Comparative Analysis of OSI and TCP/IP Models with Security Measures

Verified

Added on 2021/04/21

AI Summary

This report provides a detailed comparison of the OSI and TCP/IP models, focusing on their respective architectures and security implementations. The analysis covers each layer of both models, including the application, presentation, session, transport, network, data link, and physical layers in the OSI model, and the corresponding layers in the TCP/IP model. The report highlights the security models applicable to each layer, such as authentication, access control, data integrity, confidentiality, and assurance/availability. It also explores the functions and protocols associated with each layer, like FTP, Telnet, TCP, UDP, IP, ARP, and ICMP. Furthermore, the report addresses the question of why the OSI model is preferred over the TCP/IP protocol suite, emphasizing its guidance for vendors and developers, and the importance of its presentation and session layers for data transmission and security. The document also references key security vulnerabilities and countermeasures in wireless sensor networks at various layers of the OSI reference model, offering a comprehensive overview of network security concepts.

OSI/TCP MODEL

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Contents
OSI and TCP/IP models with Security............................................................................................2
"Why OSI model over TCP/IP protocol suite?"..............................................................................6
References........................................................................................................................................8

OSI and TCP/IP models with Security
OSI (Open System Interconnection) TCP/IP models
Application:
This includes the proper identification and the
establishment of the availability of different
communication partners with a check on their
resources (Sinha, Jha, Rai & Bhushan., 2017).
The security model applied is authentication
for handling sandboxing, scanning of
malware and the reviewing of test application
codes.
Process/Application Layer:
FTP: The easy process for handling the
Transmission Control Protocol with file
transferring service on port 20-21
Telnet: The emulation program is at the
terminal with port 23
TFTP: The transfer of file at UDP with port
69
SMTP: The sending of email service for the
port 25
DHCP: The assigning of IP address for the
hosts at port 67 & 68
DNS: For resolving the FQDNs for the IP
address at port 53
There are separate controls for each
application. If an application needs to protect
any type of sensitive data which is across the
network, then there is a need to modify it to
provide protection (Colin, Mathieu, &
Nakechbandi, 2016). It requires a larger
source of investment to add and configure

controls. The application layer security
controls are for creating vulnerabilities with
protecting application data. The example for
this is Secured Multipurpose Internet Mail
extensions for encrypting the email messages
(Edwards & Bramante, 2015)
Presentation:
This includes the data translation, with
encryption, and the formatting of the code.
The security model applied is access control
for handling the separation of the input users
and the program control.
Host-to-Host Layer/Transport
TCP: This is for handling the connection
orientation with providing a better and a
reliable connection. The acknowledgements
are done, with easy flow of control and
windowing.
UDP: They are used with the connectionless
protocol, where there are low overheads that
are unreliable.
The control is through single session
communication. The security is through by
handling HTTP traffic, with Transport layer
for handling the system (Jain & Shrivastava,
2017). This involves the extensive
customisation of the application where
modifications of some applications with well-
tested protocols is possible.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Session:
The setting up and working on the managing
and handling the down sessions. This helps in
keeping the application data separate as well.
Security Model: Non-Repudiation with focus
on password encryption, proper protocol
authentication and limitations on brute force
model attempts.
Internet Layer//Data Link
IP: They are for handling the connectionless
protocols, with a better networking address
and the routing standards.
ARP: They can handle the MAC address
which comes from any of the IPs
RARP: They are able to find the IPs from
MAC addresses.
ICMP: For a better diagnostic and for
pinging or the traceroute.
They are for specific physical links through
dedicated circuit in between the buildings and
then setting a connection with the dial-up
modem (Santos & Marcillo, 2018). The
control is dedicated for the data link
encryptions with connections like dial-up
modem through software. The security is set
through establishing VPN over the internet.
The below are the protocol data units
(PDUs)
a. Transport Layer (they are in form
of segments)
This is based on providing an end-to-end
Network Layer
It relates to providing the networking and the
physical layer help in form of bits for the OSI
references.
The security model is controlling the layer

support for the transport services by
establishing a logical connection which is set
in between the hosts. The connection-oriented
and the connectionless transfer data is
possible through this. Security Model: Data
Integrity handles the firewall transmission,
with password encryption and the
authentication protocol (Banjar, Pupatwibul &
Braun, 2015).
b. Network Layer (In packet form)
This is able to manage the logical addressing
and proper determination of path as well.
Security Model: Confidentiality with SSL
using cryptographic algorithm.
c. The data link (frame form)
It provides the proper transmission of the
physical layer of data, along with handling the
notifications of errors, flowing control and
another network topology (Steenkiste, 2018).
The splitting is mainly into two different
sublayers which are LLC and MAC. Security
Model: Assurance/Availability guards against
the MAC address spoofing, ARP Cache
which is applicable to the different
applications. IP (Internet Protocol) provides
the solution for adding controls to individual
applications. The other advantage of the
network layer control is the IP address to
protect the data in the packets and information
for each packet. The SSL tunnel could be
used for security of TCP and UDP.

Poisoning.
d. The physical layer (Bits)
The specified electrical, and the mechanical
with procedural requirements are matched for
activating and maintaining the link. With this,
the deactivation of the physical link could be
checked using this. Security Model:
Notarization/Signature which is important for
audio surveillance and handling the access
control.
"Why OSI model over TCP/IP protocol suite?
The OSI model is important for the communication over a network. They are able to provide
guidance to the vendors and developers for the digital communication and for facilitating
comparisons with communication tools. The OSI is important for communication between the
devices, and inform device about sending the data and to handle the transmission of it. The
manner in which OSI is able to handle the physical transmission of media is properly arranged
and connected. OSI has a different presentation and session layer for handling the transmission
of data, which defines services and protocols with protocol dependency. The functions present
are the data translation, encryption and decryption, compression and easy set of conversions of
character. The interpretation of graphics command is also possible through OSI layers. It is
important for the data to go through verifications so that there are no viruses in the system

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

(Davey & Houghton, 2016). Hence, the session layer is able to establish, terminate and monitor
the communication sessions between applications through proper placement of header
information in the packet. They are mainly to determine the points with data synchronization and
controls where the messages are being exchanged in sessions.
References
Banjar, A., Pupatwibul, P., & Braun, R. (2015). Comparison of TCP/IP routing versus
OpenFlow table and implementation of intelligent computational model to provide
autonomous behavior. In Computational Intelligence and Efficiency in Engineering
Systems (pp. 121-142). Springer, Cham.
Colin, J. Y., Mathieu, H., & Nakechbandi, M. (2016, May). A proposal for an open logistics
interconnection reference model for a Physical Internet. In Logistics Operations
Management (GOL), 2016 3rd International Conference on(pp. 1-6). IEEE.
Davey, B., & Houghton, R. F. (2016, May). Why not OSI?. In IFIP International Conference on
the History of Computing (pp. 115-121). Springer, Cham.
Edwards, J., & Bramante, R. (2015). Networking self-teaching guide: OSI, TCP/IP, LANs,
MANs, WANs, implementation, management, and maintenance. John Wiley & Sons.
Jain, D., & Shrivastava, S. (2017). FPGA Implementation of UDP/IP Stack Using TSE IP Core
and Transfer Data at 1 Gbps. In Proceeding of International Conference on Intelligent
Communication, Control and Devices (pp. 1103-1111). Springer, Singapore.

Santos, M. G. M., & Marcillo, P. A. A. (2018). Security in the data link layer of the OSI model
on LANs wired Cisco. Journal of Science and Research: Revista Ciencia e Investigación,
3 (CITT2017), 106-112.
Sinha, P., Jha, V. K., Rai, A. K., & Bhushan, B. (2017, July). Security vulnerabilities, attacks
and countermeasures in wireless sensor networks at various layers of OSI reference
model: A survey. In Signal Processing and Communication (ICSPC), 2017 International
Conference on (pp. 288-293). IEEE.
Steenkiste, P. (2018). Wireless Networks and Applications. Wireless Networks, 18(452/18), 750.