FTP (File Transfer Protocol)

From Clinfowiki
Jump to: navigation, search
Overview

File Transfer Protocol (FTP) is a commonly used protocol for transferring files over a network or the internet. FTP is based on a client-server architecture where separate control and data connections are used to facilitate file transfers between the client and the server. [1]

History

FTP has had a long history, starting in 1971 when it was first proposed at M.I.T. as (RFC 114) for use with ARPANET. A number of iterations followed over the years building upon initial protocol which used the Network Control Protocol (NCP) until in 1980 RFC 765 transitioned it to be used on the Transport Control Protocol (TCP) it uses today. The current version in use today is RFC 959, and was established in 1985. [2]

Usage

Since FTP uses a client-server architecture there is a server running which accepts connections and commands from a client as well as stores files in its file system. When a client connects to a server a control connection is established and FTP commands are sent to the server, and the server in turn interprets those commands and issues replies back to the client. When commands are sent to initiate the transfer a files a data connection is established to facilitate the transfer.[3] Typically control connections use the TCP port 21 and data transfer uses TCP and UDP port 20. [4] Prior to graphical user interface based operating systems FTP servers and clients were text based, but now there are many robust FTP servers and clients available which facilitate the issuance of commands and data transfer.

Security

The most common type of authentication used by FTP is by user using a unique username and password combination passed as clear text. While anonymous authentication is allowed it is less common and is usually only used in select circumstances. For additional security FTP supports encrypted sessions using an extension of the FTP standard called Explicit FTPS. Explicit FTPS allows the client to request the session be encrypted using Transport Layer Security (TLS). Once the request is received the server can either accept or deny the encryption request, and if accepted it must step up to an agreed encryption method. [5] In healthcare whenever clinical information is being transferred this is the method which should be used.

References

  1. FTP http://en.wikipedia.org/wiki/File_Transfer_Protocol
  2. RFC 959 http://www.w3.org/Protocols/rfc959/2_Overview.html
  3. The FTP Model http://www.w3.org/Protocols/rfc959/7_Scenario.html
  4. List of TCP and UDP port numbers http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
  5. FTPS http://en.wikipedia.org/wiki/FTPS#Explicit