The Open Systems Interconnection (OSI) model is a framework that standardizes the functions of a telecommunication or computer system into seven different layers. The model is widely used across technical fields to understand how networking protocols and technologies work together to enable data transmission and communication.
Below are the different layers of the OSI model, the primary functions they perform and their relevance to network security.
Application Layer
The application layer is the interface between the user and the communication system. It is responsible for providing networking services for various applications, like email, file sharing, or web browsing. This layer essentially is where applications can access the network services.
Common OSI Application Layer protocols include:
- File Transfer Protocol (FTP)
- Simple Mail Transfer Protocol (SMTP)
- Domain Name System (DNS)
- Secure Shell (SSH)
Presentation Layer
The presentation layer is responsible for translating or converting the data format between different devices, allowing them to understand each other’s data. This layer also deals with data encryption and decryption, which is an essential aspect of network security. This layer ensures that data is in a useable format and is where encryption occurs.
Data will flow through a network as packets of code, often encrypted, through networks. The presentation layer will deal with the below:
- Data conversion
- Character code translation
- Data compression
- Encryption and decryption
To send text across a network, the characters of the alphabet convert via a character coding system, such as the ‘American Standard Code for Information Interchange (ASCII)’ or Extended Binary Coded Decimal Interchange Code (EBCDIC)’ that is then encrypted and compressed and sent over the network. On the receiving end, the process reverses.
Session Layer
The session layer manages sessions, which are continuous connections between devices. It establishes, maintains, and terminates connections between devices while ensuring proper synchronisation and data exchange between the communication devices.
Common OSI session layer protocols include:
- Remote Procedure Call Protocol (RPC)
- Point-to-Point Tunnelling Protocol (PPTP)
- Session Control Protocol (SCP)
- Session Description Protocol (SDP)
A common session type is when an internet user visits and browses a website for a specific period. Other examples include APIs, Sockets, and WinSock.
Transport Layer
The transport layer is a charge of ensuring error-free and reliable data transmissions between devices. It achieves this by managing flow control, error checking, and data segmentation. This layer also establishes connections between devices and manages data transfer using protocols like Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
Some of the essential functions of this layer include:
- Error control, flow control, and congestion control are ways to keep track of data packets, check for errors and duplication, and then re-send if there is an error or failure.
- Service-point addressing ensures that data is delivered to the correct protocol, identified by a port number.
- Packet segmentation and reassembly are processes for dividing data and sending it sequentially, then rechecking it at its destination for integrity and accuracy.
Network Layer
The network layer manages the routing of data packets between devices on a network, independent of the physical connection medium. It identifies the most efficient path to transmit data from the source to the destination and assigns logical addresses (IPv4 and IPv6) to devices within the network.
This layer optimizes data routing through the quickest or most efficient physical path, bypassing traffic controls, congestion, broken links, and prioritizing services. It manages addressing logic to differentiate between source and destination networks, splitting data into packets for transmission and reassembling them upon arrival.
The network layer is where DDoS attacks frequently emerge as a significant threat. These attacks target the processing capacity of network infrastructure by inundating it with excessive junk data and connection requests.
Data Link Layer
The data link layer is responsible for creating a reliable link between two devices on a network. It establishes communication between devices by dividing the data into frames (small data units) and assigning each frame with a unique address. This layer also offers error detection and correction mechanisms to ensure reliable data transfer.
The OSI Data Link layer has two sublayers:
- The Logical Link Control (LLC) sublayer manages flow and error controls to ensure accurate data transmission between the network devices.
- The Media Access Control (MAC) sublayer manages access and permissions for transmitting data between devices. The function of this sublayer is to manage which device controls a channel.
Physical Layer
The physical layer deals with the physical connection between devices, like cables or wireless signals. It is responsible for transmitting raw data (in the form of bits) between devices over a physical medium, such as copper wires or fibre optical cables.
Elements of the OSI layer model’s physical layer include:
- Hardware, including networking devices, antennas, cables, modems, and intermediate devices such as repeaters and hubs
- Electrical, mechanical, and physical systems, parts, and devices
- Specifications such as cable size, signal frequency, voltages, etc.
- How a network is configured, such as a bus, with devices arranged in a line with many stops, a star, with a central device surrounded by an array of devices, a ring with devices in a connected circle, a mesh of woven interconnections, and more
- Communication modes such as one-way simplex, two-way full duplex, or half duplex, with messages going back and forth, but only one direction at a time
- Data transmission performance, such as bit rate, referring to how much data is moving through a connection at a given time, and bit synchronization to align the clocks of each device for accurate data transmission
- Modulation, switching, and interfacing with the physical transmission medium
- Common protocols for connections, including Wi-Fi, Ethernet, and others
Each of these layers interacts with the adjacent layers to pass data packets back and forth. Understanding the OSI model is crucial for addressing potential security threats and vulnerabilities that can occur at each layer. By implementing strong network security measures at each layer, you can minimize the risk of cyber-attacks and keep your data safe.
References
Muhammad Raza – https://www.bmc.com/blogs/osi-model-7-layers/#data-link
Link11 – https://www.link11.com/en/glossar/osi-model-network-layer/