The Open Systems Interconnect or OSI network model is a networking model based on seven layers of information security. Each layer provides a distinct and redundant protection to provide solutions and prevention to security problems and potential risks associated with data intrusion, manipulation, destruction and manipulation. Data networking and the protection of that network is an ever increasing realm of focus due to the amount and criticality of information that passes across information system networks every minute of every day. With the ability to access information from a computer terminal presents many opportunities for communication but also provides many opportunities for inherent risks by allowing information to fall into the wrong hands. The ability to protect the network utilizing the OSI seven layer model includes the following layers: Physical, Data Link, Network, Transport, Session, Presentation and Application layers (SANS Institute 2003).
The physical layer is just that, a physical communication between one point in the network and another. This is a critical point of the network because without this layer communication would fail prior to being initiated. The physical layer’s security is based on fairly rudimentary means of security such as placing the hardware behind locked doors and limited access of personnel. The Data link layer involves how information is obtained and transmitted between stations on the network. This layer has been taken advantage of with the advent of the wireless network and lax protocol on security measures of administrators. The other layers in the system were thought to have protected the packet transmissions but hackers and other individuals found ways to take advantage of the situation creating risk in the network. The next layer is the actual network. The network determines when and what path the information travels to get to the intended destination. Layer three goes through a firewall which is intended to provide security but once the transmission leaves this area and travels it becomes exposed to spoofing and other means of data interference and solicitation. Layer four or transport layer. This layer packages the data from the other layers and prepares them from movement across the network. The goal of the transport is to package the data and deliver it intact at its intended destination with high reliability of data integrity. The risk associated with the transport is overuse of ports for sharing and hostile environments over the internet that was not calculated into the transmission of the packets (Kizza, 2010).
Layer five is the session layer. This layer organizes the data into logical flows and provides guidance on access and accessibility of the information. This layer also controls the rate of flow through the application layer. The overall objective is to control the access to the higher level applications. Layer six is the presentation layer. This layer standardizes the data and acts as an interface between hosts. It can encrypt, format and convert data from one host to the other so data is recognizable and useful. The last layer of the seven layer OSI model is the application layer. This is the high level functions of the programs utilizing the network. The application’s security is reliant on the basic functionality and built-in security measures of the actual application. There are also risks with developers that created backdoors to programs or shortcuts to bypass security measures which all provide an additional risk to the overall security of the network from the first to the last layer (Kizza, 2010).
The importance of the first layer which is the physical layer and the last layer being the application layer could use some review. The first layer receives little or no attention and complacency could detract from the importance of protection. The need for security measures and role based access control are important to protect the manipulation of the physical network and all its attributes. This is important because it can be somewhat difficult to detect a physical risk until it has already occurred and troubleshooting could be difficult due to the nature of the risk. The application layer must is also an area that should be monitored and controlled due to the nature of the implementation. The network security administrator does not have control over how the application is designed or coded so the inherent vulnerabilities built into the system could pose a risk for the entire network. This needs to be addressed and the vulnerabilities need to be documented and brought to the attention of the network administrators and IT security teams so they can have the information to prepare for potential risks. It is also important to vary communication methods and not to create a pattern that could be identified and utilized by outside entities to introduce risks to the system. Different telecommunication hardware and methods provide more ability to provide security measures to potential risks.
Kizza, J. (2010). Computer network security. New York, NY: Springer Science Business Media.
SANS Institute. (2003). Applying the OSI seven layer network model to information security. Found: http://www.sans.org/reading_room/whitepapers/protocols/applying-osi-layer-network-model-information-security_1309