Home > Articles > Operating Systems, Server > Microsoft Servers

  • Print
  • + Share This

The OSI Model

Let's now move on to the next topic—the OSI model and its relationship to Windows NT networking.

The OSI model is a widely used model of viewing and implementing network functionality. This model specifies seven distinct, but interrelated layers of networking, starting with the physical layer and going up to progressively higher layers. Different network functionality occurs at different levels (see Figure 3.6). The layers are as follows:

Figure 3.6
The seven layers of the OSI and their interrelationships.

  • Physical layer. The layer at which electrical signals are transmitted over network wires; repeaters work at this layer.

  • Data link layer. At this layer, data streams identified on the basis of their MAC address are transmitted to computers.

  • Network layer. This layer supports logical addressability (independent of MAC and Logical Link Control [LLC] addresses) of packets that contain data, such as, source and destination address; routers work at this layer.

  • Transport layer. Provides reliable end-to-end delivery between hosts, error detection and recovery, and flow control.

  • Session layer. Whereas the network and transport layers provide connections between hosts, the session layer provides connections between applications on those hosts. The session layer provides a control structure for interprocess communication.

  • Presentation layer. This layer is responsible for data transformation, such as character set translation, encryption/decryption, and compression.

  • Application layer. The application layer, the "highest" in the OSI model, provides an interface to applications that run over the network. Note that the application layer does not consist of applications per se, only the interface to them.

How to Apply the Model

The OSI Model is, to a large degree, nothing more than an abstraction. Current implementations do not always decompose into neatly defined layers. Nevertheless, the OSI Model provides us with a very useful abstraction mechanism to discuss network funtionality. As two computers communicate across a network, the dialog begins with a top-down set of data transformations within the machine that initiates the communication. The application layer within this computer passes data to the next layer down, the presentation layer, which reformats the data and passes it to the session layer. The session layer again transforms the data for the next layer down, the transport layer, then the network layer, then the data link layer, and finally the physical layer. At this point electrical signals are transmitted along the network medium. The receiving machine receives these signals, which become progressively transformed as the data passes from one layer to the next higher one, starting with the physical layer. In this manner, every layer of one host thus effectively establishes a type of peer-to-peer communication with the same layer on the other host.

Although seven layers exist within this model, the model can be summarized in terms of four basic layers of functionality:

  • Below the network layer, each layer focuses on providing an error-free signal from one host to another.

  • At the network layer, traffic sent in the form of packets is routed to its intended destination within a network.

  • At the transport layer, end-to-end communication between the sending and receiving host occurs.

  • Above the transport layer, transmissions depend on the nature of each application involved in these transmissions.

Importance of Understanding the OSI Model

Not every networking expert embraces the OSI model. Critics argue that it adds undue complexity, and that looking only at application, transport, network, and lower layers is all that is necessary to depict that data transformations which occur within the source and destination hosts. In some networking contexts, this view is appropriate. Understanding the OSI model is, nevertheless, extremely helpful in understanding how to secure Windows NT and its many network protocols and services.

Although each layer presents its own set of special challenges from a security perspective, protocols and services at certain layers potentially pose more security-related risk than do others. Attacks, such as IP spoofing, a type of attack in which the attacking host masquerades as another one, capitalize on weaknesses in implementations of programs that utilize the IP protocol, a Layer 3 protocol. The User Datagram Protocol (UDP), an efficient, sessionless, and connectionless protocol, poses a different set of security risks. UDP transmissions are sent from one host to another; if the destination host does not receive the transmission, no effort to notify the sending host that the transmission has failed occurs. UDP transmissions are therefore fundamentally less secure than TCP, which attempts to form a virtual connection between a sending and receiving host.

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.