The OSI Security Architecture
As a penetration tester or ethical hacker, a basic conception of Open Systems Interconnection (OSI) security architecture is necessary because hacking is all regarding interconnected networks.
OSI Model layers are said to be the standard developed by the International Telecommunication Union (ITU) Telecommunication Standardization Sector (ITU-T). The United Nations sponsors the ITU agency, that develops security standards.
First, you wanna understand why OSI security architecture is important. It organizes the task of providing security. It was developed as an international standard. For that reason, companies related to PC manufacturers and communication vendors now maintain that standard. They've developed security features according to that standard, and now they maintain it strictly. The OSI security architecture has some guidelines and structured definitions of services and mechanisms.
The ITU-T recommendation X.800 is the OSI Layers security architecture. It defines an organized approach.
X.800 is an extension of recommendation X.200 that originally described the Open Systems Interconnection security architecture reference model. As far as the system interconnection is concerned, the act of operating along in an efficient and organized way is important. In other words, existing and future recommendations should communicate with each other. The Open Systems Interconnection security architectural mechanism establishes a framework for such coordination.
In the OSI reference model, there're seven layers. Every layer is generally called an N layer. Usually, the N + 1 entity asks for the transmission services to the N entity. It's a kind of linear algorithm on which the objective of the OSI reference model is based. It permits the interconnection of disparate computer systems so that communication between application processes is also achieved.
There is every possibility that when information is exchanged between applications, it can be hijacked. To protect against that, security controls need to be built. However, there's a fault. In the end, sometimes it turns out that the value of the information is less than the effort to build those controls to obtain data. However, one must follow the recommendation because it defines the general security-related architectural elements, and the communication between open system–dependent applications should remain secure. To allow secure communication, you need guidelines. The Open Systems Interconnection security reference model guides you to improve the present recommendations.
Let’s try to understand the Open Systems Interconnection security reference model in detail. As mentioned, it's composed of seven layers. Let’s imagine someone is in charge of each particular layer. Conceptually, Every host has a person in charge at each layer who will communicate with a peer on other hosts. It continuously maintains the same-layer principle that tells us one key thing in general. The person to blame at layers 1, 2, and 3 will communicate only with the similar person in charge at the connecting hosts. At the opposite finish of communication, the person in charge at layers 4, 5, 6, and 7 waits to receive communication from the person in charge at layers 4, 5, 6, and 7 of the connected hosts. This provides the abstract illustration of networks suitable for secure communication.
Let’s suppose there are 3 hosts in the neighborhood called A, B, and C. A, the starting point, wanna communicate with C; however, B is in between. In such cases, A will first determine who is the nearest host. Here B is the nearest. Using the appropriate routing protocol, A forwards the messages to B. Next, B determines the United Nations agency is that the nearest host If there was another host named D that was between B and C, then B would pass the messages to D, and the process would continue until C, the endpoint, gets the messages.
Let’s see a mathematical illustration of the same abstract. Let there be n number of hosts. The constant C starts from 0 and extends to n. Two devices, I and i+1, are directly connected. In such case, 0 ≤ i < n. When a communication protocol is established, you can suppose that the 2 endpoints will be 0 and n. You can call this an end-to-end protocol. The 2 connected applications, that is, I and i+1, have a communication protocol between them, which is called a link protocol.