Webpage Journalism Post Bar know Online disk picture video Map library information purchase Encyclopedias
Baidu homepage
Sign in
register
help
home page
Second encyclopedia
Featured encyclopedia
Knowledge topics
Join Encyclopedia
Encyclopedia team
Authoritative cooperation
Personal Center

Session layer

Announce Upload video
Layer 5 of the OSI reference model
Collection
see My Collection
zero Useful+1
zero
This entry is made by Compilation and application of scientific encyclopedia entries of "Science Popularization China" to examine.
Session layer is built on the transport layer, and uses the services provided by the transport layer to enable applications to establish and maintain sessions, and enable sessions to be synchronized. The session layer uses the checkpoint to enable the communication session to resume communication from the checkpoint when the communication fails. This capability is extremely important for transferring large files. [1]
Chinese name
Session layer
Foreign name
Session Layer
Number of layers
Layer 5 of the OSI reference model

catalog

  1. one OSI
  2. two sketch
  3. three major function
  4. ⑴ Establish connection between conversation entities
  1. (2) Data transmission stage
  2. (3) Connection release
  3. four other
  4. five Session hijacking and security
  1. session hijacking
  2. Block and detect session hijacking

OSI

Announce
edit
Open System Interconnection (OSI for short) is an open reference model for the interconnection of traffic systems. It is a well-defined protocol specification. The OSI model has seven layers, and each layer can have several sub layers. The seven layers of OSI, from top to bottom, are 7 application layers, 6 presentation layers, 5 session layers, 4 transport layers, 3 network layers, 2 data link layers, 1 physical layer. The upper layers, that is, layers 7, 6, 5, and 4, define the functions of applications. The lower three layers, that is, layers 3, 2, and 1, mainly target end-to-end data flows through the network. [1]

sketch

Announce
edit
Session layer, Presentation layer The application layer constitutes the upper three layers of the open system, providing distributed processing, dialog management, information representation, and recovery of final errors for application processes The session layer is also responsible for the application process service requirements Transport layer The part of the work that cannot be completed will fill in the functional gap of the transport layer. The main function is dialogue management, data stream Synchronize and resynchronize. To complete these functions, a large number of service unit function combinations are required, and dozens of functional units have been formulated. If you want to remember the fifth level with as few words as possible, that is "dialogue and conversation".

major function

Announce
edit

⑴ Establish connection between conversation entities

To establish a session connection for two peer-to-peer session service users, you should do the following
① Map session address to shipping address
② Select the required transport quality of service parameters (QOS)
③ Negotiate session parameters
④ Identify each session connection
⑤ Transmit limited transparent user data

(2) Data transmission stage

This stage is to realize organized and synchronous data transmission between two session users. The user data unit is SSDU, and the protocol data unit is SPDU. The data transmission process between session users is to convert SSDU to SPDU

(3) Connection release

The connection release is to release the session connection through "orderly release", "abandonment", "limited transparent user data transmission" and other functional units.
The session layer standard defines 12 functional units in order to enable functional negotiation during the session connection establishment phase and facilitate reference and reference of other international standards. Each system can select other functional units to form a reasonable session service subset based on the core functional service unit according to its own situation and needs. [2]

other

Announce
edit
The main standards of the session layer are "DIS8236: Session Service Definition" and "DIS8237: Session Protocol Specification"
The session layer allows users on different machines to establish session relationships. The session layer performs similar operations in sequence Transport layer In some cases, it also provides some useful enhanced services. Users are allowed to log on to the remote time-sharing system with one session, or transfer files between two machines. One of the services provided by the session layer is to manage dialog control. The session layer allows information to be transmitted in both directions at the same time, or only in one direction at any time. If it belongs to the latter, similar to the half duplex mode on the physical channel, the session layer will record which party is in turn at this time. A service related to dialog control is token management. It is important that some agreements ensure that both parties cannot perform the same operation at the same time. In order to manage these activities, the session layer provides tokens, which can be moved between the two sides of the session, and only the party holding the token can perform some key operations. Another session layer service is synchronization. If two machines briefly transfer files for two hours on a network with an average of one major failure per hour, what would happen? The file has to be retransmitted after every transmission failure. When the network fails again, it may give up halfway. To solve this problem, the session layer provides a way to insert synchronization points into the data. Every time the network fails, only the data after the last synchronization point is retransmitted (this is actually the principle of breakpoint download).

Session hijacking and security

Announce
edit

session hijacking

Because the session layer transmits data, session hijacking may occur when a session occurs. Session hijacking occurs when an attacker attempts to take over a TCP session established between two computers. The basic steps of session hijacking include: finding the session, guessing the serial number, forcing the user to drop the line, and taking over the session. The purpose of session hijacking is to steal an authorized connection from an effective system. If the hacker succeeds, he can execute local commands. If he hijacks a privileged account, the hacker has the same access rights as the privileged user. The reason why session hijacking is so dangerous is that it allows you to control existing accounts, which makes attacks almost traceless. Two tools that can be used for session hijacking are Ettercap and Hunt.

Block and detect session hijacking

There are two main mechanisms to solve the hijacking problem: blocking and detection. Blocking methods include limiting the number of connections that arrive, and configuring the network to reject packets from the Internet that are claimed to come from local addresses.
Encryption can also help. If you must allow connections from external trusted hosts, use Kerberos or IPsec for encryption. FTP and Telnet are quite fragile. We need to use more secure protocols. SecureShell (SSH) is a good choice. SSH establishes an encrypted channel on the local and remote hosts. The use of IDS or IPS systems can improve detection. Using switches, security protocols such as SSH, and more random initial serial numbers will increase the difficulty of session hijacking.
Novice on the road
Growth task Getting Started with Editing Edit Rule Edit by myself new
I have questions
Content query Online Service Official post bar Feedback
Complaints and suggestions
Report bad information Failed to appeal through entries Complaint of infringement information Blocking query and unblocking

© 2024 Baidu  Read Before Using Baidu  |  Encyclopedia protocol  |  Privacy Policy  |  Baidu Encyclopedia cooperation platform  |  Jing ICP Certificate No. 030173

Jinggong Network Anbei No. 1100000200001