Abstract The Open Systems Interconnect (OSI) model is a standard reference model for the communication between two end users. Seven different layers make up the OSI model: physical, data link, network, transport, session, presentation, and application. This paper will cover the type of security that is associated with each level of the OSI model. Physical Layer The physical layer is where the actual communication occurs between devices. The security of the physical layer pertains to the actual hardware. The vulnerabilities of the physical layer include: Power outage Environmental control loss Hardware theft, damage or destruction Unauthorized hardware changes (i.e.; removable media, data connections) Detachment of the physical data links Unnoticeable Data Interception Keystroke Logging Certain measures can be implemented to ensure the physical layer is secure. This would be done by storing all hardware in a locked environment. The use of electronic locks would control and log all access to the room containing the hardware. The electronic locks could be a PIN and password or fingerprint scanner (biometrics). The use of video and audio surveillance would provide physical proof of unauthorized access that could compromise the hardware. Data Link Layer The second layer of the OSI model is the data link layer. This is the layer that transports the data between network nodes in a wide area network (WAN) or on the same local area network (LAN) between nodes. The data link layer makes available the procedural and functional means to move data between network devices and could provide the measures to find and possibly correct errors that may occur in the physical layer. The security vulnerabi... ... middle of paper ... ...on. This is to stop any unauthorized use of the network. Conclusion In conclusion, the information covered in this paper shows the different types of security that is associated with each level of the standard OSI model. From the physical layer to the application layer, each layer has a different type of security which must be applied at each layer to prevent any security leaks, spoofing, and infinite loops. These are just a few of the different vulnerabilities that must be protected on a WLAN or LAN. References Reed (November 21, 2003). Applying the OSI seven layer model to Information Security. Retrieved on January 11, 2008, from SANS Institute. Website: http://www.sans.org/reading_room/whitepapers/protocols/1309.php Haden (2008). The OSI Model. Retrieved on January 11, 2008, from Data Network Resource. Website: http://www.rhyshaden.com/osi.htm
In this section we investigate attacks and threats to our primary devices. These attacks and threats are built off of the vulnerabilities the previous section and help to determine which security controls would be most valuable against future attacks.
On 5 October 2009, computer equipment from a network data closet was stolen from BCBST. The items stolen were 57 unencrypted hard drives which contained over 300,000 video recording and over one million audio recordings. According to Whitman & Mattord (2010), confidentiality, integrity, and availability makes up the C.I.A triangle which is the basis of Committee on National Security model for information security, an industrial standard, (Whitman & Mattord, 2010). Confidentiality can be a synonym for encryption but also means only the people with the correct permission can access the information. One of the major security issue is the hard drives were not encrypted. The hard drives should be encrypted to prevent people from reading the information the computer. Software can be purchased which will encrypt files on hard drive with such as Folder Lock, SensiGuard, Secure IT, and more. There are open source encrypting software which are free for use which could have been used. If the hard drives were not needed, the data should hav...
Security is a wide concept, it is a separated subject with its own theories, "which focus on the process of attack and on preventing, detecting and recovering from attacks" (William 1996). Certainly, these processes should be well organized in coping with the complex system issues. A coherent approach should be taken, which builds on established security standards, procedu...
Winter, J., & Dietrich, K. (2012). A hijacker's guide to communication interfaces of the trusted platform module.
It also provide MAC addresses. Every MAC address is unique and it belongs to that particular device. The data link layer is responsible for the means to send out data over the physical layer (Tetz, 2011). Without the data link layer of the OSI devices would not have this unique address that identifies them, as well as not having a means to send out data of the physical layer. The Physical and Data Link layer walk hand in hand in the OSI Model and cannot work without the other.
Back in the 1980's, when all music sucked and men dressed like fags, a bunch of sissy Europeans got together in a passionate effort to overstandardize computer networking. They created this thing called the Open Systems Interconnection (OSI) networking suite. Anyone who has taken a CS (Computer Science) or CIS (Computer Information Systems) course knows this; they cram this fact down the student's throat from day freaking one. It is only when the student enters the real world do they realise that the OSI seven layer model is a sham.
The Open Systems Interconnection Model is a conceptual model describing how any combination of devices can are connected for the purpose of network communication and troubleshooting (Panko & Panko, 2015). Comparing the OSI model’s layers to the levels of application security will shed light on application vulnerabilities.
The OSI network reference model was developed by the International Organization for Standardization (ISO) to facilitate communication between networks by keeping certain standards open rather than proprietary (Serpanos & Wolf, 2011). Each layer is stacked with the physical layer as the lowest and the application layer as the highest and one can think of each layer as containing stacks of protocols that make network communications function (Serpanos & Wolf, 2011). A protocol is a set of rules written in a common language that allows computers to communicate with each other. Each communication network is a node and the corresponding layer on each node communicates with each other.
Security is often seen as exclusive requirement in networking, providing security is an important issue. A lot of problems are there so a lot of security measures should be provided. Security is more important than ever before due to many reasons. When a network is implemented poorly, security threats and ...
It has been demonstrated that a number of interoperable systems must be implemented to fully protect a network; a strategy known as Defense in Depth. Due to the multitude of security devices and device categories available, it can be very difficult to identify the correct tools for meeting security goals. Using the Defense in Depth strategy will require an understanding of the interactions between devices occuring within the network.
This memorandum will attempt to explain the Open Systems Interconnection Model, known more simply as the OSI Model. The OSI Model has seven levels, and these levels will be discussed in detail. Particular mention will be made to which level TCP/IP functions with the OSI Model.
OSNs are more vulnerable than any other web application because of the great amount of personal information they get. In fact, vulnerability is a weakness that allows the attacker to compromise the integrity, confidentiality and availability of the system. This vuln...
There are number of different models proposed as framework for information security but one of the best model is McCumber model which was designed by John McCumber. In this model the elements to be studied are organized in a cube structure, in which each axis indicates a dissimilar viewpoint of some information security issue and there are three major modules in each axis. This model with 27 little cubes all organized together looks similar like a Rubik's cube. There are three axes in the cube they are: goals desired, Information states, and measures to be taken. At the intersection of three axes you can research on all angles of an information security problem.
ErrealMedia (2010) Network standards OSI Reference Model; History of OSI Model; OSI Layers in Action http://www.erealmedia.com/cms125/