The OSI Model's Role In Building A Secure Network Architecture

Uploaded on 2023-12-05 in TECHNOLOGY--Resilience, FREE TO VIEW

Brought to you by Renelis Mulyandari    
  
The Open Systems Interconnection (OSI) model is a framework that is commonly cited in computer networking and cybersecurity discussions. Interestingly, it was developed by the International Standards Organization (ISO).

It serves as a guide for troubleshooting network problems, as well as in understanding and implementing security measures related to network communication.

While the OSI model is not an essential factor in the operation of networking protocols nowadays, it serves as an important tool in understanding and identifying security risks. It also helps in meaningfully analyzing the capabilities of cybersecurity solutions. The OSI model and cybersecurity share a strong affinity, and this relationship is something organizations should consider exploring as they aim to build secure network architecture.

Layer-by-layer Approach To Security

Before discussing the role of the OSI model in building a secure architecture, it’s important to get acquainted with its layers. Network stacks are not as straightforward as they may seem. They are complex and involve multiple layers. The OSI model pierces into this complexity by providing an abstraction to facilitate a better understanding of the network communication process and its impact on the emergence of security risks, the troubleshooting of problems, and the dynamics of network-layer attacks.

There are seven layers under the OSI model, namely the physical, data link, network, transport, session, presentation, and application layers. These layers present the structure by which data moves regardless of the protocol used. 

As the name suggests, the physical layer is the point where the physical transmission of raw data happens over a physical medium. The data link layer is where raw data is transmitted into frames to be transmitted at the physical layer. The network layer is responsible for routing traffic to its intended destination according to the indicated IP addresses. 

Meanwhile, the transport layer, the first of the so-called host layers, is responsible for managing data transmission between nodes. The session layer, another host layer, is where sessions between nodes are managed and protocol data units (PDU) are handled. Next, the presentation layer translates data from network data into formats that are usable for the destination applications. Lastly, the application layer is where data is served to end users, including the exchange of data between a web server and a client app.

These layers enable network connections in a systematic and standardized manner. They facilitate interoperability for protocols and various network devices. Being familiar with these layers supports the formulation of comprehensive network security solutions.

When More Is Better

The seven layers of the OSI model are notably more than the four (application, transport, internet, and network access) in the TCP/IP model, an older model that approximates the flow of networking protocols. This may appear counterintuitive given the trend of simplification in cybersecurity and tighter technology stacks, but having more layers has the benefit of a better representation of all the functions involved in network communications.

The OSI model provides a more intuitive way of examining network operations, which makes it easier to resolve issues affecting network protocols. The seven layers provide a clearer way to discuss different network-level attacks. Also, it allows the security team to have a more thorough scrutiny of the security of networking protocols. 

The TCP/IP model is a practical representation of the network stack because it presents the layers in a way that is more structurally similar to the network protocols in real-world settings. In contrast, the OSI model is largely an abstraction of actual network protocols. It is a theoretical model that presents descriptions of the different tasks undertaken to enable data transmission.

How The OSI Model Fosters Security

The OSI model serves as a good basis for building a secure network infrastructure. Here’s a quick rundown of how the model influences security considerations.

Layer 1 or the physical layer is viewed as the soft underbelly of cybersecurity. This is because of the various attacks aimed at the hardware or physical devices of a network. These attacks are often overlooked because security strategies often focus on the software side. The OSI model makes it clear that ample attention should be given to defending the physical layer.

On the other hand, the processes at the data link and network layers highlight man-in-the-middle attacks (MiTM). These layers are responsible for routing, addressing, and detecting errors, which can be the subject of eavesdropping or attempts to alter the communication between two parties. As such, it is important to implement security measures such as firewalls, network segmentation, and the use of secure protocols such as IPsec.

When it comes to the transport layer, the biggest concern is the handling of sensitive information. If the data that reaches this layer is not encrypted, it can be easily sniffed or tampered with. That’s why it is crucial to implement encryption here. The use of encryption protocols like Transport Layer Security (TLS) is a must to ensure data confidentiality and integrity while it is in transit.

Layers 5 and 6 or the session and presentation layers are not directly related to security protocols. However, they also demonstrate the importance of indirect security mechanisms. The session layer involves session management tasks such as setup, termination, and reconnections. The presentation layer is about making data usable to the next layer (application). There are no direct security solutions that can be applied to these layers but organizations need to ensure the establishment of properly managed sessions and correct data formatting to prevent attacks that may exploit vulnerabilities involving session and presentation functions.

Lastly, the application layer is the point where user interactions take place. Hence, it is the top priority for security solutions. This is the layer where security mechanisms such as user authentication and authorization are implemented. Also, development teams should pay attention to the code security of the application to make sure that it does not contain weaknesses that threat actors can exploit. 

In-depth Defense

The OSI model encourages the establishment of a security strategy that is robust, comprehensive, and in-depth. By incorporating direct and indirect security tools, measures, and solutions across the seven layers of OSI, organizations can ensure that threat actors will have a hard time spotting opportunities for an attack. 

In a way, the OSI model serves as a foundational framework for network operation and security. Every layer contributes something towards a thorough understanding of network threats and the formulation of suitable and viable solutions.

The cyber threat landscape may evolve ceaselessly, but data transmission and network operation tend to abide by a relatively standardized framework in the long run, so it helps to refer to the OSI model in building a secure network architecture.

Image: bru-no

You Might Also Read

Why DNS Protection Should Be A Crucial Part In Building Cyber Defense:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Trouble At Three
The End Of Crypto Currency »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TWNCERT

TWNCERT

TWNCERT is the National Computer Emergency Response Team of Taiwan.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

ISC2

ISC2

ISC2 is an international, non-profit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

CSIRT-CY

CSIRT-CY

CSIRT-CY is the National Computer Security Incident Response Team for Cyprus.

Ioetec

Ioetec

Ioetec's mission is to connect users to their IoT devices securely, ensuring these devices remain safe to use in our increasingly connected world.

Savanti Consulting

Savanti Consulting

Savanti provides practitioner-led cyber security services tailored to meet each organisation’s unique requirements.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

XioGuard

XioGuard

XioGuard is a managed security service for 360-degree cybersecurity coverage, protecting the entire attack surface, increasing performance, reducing cost, and simplifying operations.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

Judy Security

Judy Security

Judy provides smart, simple, effective, all-in-one cybersecurity for SMBs. Get the 24/7 protection and support you deserve, at a price you can afford.

DHCO IT

DHCO IT

The DHCO IT team are experts in IT support, cyber security, cloud support and disaster recovery, and are Microsoft 365 partners.