Applying the OSI Seven Layer Network Model To Information Security

This paper focuses on reviewing a key area of data networking theory - The Open Systems Interconnect (OSI) Seven Layer Network Model. This paper demonstrates the application of the model's concepts into the context of information security. This paper presents the perspective that common information security problems map directly to the logical constructs presented in the OSI Seven Layer Network Model, and seeks to demonstrate the Seven Layer Model's usefulness in evaluating information security problems and solutions. The OSI Model is presented by way of both formal definition and practical terms that affect information security on a layer-by-layer basis. For each layer, examples of common information security threats and controls are evaluated by how they fit into the OSI Seven Layer Model's layers of classification. Once the seven layers have been covered as a basis for the discussion, it is presented that the Seven Layer Model's scheme for interaction between the layers gives insight to some of the problems faced by focused, 'single-layer' security solutions. A multi-layer 'defense-in-depth' approach is examined from the viewpoint of network model layers. This paper concludes with some proposed extensions to the model that complete the model's application to information security problems.