted
• So two different developers can write different pieces of
software on different sides of the planet, without any
knowledge of each other's work, and still their software will be
able to communicate
• You may need to answer a 4-6 mark question on the
advantages of standardisation in the computer industry, or
the advantages of abstraction, and the OSI model is a great
example for both
• Key Issues:
• Work: 24-hour day. More productive, more stress. Distance no longer a
barrier. Borders coming down  Legal framework not clear.
Telecommuting. No separation of work and home. Online shopping 
sedentary lifestyle. Increased automation  redundancy for human
workers. Artificial intelligence. Natural language processing 
computers can make and answer phone calls, send and respond to
emails, etc. Robots  can work in unsafe conditions, don't need to
sleep, eat, etc.
• Health: Overwork. Stress. RSI (Repetitive Strain Injury) from typing.
Back/neck problems. Obesity. Eye strain. Addiction to web/gaming.
• Social networking. Cyberbullying
• Law and governance: Difficult to regulate the internet. Cybercrime.
Gambling. Pornography. Hatred and intolerance. Viruses and hacking.
Privacy. Europe strict, US relaxed.
• Culture: Language predominantly English. Values predominantly
American. Cultural imperialism.
•
•
•
•
•
•
•
•
•
Define data packet (1 mark)
What is meant by the term protocol? (2 marks)
Define VPN (2 marks)
Identify the technologies required to provide a VPN (3 marks)
Explain how data is transmitted using packet switching (4
marks)
Evaluate the use of VPN technology in the workplace (4 marks)
Describe how communication over networks is broken down
into different layers (4 marks)
Outline the importance of standards in the construction of
networks (4 marks)
Explain how the en passant rule works in chess (0.5 marks)