Monday, January 23, 2012
C pointer
Pointers are created by the indirect operator (*). The syntax is
type *variable
For example, int *p is a pointer to an integer
If A is the memory location of pointer p and B is the memory location of the integer p points to,
*p = 123 => store the value in location B
P = 123 => store the value in location A. In other words, change p to point to another memory location
The & operator returns the address of the variable. For example,
p = &n makes p points to n
Tuesday, January 10, 2012
Radius
Dial up networks usually have a local modem pool to provide cheap access. However, the ISP does not work to keep a copy of user database in each point of presence. The user is the supplicant, the POP is the authenticator and the central database is the authorizer. The protocol used between the POP and the database is called RADIUS (Remote Access Dial-In User Service)
PPP
Point-to-point protocol converts the unstructured modem link into a packet-based environment suitable for transporting IP packets. PPP has 2 authentication methods. PAP sends the user name and password in clear. CHAP uses a challenge response mechanism.
WEP keys
WEP keys have the following characteristics:
(1) fixed length - usually 40 bits or 104 bits. (for the latter case, vendor touted that the solution is 128bits because the protocol will add a 24bit Initialization Vector to form the full key)
(2) Static - no changes except by reconfiguration
(3) Shared - AP and station have the same key(s)
(4) Symmetric - same key used to encrypt and decrypt data
There are 2 approaches to use WEP keys - Default Keys and Key Mapping Keys.
Default Keys
All station and the APs uses a single set of keys. The standard specifies that there should be 4 default jeys for each devices. Only one default key is needed for security to work. The additional keys are used to ease key change progressively in an environment with many devices. When 2 default keys are defined, all transmissions from AP are encrypted using a single key selected, called the active key. However, received frames (from station) can be decrypted using either of the 2 keys when appropriate. The AP can decrypt data from station that have changed to the new key or those that are yet to be changed.
2 set of default keys further allow the AP and station uses different key set for transmitting. This is called directional key use. The key used by the transmitter is indicated in the KeyID bits in the encrypted frame so the receiver know which key (0 to 4) is used.
Key Mapping Keys
Each station has its own jey value. Not all vendor support this because of the complexity for key configuration and maintenance. Use of different key for each station complicates broadcast. In this case, all multicast traffic is encrypted using a default key that is shared by all stations. Only unicast traffic are sent using the key mapping key.
The challenge for AP is that it has to keep track of muliple key. Another difficuty is to ensure all AP has the same copy of jey table.
AP can operated with default jeys and key mappn gjeys simultaneously. When the AP sends or receives a frame, it looks in the key table to see whether there is a matching MAC entry for the station. It there is, it uses the key mapping key. Otherwise, it use the default key (that's why it called).
(1) fixed length - usually 40 bits or 104 bits. (for the latter case, vendor touted that the solution is 128bits because the protocol will add a 24bit Initialization Vector to form the full key)
(2) Static - no changes except by reconfiguration
(3) Shared - AP and station have the same key(s)
(4) Symmetric - same key used to encrypt and decrypt data
There are 2 approaches to use WEP keys - Default Keys and Key Mapping Keys.
Default Keys
All station and the APs uses a single set of keys. The standard specifies that there should be 4 default jeys for each devices. Only one default key is needed for security to work. The additional keys are used to ease key change progressively in an environment with many devices. When 2 default keys are defined, all transmissions from AP are encrypted using a single key selected, called the active key. However, received frames (from station) can be decrypted using either of the 2 keys when appropriate. The AP can decrypt data from station that have changed to the new key or those that are yet to be changed.
2 set of default keys further allow the AP and station uses different key set for transmitting. This is called directional key use. The key used by the transmitter is indicated in the KeyID bits in the encrypted frame so the receiver know which key (0 to 4) is used.
Key Mapping Keys
Each station has its own jey value. Not all vendor support this because of the complexity for key configuration and maintenance. Use of different key for each station complicates broadcast. In this case, all multicast traffic is encrypted using a default key that is shared by all stations. Only unicast traffic are sent using the key mapping key.
The challenge for AP is that it has to keep track of muliple key. Another difficuty is to ensure all AP has the same copy of jey table.
AP can operated with default jeys and key mappn gjeys simultaneously. When the AP sends or receives a frame, it looks in the key table to see whether there is a matching MAC entry for the station. It there is, it uses the key mapping key. Otherwise, it use the default key (that's why it called).
802.11 Radio
There are 2 frequency bands for sending IEEE 802.11 datat - 2.4GHz and 5 GHz. The part of the radio that turns biuts into analog is called the modem (or baseband section). The second part is very high frequency electronics to drive the antenna, usually called the radio frequenct (RF) section.
Improvements in modem techniques have resulted in successive version of IEEE 802.11 offerings. The initial 1997 standard provided 2Mbps in the 2.4GHz band. 802.11a increased to 54Mbps in 5GHz due to better modem and medium. 802.11b increased the speed to 11Mbps in 2.4GHz band. 802.11g further increased speeds again in 2.4GHz by more sophisticated modem technique.
Improvements in modem techniques have resulted in successive version of IEEE 802.11 offerings. The initial 1997 standard provided 2Mbps in the 2.4GHz band. 802.11a increased to 54Mbps in 5GHz due to better modem and medium. 802.11b increased the speed to 11Mbps in 2.4GHz band. 802.11g further increased speeds again in 2.4GHz by more sophisticated modem technique.
Stream Cipher and Block Cipher
Stream cipher takes a sequence of bytes and produce a stream of ciphertext. A block cipher handles a single block of data at a time. Stream cipher is like a sausage machine while block cipher is like a bakery. A distinction between the 2 cphers is that the internal state of a stream cipher is continuously updated as data is processed. by contract, the state of a block cipher is reset for each block prior to processing.
Monday, January 9, 2012
Infrastructure mode operation
The AP (access point) advertises its presence by transmitting short wireless message at regular interval, typicall 10 times per second. The short message is called beacon which allow the STA (station) to discover the identify of the AP.
A STA will start to search fo an AP after start up initialization phase. There are a number of radio frequencies (called channels) that could be used and so the STA must tune in each channel in turn to discover the beacons. This process is called scanning. Alternatively, the STA may send a probe request message for in-ranged AP to response. Probing is also used for roaming.
When the STA is ready to connect to the AP, it first sends an authenticatae request message to the AP. The AP will reply with an authenticate response indicating acceptance. This give permission for the STA to connect.
The STA then issues an association request to connect. AP will response with an association response to complete the connection.
Durig roaming scenario, the STA choose to move from one AP to another. The STA will first send the old AP a disassocation message and reconnect to the new AP using a reassociation message. The reassociation message has information about the old AP to allow the new AP to talk to the old AP to confirm roam has taken place.
A STA will start to search fo an AP after start up initialization phase. There are a number of radio frequencies (called channels) that could be used and so the STA must tune in each channel in turn to discover the beacons. This process is called scanning. Alternatively, the STA may send a probe request message for in-ranged AP to response. Probing is also used for roaming.
When the STA is ready to connect to the AP, it first sends an authenticatae request message to the AP. The AP will reply with an authenticate response indicating acceptance. This give permission for the STA to connect.
The STA then issues an association request to connect. AP will response with an association response to complete the connection.
Durig roaming scenario, the STA choose to move from one AP to another. The STA will first send the old AP a disassocation message and reconnect to the new AP using a reassociation message. The reassociation message has information about the old AP to allow the new AP to talk to the old AP to confirm roam has taken place.
Wireless LAN modes
Access point is similar to hub or switch in a wired LAN. When IEEE 802.11 systems work through an access point, it is called to be operating in infrastructure mode because access point is coordinating the WiFi LAN from a fixed point and often providing a connection to wired network.
Wireless devices can also transmit directly to any other. It is intended for group of people wanted to share information anywhere anytime on ad hoc basis. This set up is thus called ad-hoc mode.
Wireless devices can also transmit directly to any other. It is intended for group of people wanted to share information anywhere anytime on ad hoc basis. This set up is thus called ad-hoc mode.
Monday, January 2, 2012
Symmetric Multithreading (SMT) or Hyperthreading
A processor with hyperthreading looks like multiple CPU to the OS. They are not true multicore machine as SMT CPU shares most of the on-chip resources and contends for each other. Each logical processor has its own register set and instruction pipeline only. It shares the on-chip cache, MMU, TLB and all other execution units. Therefore, the SMT CPU cannot process instruction twice as fast as a multicore machine.
SMT is an opportunity for parallelism unique to CISC processor. Because the pipeline is deeper in CISC, the effect of stall is more significant. Providing multiple pipelines help to reduce stalling.
Hyperthreading gets its name because it is more effective at accelerating multithread software. Thread, unlike process, shares memory and page table entries which make them optimal to distribute across logical CPUs. Because there is only one MMU on a SMT CPU, threads experience more of a performance boost than processes do.
Database Driver Architecture
(1) Bridge
app <-> bridge <-> DB driver <-> database
Use to bridge between an existing database connectivity standard and a new one. For example, a JDBC/ODBC bridge driver presents Java call interface to the program but translate the call to ODBC standard. These are also called JDBC type 1 drivers which are often not desirable because they often constrain by the existing driver (ODBC) and thus cannot implement the new standard (JDBC) fully. These driver also possess security risk and performance constrain under high load.
(2) Database Client-Based
app <-> DB driver <-> client software <-> database
The driver communicate through the database client software (e.g. Oracle NETx, Sybase OpenClient). Many ODBC drivers and ADO.NET data providers uses this architecture. In JDBC, this is classified as type 2 driver and is generally not desirable. The disadvantages are:
(a) Management overhead to maintain client software in all client platforms
(b) Functional and quality constrain of the client software to the driver
(c) For ADO.NET, the need to transit to unmanaged code in client software
(3) Database Wire-Protocol
app <-> DB driver <-> database
JDBC drivers using this architecture are called type 4 driver. The driver generates the required wire protocol calls (e.g. DB2 uses DRDA) to communicate directly with the database. Performance is optimal. For Java and .NET, because the driver does not need to call the client software, the DB calls are executed in fully managed code.
(4) Independent Protocol
app <-> DB driver client <-> DB Driver Server <-> database
These drivers translate the standard based API calls into a database independent protocol, which is then translated to the database wire protocol by a server. In JDBC, this is known as type 3. This architecture can provide advanced feature (e.g. security or encryption), connect to varies set of database source (e.g. VSAM) and central management and monitoring capability.
app <-> bridge <-> DB driver <-> database
Use to bridge between an existing database connectivity standard and a new one. For example, a JDBC/ODBC bridge driver presents Java call interface to the program but translate the call to ODBC standard. These are also called JDBC type 1 drivers which are often not desirable because they often constrain by the existing driver (ODBC) and thus cannot implement the new standard (JDBC) fully. These driver also possess security risk and performance constrain under high load.
(2) Database Client-Based
app <-> DB driver <-> client software <-> database
The driver communicate through the database client software (e.g. Oracle NETx, Sybase OpenClient). Many ODBC drivers and ADO.NET data providers uses this architecture. In JDBC, this is classified as type 2 driver and is generally not desirable. The disadvantages are:
(a) Management overhead to maintain client software in all client platforms
(b) Functional and quality constrain of the client software to the driver
(c) For ADO.NET, the need to transit to unmanaged code in client software
(3) Database Wire-Protocol
app <-> DB driver <-> database
JDBC drivers using this architecture are called type 4 driver. The driver generates the required wire protocol calls (e.g. DB2 uses DRDA) to communicate directly with the database. Performance is optimal. For Java and .NET, because the driver does not need to call the client software, the DB calls are executed in fully managed code.
(4) Independent Protocol
app <-> DB driver client <-> DB Driver Server <-> database
These drivers translate the standard based API calls into a database independent protocol, which is then translated to the database wire protocol by a server. In JDBC, this is known as type 3. This architecture can provide advanced feature (e.g. security or encryption), connect to varies set of database source (e.g. VSAM) and central management and monitoring capability.
Subscribe to:
Posts (Atom)