Transcript document

OSI Reference Model and
Security
COMP 423
The Physical Layer
• Establish and terminate the physical and
logical connections to the media
• Manage the flow and communication on the
media
• Embed the message onto the signal carried
across the physical media
Network Media Type
Description
Comments
Coaxial Cable
One of the first LAN media.
Channel medium – it can only carry one message in one direction.
Fiber-Optic cable
Essentially a tube with an ultra-pure glass
or plastic core that carries light waves. The
single-mode cable provides data
transmission rate of approximately 10
gigabits per second over distances of up to
approximately 35 miles.
To send multiple simultaneous signals, networks use a multimode
variant. Multimode transmission speeds are up to 100 Mbps for up to 2
miles, up to 1 Gbps for approximately 500 yards, and up to 10 Gbps for
up to approximately 1/5 mile (300 yards).
Twisted Pair Wire
One of the most dominant cabling types in
use today. UTP has no supplemental
shielding, and because the twisting only
provides minimal protection, the cable has
a maximum effective limit of approximately
100 yards.
When installing networks in buildings under construction, it is most
beneficial to install networks using physical cable like UTP. UPT is easy to
work with, reliable, less subject to interception or eavesdropping, and
relatively inexpensive.
Wireless LAN
The most common alternative when
installing physical cable in existing buildings
becomes too difficult and expensive. The
standard for wireless networks falls under
IEEE 802.11 – Wireless Local Area Networks
(WLAN). WANs use one of three
architectures – peer-to-peer (P2P), basic
service set, or extended service set.
Wireless LANs (also called WLANs, or the brand name Wi-Fi) are thought
by many in the IT industry to be inherently insecure. The radio
transmissions used for the wireless network interface between
computing devices and access point (Aps) can be intercepted by any
receiver within range. To prevent this, the networks must use some
form of cryptographic security control.
Bluetooth
A wireless technology not covered under
the 802.11 standard. Is a de facto industry
standard for short-range wireless
communications between devices.
To secure Bluetooth-enabled devices you must: 1) turn off Bluetooth
when you do not intend to use it and 2) refuse incoming communications
paring requests unless you know who the requestor is.
Infrared
A wireless technique for data connections
between personal devices, like personal
digital assistans (PDAs) and laptops.
The Infrared Data Association (IrDA) defined several standards for shortrange infrared connections (typically less than 1 meter). Older IR LANs
mounted central Aps in the ceiling, but these were quickly replaced with
802.11 alternatives.
Data Link Layer
• Primary networking support layer
• Provides addressing, packetizing, media access control,
error control, and some flow control for the local
network.
• In LANs, it handles client-to-client and client-to-server
communications
• Divided in two sublayers
– Logical Link Control
• Primarily designed to support multiplexing and demultiplexing
protocols
– Media Access Control
• Designed to manage access to the communications media(which
clients are allowed to transmit and when)
DLL Protocols
– Ethernet (IEEE standard 802.3)
• Wired networks
– Wi-Fi (IEEE 802.11)
• Wireless networks
Network Layer
• Primary layer for communications between
networks. Has three key functions:
– Packetizing
– Addressing
– Routing
Network Layer
• Packetizing
– Takes the segments sent from the transport layer
and organizes them into one or more packets for
transmission across a network
Network Layer
• Addressing
– Uniquely identify a destination across multiple
networks.
Network Layer
• Routing
– The process of moving a Network layer packet
across multiple networks.
Transport Layer
• The primary function of the Transport Layer is
to provide reliable end-to-end transfer of date
between user applications.
• Error control
• Flow control
Session Layer
• Responsible for establishing, maintaining, and
terminating communications sessions
between to systems.
• Regulates whether communications are
preformed in:
– Simplex mode
– Half-duplex mode
– Full-duplex mode
Presentation Layer
• Responsible for data translation and
encryption functions.
Application Layer
• The user is provided with a number of
services, perhaps most aptly called application
protocols.
– E-mail (SMTP & POP)
– World Wide Web (HTTP and HTTPS)
– File transfer (FTP and SFTP)
TCP/IP Layers compared to OSI Layers
OSI Layers
Included Protocols
Application
SNMP
TFTP
NFS
DNS
BOOTP
FTP
Telnet
Finger
SMTP
POP
UDP
TCP
Presentation
Session
Transport
Network
IP
Data Link
Network Interface Cards
Physical
Transmission Media
TCP/IP Layers
Application
Host-to-Host Transport
Internet
Network Interface