-


A primary function of computer security risk management is the identification of appropriate controls. In designing (or reviewing) the security of a system, it may
be obvious that some controls should be added (e.g., because they are required by law or because they are clearly costeffective). It may also be just as obvious that other controls may be too expensive (considering both monetary and nonmonetary factors). For example, it may be immediately apparent to a manager that closing and locking the door to a particular room that contains local area network equipment is a needed control, while posting a guard at the door would be too expensive and not user-friendly. In every assessment of risk, there will be many areas for which it will not be obvious what kind of controls are appropriate. Even considering only monetary issues, such as whether a control would cost more than the loss it is supposed to prevent, the selection of controls is not simple. However, in selecting appropriate controls, managers need to consider many factors, including: organizational policy, legislation, and regulation; safety, reliability, and quality requirements; system performance requirements; timeliness, accuracy, and completeness requirements; the life cycle costs of security measures; technical requirements; and cultural constraints. One method of selecting safeguards uses a "what if" analysis. With this method, the effect of adding various safeguards (and, therefore, reducing vulnerabilities) is tested to see what difference each makes with regard to cost, effectiveness, and other relevant factors, such as those listed above. Trade-offs among the factors can be seen. The analysis of trade-offs also supports the acceptance of residual risk, discussed below. This method typically involves multiple iterations of the risk analysis to see how the proposed changes affect the risk analysis result.Another method is to categorize types of safeguards and recommend implementing them for various levels of risk. For example, stronger controls would be implemented on high-risk systems than on low-risk systems. This method normally does not require multiple iterations of the risk analysis.
As with other aspects of risk management, screening can be used to concentrate on the highestrisk areas. For example once could focus on risks with very severe consequences, such as a very high dollar loss or loss of life or on the threats that are most likely to occur.

The following briefly describes the seven layers of the OSI model:
------------------------------------------------------------------


1. Physical layer :
============
The physical layer provides the interface with physical media. The interface itself is a mechanical connection from the device to the physical medium used to transmit the digital bit stream. The mechanical specifications do not specify the electrical characteristics of the interface, which will depend on the medium being used and the type of interface. This layer is responsible for converting the digital data into a bit stream for transmission over the network. The physical layer includes the method of connection used between the network cable and the network adapter, as well as the basic communication stream of data bits over the network cable. The physical layer is responsible for the conversion of the digital data into a bit stream for transmission when using a device such as a modem, and even light, as in fibre optics. For example, when using a modem, digital signals are converted into analogue audible tones which are then transmitted at varying frequencies over the telephone line. The OSI model does not specify the medium, only the operative functionality for a standardised communication protocol. The transmission media layer specifies the physical medium used in constructing the network, including size, thickness and other characteristics.


2. Data link layer :
=============
The data link layer represents the basic communication link that exists between computers and is responsible for sending frames or packets of data without errors. The software in this layer manages transmissions, error acknowledgement and recovery. The transceivers are mapped data units to data units to provide physical error detection and notification and link activation/deactivation of a logical communication connection. Error control refers to mechanisms to detect and correct errors that occur in the transmission of data frames. Therefore, this layer includes error correction, so when a packet of data is received incorrectly, the data link layer makes system send the data again. The data link layer is also defined in the IEEE 802.2 logical link control specifications. Data link control protocols are designed to satisfy a wide variety of data link requirements :

– High-level Data Link Control (HDLC) developed by the International Organisation for Standardisation (ISO 3309, ISO 4335);
– Advanced Data Communication Control Procedures (ADCCP) developed by the American National Standards Institute (ANSI X3.66);
– Link Access Procedure, Balanced (LAP-B) adopted by the CCITT as part of its X.25 packet-switched network standard;
– Synchronous Data Link Control (SDLC) is not a standard, but is in widespread use. There is practically no difference between HDLC and ADCCP. Both LAP-B and SDLC are subsets of HDLC, but they include several additional features.


3. Network layer :
=============
The network layer is responsible for data transmission across networks. This layer handles the routing of data between computers. Routing requires some complex and crucial techniques for a packet-switched network design. To accomplish the routing of packets sending from a source and delivering to a destination, a path or route through the network must be selected. This layer translates logical network addressing into physical addresses and manages issues such as frame fragmentation and traffic control. The network layer examines the destination address and determines the link to be used to reach that destination. It is the borderline between hardware and software. At this layer, protocol mechanisms activate data routing by providing network address resolution, flow control in terms of segmentation and blocking and collision control (Ethernet). The network layer also provides service selection, connection resets and expedited data transfers. The Internet Protocol (IP) runs at this layer.
The IP was originally designed simply to interconnect as many sites as possible without undue burdens on the type of hardware and software at different sites. To address the shortcomings of the IP and to provide more a reliable service, the Transmission Control Protocol (TCP) is stacked on top of the IP to provide end-to-end service. This combination is known as TCP/IP and is used by most Internet sites today to provide a reliable service.


4. Transport layer :
==============
The transport layer is responsible for ensuring that messages are delivered error-free and in the correct sequence. This layer splits messages into smaller segments if necessary and provides network traffic control of messages. Traffic control is a technique for ensuring that a source does not overwhelm a destination with data. When data is received, a certain amount of processing must take place before the buffer is clear and ready to receive more data. In the absence of flow control, the receiver’s buffer may overflow while it is processing old data. The transport layer,
therefore, controls data transfer and transmission. This software is called Transmission
Control Protocol (TCP), common on most Ethernet networks, or System Packet Exchange (SPE), a corresponding Novell specification for data exchange. Today most Internet sites use the TCP/IP protocol along with ICMP to provide a reliable service.


5. Session layer :
============
The session layer controls the network connections between the computers in the network. The session layer recognises nodes on the LAN and sets up tables of source and destination addresses. It establishes a handshake for each session between different nodes. Technically, this layer is responsible for session connection (i.e. for creating, terminating and maintaining network sessions), exception reporting, coordination of send/receive modes and data exchange.
6. Presentation layer. The presentation layer is responsible for the data format, which includes the task of hashing the data to reduce the number of bits (hash code) that will be transferred. This layer transfers information from the application software to the network session layer to the operating system. The interface at this layer performs data transformations, data compression, data encryption, data formatting, syntax selection (i.e. ASCII, EBCDIC or other numeric or graphic formats), and device selection and control. It actually translates data from the application layer into the format used when transmitting across the network. On the receiving end, this layer translates the data back into a format that the application layer can understand.


7. Application layer :
==============
The application layer is the highest layer defined in the OSI model and is responsible for providing user-layer applications and network management functions. This layer supports identification of communicating partners, establishes authority to communicate, transfers information and applies privacy mechanisms and cost allocations. It is usually a complex layer with a client/server, a distributed database, data replication and synchronisation. The application layer supports file services, print services, remote login and e-mail. The application layer is the network system software that supports user-layer applications, such as word or data processing, CAD/CAM, document storage and retrieval and image scanning.


This is all about the information and description of all the Layers of OSI-Model. How they are working and all that.
----------------------------------------------------------------------------------------

A protocol is a set of rules governing the way data will be transmitted and received over data communication networks. Protocols are then the rules that determine everything about the way a network operates. Protocols must provide reliable, error-free communication of user data as well as a network management function. Therefore, protocols govern how applications access the network, the way that data from an application is divided into packets for transmission through cable, and which electrical signals represent data on a network cable.

The OSI model, defined by a seven-layer architecture, is partitioned into a vertical set of layers, as illustrated in Figure 1.2. The OSI model is based on open systems and peer-to-peer communications. Each layer performs a related subset of the functions required to communicate with another system. Each system contains seven layers. If a user or application entity A wishes to send a message to another user or application entity B, it invokes the application layer (layer7). Layer 7 (corresponding to application A) establishes a peer relationship with layer 7 of the target machine (application B), using a layer 7 protocol. In an effort to standardise a way of looking at network protocols, the TCP/IP four-layer model is created with reference to the seven-layer OSI model, as shown in Figure 1.3. The protocol suite is designed in distinct layers to make it easier to substitute one protocol for another. The protocol suite governs how data is exchanged above and below each protocol layer. When protocols are desiged, specifications se out how a protocol exchanges data with a protocol layered above it.

Both the OSI model and the TCP/IP layered model are based on many similarities, but there are philosophical and practical differences between the two models. However, they both deal with communications among heterogeneous computers.

Since TCP was developed before the OSI model, the layers in the TCP/IP protocol model do not exactly match those in the OSI model. The important fact is the hierarchical ordering of protocols. The TCP/IP model is made up of four layers : application layer, transport layer, Internet layer and network access layer. These will be discussed in the next post.

The Ethernet, originally called the Alto Aloha network, was designed by the Xerox Palo Alto Reasearch Center in 1973 to provide communication for reasearch and development CP/M computers. When in 1976 Xerox started to develop the Ethernet as a 20Mbps product, the network prototype was called the Xerox Wire. In 1980, when the Digital, Intel and Xerox standard was published to make it a LAN standard at Mbps, Xerox Wire changed its name back to Ethernet. Ehternet become a commercial product in 1980 at 10 Mbps. The IEEE called its Ethernet 802.3 standard CSMA/CD (or carrier sense multiple access with collision detection). As the 802.3 standard evolved, it has acquired such name as Thicknet (IEEE 10Base-5), Thinnet or Cheapernet (10Base-2), Twisted Ethernet (10Base-T) and Fast Ethernet (100Base-T).

The design of Ehternet preceded the developement of the seven- layer OSI model. The Open System Interconnect (OSI) model was developed and published in 1982 by the Inernational Organisation for Standardisation (OSI) as generic model for data communication. The OSI model is useful because it is a broadly based document, widely available and often referenced. Since modularity of communication functions is a key design criterion in the OSI model, vendors who adhere to the standards and guidelines of this model can supply Ethernet-compatible devices, alternative Ethernet channels, higher-performance Ethernet networks and bridging protocols that easily and reliably connect other types of data network to Ethernet.

Since the OSI model was developed after Ethernet and Signaling System #7 (ss7), there are obviously some discrepancies between these three protocols. Yet the functions and processes outlined in the OSI model were already in practice when Ehternet or SS7 was developed. In fact, SS7 networks use point-to-point configurations between signalling points. Due to the point-to-point configurations and the nature of the transmissions, the simple data link layer does not require much complexity.

The OSI reference model specifies the seven layers of functionality. It defines the seven layers from the physical layer (which includes the network adapters), up to the application layer, where application programs can access network services. However, the OSI model does not define the protocols that implement the functions at each layer. The OSI model is still important for compatibility, protocol independence and the future growth of network technology. Implementations of the OSI model stipulate communication between layers on two processors and an interface for interlayer communication on one processor. Physical communication occures only at layer 1. All other layers communicate downward (or upward) to lower (or higher) levels in steps through protocol stacks.

1.4.1 Network Access Layer :
=====================
The network access layer contains protocols that provide access to a communication network. At this layer, systems are interfaced to a variety of networks. One function of this layer is to route data between hosts attached to the same network. The services to be provided are flow control and error control between hosts. The network access layer is invoked either by the Internet layer or the application layer. This layer provides the device drivers that support interactions with communications hardware such as the token ring or Ethernet. The IEEE token ring, referred to as the Newhall ring, is probably the oldest ring control technique and has become the most popular ring access technique in the USA. The Fiber Distributed Data Interface (FDDI) is a standard for a high-speed ring LAN. Like the IEEE 802 standard, FDDI employs the token ring algorithm.

2 Internet Layer :
=============
The Internet layer provides a routing function. Therefore, this layer consists of the procedures required within hosts and gateways to allow data to traverse multiple networks. A gateway onnecting two networks relays data between networks using an internetwork protocol. This layer consists of the Internet Protocol (IP) and the Internet Control Message Protocol (ICMP).

3 Transport Layer :
==============
The transport layer delivers data between two processes on different host computers. A protocol entity at this level provides a logical connection between higher-level entities. Possible services include error and flow controls and the ability to deal with control signals not associated with a logical data connection. This layer contains the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).
4 Application Layer :
===============
This layer contains protocols for resource sharing and remote access. The application layer actually represents the higher-level protocols that are used to provide a direct interface with users or applications. Some of the important application protocols are File Transfer Protocol (FTP) for file transfers, HyperText Transfer Protocol (HTTP) for the World Wide Web, and Simple Network Management Protocol (SNMP) for controlling network devices. The Domain Naming Service (DNS) is also useful because it is responsible for converting numeric IP addresses into names that can be more easily remembered by users. Many other protocols dealing with the finer details of applications are included in this application layer. These include Simple Mail Transport Protocol (SMTP), Post Office Protocol (POP), Internet Mail Access Protocol (IMAP), Internet Control Message Protocol (ICMP) for email, Privacy Enhanced Mail (PEM), Pretty Good Privacy (PGP) and Secure Multimedia Internet Mail Extensions (S/MIME) for e-mail security.

Here its all about the working of each layer of TCP/IP model.
How it passes the information to each other.