OSI Model: A Guide to Securing Network

OSI Model

A Brief History of the OSI Model

In this article we will explore the OSI model and the importance of physical layer security. And the need for robust cybersecurity measures at the physical layer.

The OSI model was development by Hubert Zimmermann during the 1970s. It became the universally recognized framework for network communication and system interconnection, published by the International Organization for Standardization (ISO) in 1980.

The Seven Layers of the OSI Model

The OSI model divides a communication system’s data streams into seven distinct abstract layers. Each layer possesses its own clearly defined function, which in turn interacts with adjacent layers, collectively shaping the OSI communication protocols.

It’s common to see the OSI Model layers listed either from top-to-bottom or bottom-to-top. In this explanation we will be using the latter.

Physical Layer: The Foundation of Network Communication

The OSI model physical layer is where the transmission and reception of raw data take place between devices. Examples of Physical layer devices range from repeaters to hubs. Data units, such as bits, derive from energy in the form of radio waves or electricity. These units are subsequently conveyed through a physical medium, like fiber optic cables or copper wiring. Essentially, this layer manages the physical link connecting a network with its nodes.

It’s crucial to enhance security at this layer to prevent hardware based attacks

Data Link Layer: Managing Local Networks

The OSI model Data Link layer technically consists of two sub-layers. One being Media Access Control (MAC) and the other is Logical Link Control (LLC). At this layer, the system manages access to the physical layer and to local networks. Both sub-layers act and connect bridges to Layers 1 and 2.

The MAC layer transports data between itself and Layer 1, while LLC communicates with Layer 3 (LAN – Network Devices). This establishes the data link between the two sub-layers that use switches and bridges.

Network Layer: Routing Data Across Networks

The OSI model Network layer is comprised of commonly known elements, such as routers and IP addresses. On this layer, the routing of data takes place from one system connected on a LAN to another. Usually, IP protocols (IPv4 and IPv6) determine the most optimal routing paths across a physical network to ensure the delivery of network packets.

Transport Layer: Ensuring Reliable Communication

The OSI model Transport layer is where packet sequencing takes place. Transferred data is broken into segments to allow data packets to be resent or re-sequenced. Layer 4 is also responsible for overall flow control and error detection. Flow control is vital in making sure that the rate of data being sent matches the connection speed of the receiving device. While error detection reaffirms that the data was correctly received. If the receive of data is not confirmed, then error detection will send another request in order to complete the communication.  

The protocols used in Layer 4 are Transmission Control Protocol (TCP), and User Datagram Protocol (UDP). Both of these protocols enable different types of data transmission. TCP is known to be a more reliable method, and UDP prioritizes the speed of data transfer.

Session Layer: Managing Communication Channels

The OSI model Session layer establishes and manages communication channels between devices. Layer 5 is responsible for ensuring uninterrupted data transfer by overseeing the functionality and operation of sessions. In addition to initiating and terminating communication channels, Layer 5 also sets up checkpoints during data transfer, which can aid in resuming a session in case of interruption.

The session layer employs communication types: simplex, half-duplex, and full-duplex. Each of these represents a distinct transmission mode utilized for data communication.

Presentation Layer: Data Formatting and Encryption

The OSI model Presentation layer serves the function of receiving data and presenting it to the application layer. It accomplishes this by making the data comprehensible through processes like compression, encoding, and encryption, enabling its reception on the opposite end. 

Common concepts within layer 6 include known formats such as JPEG, GIF and TIFF.  

Application Layer: End-User Interaction

The OSI model Application layer is the final interface wherein a user and a computer application meet. This is referred to as end-user software. Examples of protocols that take place at Layer 7 are: FTP (File Transfer Protocol), HTTP (Hypertext Transfer Protocol), and DNS (Domain Name System).  

Users interact with end-user software daily, from their web browser to instant messaging.

OSI Model Physical Layer Security with Sepio

Sepio’s patented technology provides visibility and control over assets at the Physical Layer. Mitigating risks and detecting potential threats. Existing cybersecurity solutions do not cover the Layer 1 visibility, and hardware security goes neglected. Hence, network implants, rogue devices, operating on the Physical Layer are not detected. Similarly, spoofed peripherals are identified as legitimate HIDs (Bad USB).

Without physical layer visibility, enterprises are at risk of rogue devices infiltrating their network and conducting harmful hardware based attacks. As Layer 1 is the first of the OSI layers, it is crucial to have adequate physical level security protection. To stop the attacks originating from Rogue Devices at the very first instant, prior to their execution.

See every known and shadow asset. Prioritize and mitigate risks.
Talk to an expert. It will help you understand how to use Sepio’s patented technology to gain control of your asset risks.

November 22nd, 2022