Cybersecurity in Web Data Flow
Understanding the data flow when accessing a website involves multiple steps, from connecting to the internet to displaying the webpage. This guide breaks down the process using the client-server model, focusing on key cybersecurity aspects.
Key Points
- Internet Access: Connecting to a Wi-Fi network involves identifying the SSID, authenticating with WPA2/WPA3, and configuring IP via DHCP.
- DHCP Configuration: Ensures the device has a valid IP address for local network communication.
- DNS Resolution: Converts domain names to IP addresses.
- Data Encapsulation: Prepares data for transmission using the OSI/TCP-IP model.
- NAT Translation: Converts private IP addresses to public IP addresses for internet communication.
- Server Response: The server processes the request and sends back the webpage data.
- Data Decapsulation: The device extracts and displays the webpage content.
1. Accessing the Internet
When a user connects to the internet via a wireless local area network (WLAN), the following steps occur:
Steps
- Identify the correct wireless network/SSID.
- Authenticate using WPA2/WPA3 with the correct password or credentials.
- Establish the connection and configure IP using DHCP.
2. Verifying Local Network Configuration (DHCP)
Before sending a request to access a website, the system ensures a valid IP address is available for the local network.
| Steps | Description |
|---|---|
| IP Address Assignment | If the device lacks an IP address, it requests one from the DHCP server. |
| DHCP Acknowledgment | The DHCP server assigns a private IP address (e.g., 192.168.1.10) and other configuration parameters like subnet mask, default gateway, and DNS server. |
3. DNS Resolution
The device needs to find the IP address of the website (e.g., www.example.com).
| Steps | Description |
|---|---|
| DNS Request | The device sends a DNS request to a DNS server. |
| DNS Response | The DNS server resolves the domain name and returns the IP address (e.g., 93.184.216.34). |
4. Data Encapsulation and Local Network Transmission
With the destination IP address, the device prepares data for transmission using the OSI/TCP-IP model.
| Steps | Description |
|---|---|
| Application Layer | The browser creates an HTTP (or HTTPS) request for the webpage. |
| Transport Layer | The request is encapsulated in a TCP segment with source and destination ports (default HTTP port 80, HTTPS port 443). |
| Internet Layer | The TCP segment is placed in an IP packet with source (private IP) and destination (server IP) addresses. |
| Link Layer | The IP packet is placed in an Ethernet or Wi-Fi frame with MAC addresses. |
The device then consults its ARP table or sends an ARP request to find the gateway's MAC address and sends the frame to the router.
5. Network Address Translation (NAT)
The router processes the IP packet and performs NAT.
- Replaces the private IP (e.g., 192.168.1.10) with its public IP (e.g., 203.0.113.45).
- Forwards the packet to the ISP's network, which routes it to the destination IP (e.g., 93.184.216.34).
6. Server Receives Request and Responds
Upon reaching the destination network, the server's firewall checks if the traffic is allowed.
- If permitted, the request is forwarded to the web server (e.g., Apache, Nginx, IIS).
- The web server processes the request, prepares the webpage, and sends it back.
The response follows a similar path in reverse, with the server's IP as the source and the router's public IP as the destination. The router performs NAT to redirect the packet to the device's private IP.
7. Data Decapsulation and Display
The device receives the response and extracts the data.
- Removes the Ethernet/Wi-Fi frame, IP header, and TCP header.
- The browser reads the HTML/CSS/JavaScript and displays the webpage.