UNIT-IV(Part-2)

HTTP (Hypertext Transfer Protocol)

HTTP (Hypertext Transfer Protocol) is a fundamental protocol of the Internet, enabling
the transfer of data between a client and a server. It is the foundation of data
communication for the World Wide Web.
HTTP provides a standard between a web browser and a web server to establish
communication. It is a set of rules for transferring data from one computer to another. Data
such as text, images, and other multimedia files are shared on the World Wide Web.
Whenever a web user opens their web browser, the user indirectly uses HTTP. It is an
application protocol that is used for distributed, collaborative, hypermedia information
systems.

History of HTTP
 Tim Berners-Lee and his team at CERN are indeed credited with inventing the original
HTTP protocol.
 HTTP version 0.9 was the initial version introduced in 1991.
 HTTP version 1.0 followed in 1996 with the introduction of RFC 1945.
 HTTP version 1.1 was introduced in January 1997 with RFC 2068, later refined in RFC
2616 in June 1999.
 HTTP version 2.0 was specified in RFC 7540 and published on May 14, 2015.
 HTTP version 3.0, also known as HTTP/3, is based on the QUIC protocol and is
designed to improve web performance. It was renamed as Hyper-Text Transfer Protocol
QUIC (HTTP/3) and developed by Google.
Methods of HTTP
 GET: Used to retrieve data from a specified resource. It should have no side effects and
is commonly used for fetching web pages, images, etc.
 POST: Used to submit data to be processed by a specified resource. It is suitable for
form submissions, file uploads, and creating new resources.
 PUT: Used to update or create a resource on the server. It replaces the entire resource
with the data provided in the request body.
 PATCH: Similar to PUT but used for partial modifications to a resource. It updates
specific fields of a resource rather than replacing the entire resource.
 DELETE: Used to remove a specified resource from the server.
 HEAD: Similar to GET but retrieves only the response headers, useful for checking
resource properties without transferring the full content.
 OPTIONS: Used to retrieve the communication options available for a resource,
including supported methods and headers.
 TRACE: Used for debugging purposes to echo the received request back to the client,
though it's rarely used due to security concerns.
 CONNECT: Used to establish a tunnel to the server through an HTTP proxy,
commonly used for SSL/TLS connections.

HTTP Request/Response:
HTTP is a request-response protocol, which means that for every request sent by a client
(typically a web browser), the server responds with a corresponding response. The basic
flow of an HTTP request-response cycle is as follows:
 Client sends an HTTP request: The client (usually a web browser) initiates the
process by sending an HTTP request to the server. This request includes a request
method (GET, POST, PUT, DELETE, etc.), the target URI (Uniform Resource
Identifier, e.g., a URL), headers, and an optional request body.
 Server processes the request: The server receives the request and processes it based on
the requested method and resource. This may involve retrieving data from a database,
executing server-side scripts, or performing other operations.
 Server sends an HTTP response: After processing the request, the server sends an
HTTP response back to the client. The response includes a status code (e.g., 200 OK,
404 Not Found), response headers, and an optional response body containing the
requested data or content.
 Client processes the response: The client receives the server's response and processes
it accordingly. For example, if the response contains an HTML page, the browser will
render and display it. If it's an image or other media file, the browser will display or
handle it appropriately.

Features
 Stateless: Each request is independent, and the server doesn't retain previous
interactions' information.
 Text-Based: Messages are in plain text, making them readable and debuggable.
 Client-Server Model: Follows a client-server architecture for requesting and serving
resources.
 Request-Response: Operates on a request-response cycle between clients and servers.
 Request Methods: Supports various methods like GET, POST, PUT, DELETE for
different actions on resources.
Advantages
 Platform independence: Works on any operating system
 Compatibility: Compatible with various protocols and technologies
 Efficiency: Optimized for performance
 Security: Supports encryption for secure data transfer
Disadvantages
 Lack of security: Vulnerable to attacks like man in the middle
 Performance issues: Can be slow for large data transfers
 Statelessness: Requires additional mechanisms for maintaining state
CoAP (Constrained Application Protocol)
The Constrained Application Protocol (CoAP) is a special web transfer protocol that
operates with constrained nodes and networks. These networks are commonly used for
applications such as the Internet of Things (IoT), where devices may have limited
processor, memory, and power resources. CoAP is intended to be simple, low-overhead,
and efficient, making it ideal for machine-to-machine communication.
What is CoAP?
CoAP or Constrained Application Protocol, as the name suggests, is an application layer
protocol that was introduced by the Internet Engineering Task Force in the year 2014.
CoAP is designed for the constrained environment. It is a web-based protocol that
resembles HTTP. It is also based on the request-response model. Based on the REST-style
architecture, this protocol considers the various objects in the network as resources. These
resources are uniquely assigned a URI or Uniform Resource Identifier. The data from one
resource to another resource is transferred in the form of CoAP message packets whose
format is briefly described later. The Client requests for some resources and in response to
that, the server sends some response over which the client sends an acknowledgement.
Although, some types of CoAP do not involve the receiver sending acknowledgments for
the information received.
CoAP Working
Constrained Application Protocol (CoAP) is an application layer protocol designed for
resource-constrained devices and networks, particularly in the context of the Internet of
Things (IoT).
 Client-Server Model: CoAP model is essentially a client/server model enabling the
client to request for service from server as needed and the server responds to client's
request.
 Resource-Oriented: CoAP treats various objects in the network as resources, each
uniquely identified by a URI (Uniform Resource Identifier). Clients can request
information about these resources, and servers provide responses2.
 Methods: CoAP supports several methods similar to HTTP:
o GET
o POST
o DELETE
o PUT
 Asynchronous Messaging: CoAP messages are asynchronous because it uses the User
Datagram Protocol (UDP). Unlike TCP-based protocols, CoAP does not require
acknowledgments for every message, which helps conserve energy in resource-
constrained devices.
 Energy Efficiency: CoAP is designed to minimize energy consumption while
simplifying communication between clients and devices. It achieves this by managing
resources, providing device descriptions, and supporting mechanisms to determine if a
device is powered on or off.
Methods in CoAP
 GET - The get method is used to retrieve resource information identified by the request
URI. In response to GET method success a 200(OK) response is sent.
 POST - The post method creates a new subordinate resource under the parent URI
requested by it to the server. On successful resource creation on the server, a 201
(Created) response is sent while on failure a 200 (OK) response code is sent.
 DELETE - The delete method deletes the resource identified by the requested URI and
a 200 (OK) response code is sent on successful operation.
 PUT - The PUT method updates or creates the resource identified by the request URI
with the enclosed message body. The message body is considered as modified version
of a resource if it already exists at the specified URI otherwise a new resource with that
URI is created. A 200 (OK) response is received in former case whereas a 201 (Created)
response is received in later case. If the resource is neither created nor modified then an
error response code is sent.
The most fundamental difference between CoAP and HTTP is that CoAP defines a new
method which is not present in HTTP. This method is called Observe method. The observe
method is very similar to the GET method in addition with an observe option. This alerts
the server, to send every update about the resource to the client. Therefore, upon any
change in the resource, the server sends a response to the client. These responses could
either be directly sent individually or they can be piggy-backed.
Message Format of CoAP
CoAP messages are encoded in binary-format or 0/1 format. Like other message formats,
CoAP message has a header and a payload section along with an optional section. The size
of CoAP header is 4 bytes or 32 bits. This size is fixed for every CoAP message. Whereas
the other part of message is the optional part which includes payload and tokens of variable
size ranging from 0-8 bytes. The message format of CoAP contains the following fields:
 Version - The size of version field is 2 bits. It represents the version of the CoAP
protocol.
 Type Code - The size of type field is 2 bits. There are four types of messages namely
confirmable, non-confirmable, acknowledgement and reset represented by the bit
patterns 00, 01, 10, 11 respectively.
 Option Count - The size of option count field is 4 bits. These 4 bits, means there could
be a total of 16 possible options in header.
 Code - The size of code field is 8 bits. This indicates whether message is empty, request
message or response message.
 Message ID - The size of message ID field is 16 bits. It is used to detect the message
duplication and types of messages.
 Tokens [Optional] - The size of tokens field is variable which ranges from 0-8 bytes.
It's used to match a response with request.
 Options [Optional] - The options field in CoAP message has a variable size. It defines
the type of payload message.
 Payload [Optional] - Similar to options field, the payload field has a variable size. The
payload of requests or of responses is typically a representation of the requested
resource or the result of the requested action.

CoAP Message Format

CoAP Features
 Lightweight and Simple
 RESTful Architecture
 UDP-Based
 Asynchronous Communication
 Low Header Overhead
 Multicast Communication
 Proxy and Caching
Applications of CoAP
 Real Time Monitoring in Grid - Smart cities can monitor the distribution and
generation of power remotely. The CoAP sensors could be embedded inside the
transformers and the data could be transferred over GPRS or 6LowPAN.
 Defense utilities - The armory and tanks are now-a-days fitted with sensors so that
information could be communicated remotely without any interference. The CoAP
sensors could detect any intrusion. This makes them capable to transfer more data even
under low bandwidth network.
 Aircraft utilities - The Aircraft sensors and actuators could be connected with other
sensors and communication can take place using smart CoAP based sensors and
actuators.
CoAP is a versatile and efficient protocol developed to meet the specific needs of restricted
devices and networks. Due to less overhead and capability to transfer data effectively even
under low bandwidth, CoAP has became a primarily choice for IoT and cloud computing
system architecture. CoAP messages have a fixed size header which is of 4 bytes.
Alongside this, CoAP message format have some optional fields which includes fields like
token, options, and payload. This message format of CoAP is binary encoded in 0/1 format.
XMPP (Extensible Messaging Presence Protocol):
XMPP is a short form for Extensible Messaging Presence Protocol. It’s protocol for
streaming XML elements over a network in order to exchange messages and present
information in close to real-time.
Let’s dive into each character of word XMPP:
 X : It means eXtensible. XMPP is an open-source project which can be changed or
extended according to the need.
 M : XMPP is designed for sending messages in real time. It has very efficient push
mechanism compared to other protocols.
 P : It determines whether you are online/offline/busy. It indicates the state.
 P : XMPP is a protocol, that is, a set of standards that allow systems to communicate
with each other.
These are the basic requirements of any Instant Messenger which are fulfilled by XMPP:
1. Send and receive messages with other users.
2. Check and share presence status
3. Manage subscriptions to and from other users.
4. Manage contact list
5. Block communications (receive message, sharing presence status, etc) to specific users.
Other XMPP features:
Decentralised:
XMPP is based on client-server architecture, i.e. clients don’t communicate directly, they
do it with the help of server as intermediary. It is decentralised means there is no
centralised XMPP server just like email, anyone can run their own XMPP server. Each
XMPP client is identified by JID (Jabber ID).
#JID
{
user,
server,
resource
}
For example, I’m a whatsApp user and I’m identified by my mobile number, so
user = "87xxxxx790"
server = "whatsapp.com"
resource = "mobile"
JID : "87xxxx790@whatsapp.com/mobile"
resource is used in case the application support mobile as well as desktop or web
application, so it can be optional in case a Instant Messenger Application support only
single kind of resource.
XMPP implementation:
The original protocol for XMPP is Transmission Control Protocol using open ended XML
streams over long lived TCP connections. In some cases, there are restricted firewalls,
XMPP(port 5222) is blocked, so it can’t be used for web applications and users behind
restricted firewalls, to overcome this, XMPP community also developed a HTTP transport.
And as the client uses HTTP, most firewalls allow clients to fetch and post messages
without any problem. Thus, in scenarios where the TCP port used by XMPP is blocked, a
server can listen on the normal HTTP port and the traffic should pass without problems.
XMPP Applications:
While vanilla XMPP is very less used, but it’s modified and customised versions is highly
used by applications for managing contact list, online presence in applications like
WhatsApp, Quik Messenger, Zoom, etc.
AMQP is an acronym used for the Advanced Message Queuing Protocol. It is a protocol that
is used for communication between applications. It is a lightweight, protocol that supports the
applications for data transfer. This protocol is used for its scalability and modularity with the
technologies.

AMQP working

Components of AMQP

 Exchanges: The exchange is responsible for fetching messages and properly

arranging them in the appropriate queue

 Channel: A channel is a multiplexed virtual connection between AMQP peers that is

built into an existing connection.

 Message Queue: It is a unique entity that connects messages to their resources or

points.

 Binding: Bindings are a set of predetermined instructions for queuing and

exchanging. It manages message transmission and delivery.

 Virtual Host: Vhost is a platform that provides isolation capabilities within the
broker. Multiple vhosts may be functional at the same time, depending on the users
and their access rights.
Layers of AMQP

 Function Layer: The function layer handles basic file transfer transactions, message
queues, access, and control streaming.

 Transport layer: Framing content data representation and error management.

Difference Between AMQP and HTTP

Basis AMQP HTTP

Advanced Message Queuing

Full Form Hyper Text Transfer Protocol.
Protocol.

It was developed by JPMorgan It was developed by Tim

Developed by
Chase. Berners-Lee.

Communication It has asynchronous It has synchronous

Nature communication nature. communication nature.

It is user centric and it can be

Usage It is easy to setup and manage. used in every aspect.

It has no guarantee for

Message Delivery It has guaranteed message delivery. message delivery.

It provides publish/subscribe It provides point to point

Interface
interface. interface.

HTTP protocol is not capable

AMQP protocol can bear the server
Fault Tolerance to react to the server
broke issue on its own. breakdown issue.

It has the property It does not has this capability

Segmentation of segmentation and can process to treat each message as
messages into slots. segments.

It is general purpose protocol

Protocol It is specific protocol used for and is used for multiple
Characteristics specific purposes. purposes.

It is fast, flexible and cost effective It is well known, efficient and

Advantages protocol. multi-purpose protocol.
MQTT is a simple and lightweight messaging protocol. It’s designed for devices in the
Internet of Things (IoT) world, where communication needs to happen with minimal power,
low bandwidth, and even when the network is unreliable. Think of it as a way for tiny devices
to talk to each other efficiently.
Instead of connecting devices directly, MQTT uses a publish-subscribe model. This setup
works well in situations like home automation or sensor networks, where many devices need
to share data.
How MQTT Works
In MQTT, there are three main players:
1. Publisher: A device that sends data (like a temperature sensor).
2. Subscriber: A device that receives data (like your phone displaying the temperature).
3. Broker: The middleman that makes everything work. It receives messages from
publishers and sends them to the right subscribers.
Here’s how it works:
 Publishers send data (like temperature or humidity readings) to the broker under
specific topics (like home/kitchen/temperature).
 Subscribers tell the broker what topics they’re interested in (e.g.,
home/kitchen/temperature).
 The broker ensures that all subscribers get the right data without publishers and
subscribers directly talking to each other.
Key Features of MQTT
1. Lightweight and Efficient:
o Perfect for low-power devices with limited internet.
o Uses minimal bandwidth and sends small data packets.
2. Publish-Subscribe Model:

o No direct connection needed between devices.

o The broker manages all communication.
3. Quality of Service (QoS):
o Ensures messages are delivered reliably, even with a weak network.
o You can choose from three levels:
 0: At most once (no guarantees).
 1: At least once (might be repeated).
 2: Exactly once (guaranteed, no duplicates).
4. Retained Messages:
o Brokers can store the last message on a topic so new subscribers instantly get
it.
5. Last Will and Testament (LWT):
o Devices can set a "goodbye" message to be sent if they unexpectedly
disconnect.
6. Security:
o Encryption through SSL/TLS for safe communication.
Advantages of MQTT
 Flexible Communication: Works for one-to-one, one-to-many, or many-to-many
setups.
 Two-Way Communication: Devices can send and receive data at the same time.
  Low Power and Bandwidth Usage: Ideal for small, battery-operated devices.
 Fast and Reliable: Messages are delivered quickly and efficiently.
Disadvantages of MQTT
 Security Depends on SSL/TLS: MQTT itself doesn’t encrypt messages; you need
extra layers for safety.
 Slower Compared to Some Protocols: For example, it’s slower than CoAP in certain
cases.
 Scalability Challenges: Building large, globally connected MQTT networks can be
complex.
MQTT Topics and Wildcards
A topic is like an address where messages are sent. Topics are structured like a folder path:
Example:
home/kitchen/temperature
 home → The house
 kitchen → The room
 temperature → The data
You can use wildcards to make topics more flexible:
1. Single-Level Wildcard (+):
o Stands for one level in a topic.
o Example: home/+/temperature → Matches home/kitchen/temperature,
home/livingroom/temperature, etc.
2. Multi-Level Wildcard (#):
o Stands for all levels from a specific point.
o Example: home/# → Matches home/kitchen/temperature,
home/livingroom/humidity, etc.

Uses of MQTT
 IoT Applications: Smart homes, industrial automation, wearables.
 Real-Time Messaging: Chat apps, live data feeds.
 Home Automation: Centralized control of appliances.
 Remote Monitoring: Fleet management, utilities, agriculture.