This paper is written to lucubrate the security offered by the OSI Model. It aims to educate the reader about the usage. maps and security that the OSI Model to give accent that proper web architecture and design will convey easiness of usage to all users.
Although web services has been an ordinary thing for a web operated country. it is the undertaking of a Network decision maker is to do certain that the web is running and secure. When we speak of the wordsecure.it means that webs should be maintained non merely from the exterior but besides from the interior. Where will the web decision maker start looking inside the construction of the web? This can be done through understanding the construction of the OSI Model.
The OSI Model
An acronym for “Open System Interconnection” . an OSI Model is the abstract description for communications and computing machine web protocol design. The OSI theoretical account has two beds viz. theupper bedthat has four beds viz. thePhysical bedthat is evident in spot panels. theData bedthat transportations natural spots into logical constructions calledframes.theNetwork bedis where the IP and ICMP and other protocols take topographic point. theTransport bedis where TCP is implemented. There is besides thelower bedthat comprises of theSession bed.Presentation Layerand theApplication bedthat are all used for go throughing services for communicating.[ 1 ]
The OSI Seven Security Layer Model
The OSI security bed theoretical account is a seven layered stack where information is passed in the stack and issues from one computing machine and up through the stack as it enter another computing machine. This architecture of security is besides designed to reflect a new degree of different demands in footings of web security.
OSI Security Model 7498-2 OSI Network Model 7498-1
Authentication Application Layer
Access Control Presentation Layer
Non-Repudiation Session Layer
Data Integrity Transport Layer
Confidentiality Network Layer
Assurance/Availability Data Link Layer
Notarization/Signature Physical Layer
These seven security theoretical account of the OSI Model helps to avoid different ailment effects that may halter the public presentation of the web such as information escape. unity misdemeanor. denial of service and bastard usage of the system.
For the first bed. notarization and signature must be ensured in the Physical bed since it is the first bed of the OSI Model ; it must guarantee that all connexions established are validated. Next is the Data Link that must hold available beginnings to transport natural spots into frames. The Network Layer’s undertaking is to do certain that all minutess are processed with confidentiality which means. all informations rolling around the system must be received by the receivers and merely by them. Once the information is transferred. the Transport Layer will look into the unity of the information being received. The Session Layer is so assigned to accept the informations being transported and do certain that there will be no denial of service during the dealing. Once the information has been received. the Presentation Layer will be the 1 that will convey informations an entree to utilize the system and in conclusion. the Application Layer. will so look into the whole operation one time started.
Aside from the security degrees of the OSI system. there are besides statistic package that are available in the market both from commercial and unfastened beginning that would assist you supervise the security and public presentation of your network’s OSI bed.
Network security is one of the toughest undertakings to make and keep. Aside from the security beds. there are besides other available ways to procure our web. Listed are:
The Historical and Statistical Logging –AHistorical logis used to supervise users traveling in and out of the web or a system. TheStatistical lognevertheless states a statistic or count of how many users accessed the system in a given timeline
File Security and Firewalls –AFirewallis a appliance or package installed in a computing machine that inspects web traffic and responsible for denying or giving permissions for any connexion based on a given protocol by the web decision maker. AFile securityis a manner of maintaining your file so that it can non be accessed by other users which can be done through scene of watchwords.
The Secret and Public key –Confidential information can be transferred through text encoding. Secret key is a sort of cryptanalysis that encrypts a message while the Public Key will decode it. The lone job with this is that the user can non code or decode the message if thekeyor stolen.
Symmetric and asymmetric key –Encoding of information can be done in two ways. This is through theSymmetrical encodingwhich is a combination of text. symbols and figure that is applied in a message and the other is through theAsymmetric keys( besides calledpublic keys) that use a different encoding to decode a message other than the usual manner of decoding.
Digital Certificate and Digital Postmark –ADigital Certificateis a digital definition of someone’s certificates like when making a dealing over the web. It contains a person’s name. consecutive figure and its other specifics. ADigital Postmarknevertheless is a device used to formalize digital electronic signatures.
1. )hypertext transfer protocol: //www. webopedia. com/quick_ref/OSI_Layers. asp