UNIT 3

OSI model, encapsulation and Governance

OSI model
• The OSI model is the abbreviation for Open Systems Interconnection
Model.
• It defines the transmission of data from one system to another in a
computer network.
• The OSI model is an abstract concept of how computer and
networking systems function.
• It attempts to describe how systems work together and their role in
system operations.
• OSI is a reference model used to show how applications communicate
over a network.
Example
•
two systems are joined to each other using Local Area Network (LAN)
cables and share data with the help of a Network Interface Card (NIC)
that allows communication over a network, but if one system is based
on Microsoft Windows, and the other is based on macOS, so how
would these computers communicate with each other. To successfully
communicate between systems of distinct architectures, the
International Organization for Standardization (ISO) presented the 7-
layered OSI model in 1984.
1. Physical layer
• The physical layer is the lowest layer and the physical infrastructure of
a network system.
• The physical layer might include a device that receives digitized
information in a network, such as repeaters, hubs and modems.
Overall, this layer is responsible for the physical connection between
each device.
• The physical layer also includes the hardware equipment, such as:
Wiring
• Modems
• Connectors
2. Data link layer
• Layer 2, helps define the network's data format.
• It usually involves the nodes that enable the data transfer, including
encoding, decoding and organizing it.
• In formatting the data, the data link layer tries to fix any mistakes that
might have occurred at the physical level by correctly formatting the
data.
Additionally, the data link layer
involves:
• Framing: uses frames to send and receive data. The data link layer packs
the data into frames that each contain a header and a trailer, which
"frame" the information.
• Media access controlling: MAC transmits data through a standard cable
network, and its purpose is to make data transfers between two
computers easier and minimize data collisions.
• Error detecting: This function scans the data to determine if an error
occurred.
• Error-correcting: The correction function happens when the error
section finds corrupted data bits, and the correction function finds the
location of the error and fixes it.
3. Network layer
• The network layer decides how the data and information may travel
and where it may go.
• The network layer essentially decides the path for the information
from the source device to the destination device.
• For example, the network layer might identify an internet protocol
address to prepare data transport from one place to another.
4. Transport layer
• The transport layer actually delivers the data to its destination. A
transport layer might involve a user datagram protocol (UDP) or a
transmission control protocol (TCP). UDP allows for communication
with hosts through the internet via an Internet Protocol (IP) network
without requiring communication channels or data paths.
• A TCP, allows for communication with exchanges over a network with
application programs and computing devices. You can use UDP to
transfer some data, like audio and video, between networks because
it's low latency and quick. You may also use TCP for sending files
between networks.
5. Session layer
• The session layer establishes the connection between two end-user
applications and then maintains, synchronizes and terminates it based
on the duration of the session.
• Suppose you visit a website and remain a visitor or use an interactive
tool.
• In that case, the session layer manages the ongoing connection and
maintenance of the transfer of information.
• The session layer maintains the connection's privacy and security and
initiates network reconnections.
6. Presentation layer
• The presentation layer refers to the display of data and ensures the
data appears to the user in an understandable rather than machine-
readable format. The presentation layer also can involve:
• Encrypting data
• Decrypting data
• Data compression
7. Application layer
• Users interact with programs and communicate with each other at
the application layer.
• People use the application layer to fill out website forms, use email
services or engage in live chat sessions online.
Functions of the application
layer
• Transferring and accessing files
• allows users to send files through a network. File transfers can occur over the internet between different
networks or within the same network. The application layer also is the layer that allows users to access
files, such as from cloud-based storage or a database.
• Sending emails and engaging in other communication
• For example, email is an application layer. The layer allows you to receive emails, download files and send
information. Email systems also enable direct communication through chat or video features.
• Facilitating remote hosting
• The application layer enables remote hosting via the internet. The layer allows a person to make their
computer a terminal and conduct a presentation. Conversely, the layer is where other users log on to the
remote host and join the session.
• Accessing networks and directories
• The ability to access information from websites is an example of the application layer. Users access all
network services and applications at this level. It allows you to find information and locate data through
network directory services.
application layer protocols
• HTTP/2: The world wide web uses this protocol, an updated version of the former
one, HTTP. This means a user's web server can send multiple requests and receive
several responses while the person is using a web browser.
• MQTT: This is a machine-to-machine network protocol for message queue
services. The messages go to this service until someone processes or deletes
them.
• FTP: is the standard communication process for transferring files from a host or
FTP server to an FTP client.
• SMTP: is how you can send your emails to others. This protocol helps extract and
send your message to your recipient's SMTP.
• DNS: translates a domain name into an IP address. This helps load your internet
pages.
Network Layer
• The Network Layer is the third layer of the OSI model.
• It handles the service requests from the transport layer and further
forwards the service request to the data link layer.
• The network layer translates the logical addresses into physical
addresses
• It determines the route from the source to the destination and also
manages the traffic problems such as switching, routing and controls
the congestion of data packets.
• The main role of the network layer is to move the packets from
sending host to the receiving host.
The main functions performed by
the network layer are:
• Routing: When a packet reaches the router's input link, the router will
move the packets to the router's output link.
• Logical Addressing: The data link layer implements the physical addressing
and network layer implements the logical addressing. Logical addressing is
also used to distinguish between source and destination system. The
network layer adds a header to the packet which includes the logical
addresses of both the sender and the receiver.
• Internetworking: provides the logical connection between different types
of networks.
• Fragmentation: process of breaking the packets into the smallest individual
data units that travel through different networks.
Services Provided by the Network
Layer
• Guaranteed delivery: This layer provides the service which guarantees that the packet will
arrive at its destination.
• Guaranteed delivery with limited delay: This service guarantees that the packet will be
delivered within a specified host-to-host delay bound.
• In-Order packets: This service ensures that the packet arrives at the destination in the order in
which they are sent.
• Guaranteed max jitter: This service ensures that the amount of time taken between two
successive transmissions at the sender is equal to the time between their receipt at the
destination.
• Security services: The network layer provides security by using a session key between the
source and destination host. The network layer in the source host encrypts the payloads of
datagrams being sent to the destination host. The network layer in the destination host would
then decrypt the payload. In such a way, the network layer maintains the data integrity and
source authentication services.
Physical Layer in OSI Model
• The physical layer is the first and lowest layer of the Open Systems
Interconnection (OSI) communications model. The physical layer's
function is to transport data using electrical, mechanical or procedural
interfaces.
Attributes of the physical layer:
•1. Signals: The data is first converted to a signal for efficient data transmission. There are two kinds of signals:
•Analog Signals: These signals are continuous waveforms in nature Digital Signals: These signals are discrete in nature
•2. Transmission media: Data is carried from source to destination with the help of transmission media.
•Wired Media: The connection is established with the help of cables. For example, fiber optic cables, coaxial cables, and twisted pair cables.
•Wireless Media: The connection is established using a wireless communication network. For example, Wi-Fi, Bluetooth, etc.
•3. Data Flow: It describes the rate of data flow and the transmission time frame. The factors affecting the data flow are as follows:
•Encoding: Encoding data for transmission on the channel.
•Error-Rate: Receiving erroneous data due to noise in transmission.
•Bandwidth: The rate of transmission of data in the channel.
•4. Transmission mode: It describes the direction of the data flow. Data can be transmitted in three sorts of transmission modes as follows:
•Simplex mode: This mode of communication is a one-way communication where a device can only send data. Examples are a mouse,
keyboard, etc.
•Half-duplex mode: This mode of communication supports one-way communication, i.e., either data can be transmitted or received. An
example is a walkie-talkie.
•Full-duplex mode: This mode of communication supports two-way communication, i.e., the device can send and receive data at the same
time. An example is cellular communication.
•5. Noise in transmission: Transmitted data can get corrupted or damaged during data transmission due to many reasons.
•Attenuation: It is a gradual deterioration of the network signal on the communication channel.
•Distribution: the data is overlapped during transmission, which leads to the loss of the original data.
•Data Delay: The transmitted data reaches the destination system outside the specified frame time.
The physical layer performs various
functions and services:
• It transfers data bit by bit or symbol by symbol.
• It performs bit synchronization
• Bit rate control defines how many bits per second can be transmitted
• The transmission mode in which data is transmitted
• It is responsible for point-to-multipoint, point-to-point, or multipoint line
configurations.
• It is responsible for flow control
• It is responsible for the translation of data received from the data link layer
for further transmission.
• It provides a standardized interface for physical transmission media
Physical Topology:
• Physical topology refers to the specification or structure of the
connections of the network between the devices where the
transmission will happen. There are four types of topologies, which
are as follows:
Star Topology:
Bus Topology:
Ring Topology:
Mesh Topology:
Importance of the physical layer:
• Without proper data conversion at the physical level, the network
cannot function.
• The physical layer is responsible for maintaining communication
between the hardware and the network mode.
• It handles the data flow rate of the data to be transmitted along with
the timeframe of the transmitted data.
Security governance
• Security governance is the combined set of tools, personnel, and
processes that provide for formalized risk management.
Key components
• defining roles and responsibilities,
• establishing policies and procedures,
• conducting risk assessments, and
• implementing controls.
Cybersecurity governance
• Cybersecurity governance is a comprehensive cybersecurity strategy
that integrates with organizational operations and prevents the
interruption of activities due to cyber threats or attacks.
Importance of Cybersecurity
Governance
• Protecting Assets: including sensitive data, intellectual property, and financial resources, from a wide range of cyber threats
• Maintaining Trust: Effective cybersecurity governance builds trust among stakeholders, including customers, partners, and investors, by demonstrating a
commitment to protecting their information and ensuring the reliability and availability of services.
• Compliance Requirements: Many industries are subject to regulatory requirements and standards related to cybersecurity Cybersecurity governance ensures that
organizations comply with these regulations and standards, avoiding potential legal and financial consequences of non-compliance.
• Risk Management: to identify, assess, and manage cyber risks effectively. By implementing robust governance processes, organizations can prioritize their
cybersecurity investments and allocate resources to mitigate the most significant risks.
• Business Continuity: Cybersecurity incidents can disrupt business operations, leading to financial losses, reputational damage, and legal liabilities. Cybersecurity
governance helps organizations develop and implement strategies to prevent, detect, and respond to security incidents, thereby ensuring business continuity and
resilience.
• Protecting Reputation: A cybersecurity breach can have a significant impact on an organization's reputation and brand value. Cybersecurity governance helps
organizations minimize the risk of breaches and respond effectively if they occur, thereby safeguarding their reputation and maintaining customer trust.
• Strategic Alignment: Cybersecurity governance ensures alignment between cybersecurity initiatives and business objectives. By integrating cybersecurity into
strategic decision-making processes, organizations can better support their overall goals and objectives while mitigating security risks.
• Vendor and Supply Chain Management: Many organizations rely on third-party vendors and suppliers for various products and services. Cybersecurity governance
includes processes for evaluating and managing the cybersecurity risks associated with third-party relationships, ensuring the security of the entire supply chain.
• Cyber Insurance: enhances an organization's ability to obtain cyber insurance coverage by demonstrating a commitment to managing cyber risks effectively.
Insurance companies often require evidence of robust governance practices before providing coverage or offering favorable premiums.
• Cybersecurity Awareness: promotes a culture of security awareness and accountability within an organization. By providing training and education to employees
at all levels, organizations can reduce the likelihood of human error leading to security incidents.
Security governance principles
• confidentiality is a set of high-level rules that limits access to all types
of data and information.
• Integrity is the assurance that the information is trustworthy and
accurate.
• availability is a form of risk management to guarantee reliable access
to that information by authorized people.
Information Security Governance

• This governance describes the way a company manages its

information security needs. Ideally, it protects the integrity,
confidentiality, and availability of information. IT managers begin by
identifying all possible risks. They then design proactive policies and
frameworks to tackle these issues at the source.
• Information security governance transcends systems and databases. A
more holistic approach also ensures employees understand the
importance of confidentiality and their role in maintaining it.
Main Elements of Information
Security Governance
• Building a governance system requires an in-depth analysis of an
organization's information, storage needs, and security status.
• There are the five main areas managers need to cover when
evaluating their organizations' information security governance
needs.
Information Security Strategy
Policies and Procedures
• 1. Information Security Strategy
• Managers must create a well-defined plan that aligns well with
organizational goals. This strategy should outline the overall approach for
managing and protecting information assets.
• 2. Policies and Procedures
• Employees need comprehensive and up-to-date policies to help
organizations safeguard data. For example, the effectiveness of multi-factor
authentication has dropped from 99% to as little as 30%. Companies must
update policies to match these and other changes.
Risk Management
• 3. Risk Management
• You can’t manage risk without first identifying the threats present. IT
managers should follow a basic process to address this:
• Identify the potential risks.
• Assess the organization’s exposure to these risks.
• Implement solutions that mitigate these risks.
• Monitor and review how well these solutions protect the
organization.
Compliance and Audit
Incident Response and Management
• 4. Compliance and Audit
• Failure to comply is expensive. In 2022, Morgan Stanley Smith Barney
paid a $35 million settlement to resolve SEC charges of failing to protect
personal information. Effective managers conduct regular audits and
assessments to ensure compliance.
• 5. Incident Response and Management
• Organizations should have a well-defined incident response plan to
detect and address threats. Start by establishing a dedicated, multi-
disciplinary incident response team. It should include lawyers,
communication specialists, and compliance officers. This team should
develop a response strategy to deploy instantly when needed.
4 Steps of Information Security
Governance
• Information security governance consists of four main steps to strengthen an organization's defense.
Organizations may change and expand on these as they see fit, but they should know the core four
before making adjustments:
• Create a strategy. Identify the ways governance will affect your organization and define the main goals
and objectives of information security governance. This should include a clear understanding of an
organization's risk tolerance, resources, and legal requirements.
• Build the framework. IT governance requires more than just ideas on paper or ambitious policies.
Professionals must also build a framework that will meet those needs. IT admins can simplify this by
choosing a premade option and carefully configuring it or creating a customized solution from scratch.
• Test and implement the system. Development teams must also test the system to ensure it works
correctly and meets all requirements. Once tested, the IT team can deploy the governance system
across an organization's network and devices.
• Monitor and adjust. The final step is to monitor information security governance performance
regularly and make necessary adjustments or improvements. This will help organizations maintain a
secure and compliant environment.
Main Challenges and Threats for
Information Security Governance
• Lack of Organizational Resources
• A lack of capital and other resources can impede an organization's ability to
manage its governance system effectively. Organizations should allocate
sufficient funds for this task. Too often, companies treat information
security governance as an afterthought, increasing the potential risk.
• Insufficient Technology Capabilities
• Organizations need to prioritize the latest technologies, such as cloud
computing or AI-based solutions, and ensure that their existing systems are
up to date. Inadequate technological infrastructure can expose
organizations to cyber threats such as malware attacks, phishing scams, and
data breaches.
• Sophisticated Cyberattacks: Cybercriminals continually develop advanced and sophisticated attack
techniques, such as ransomware, phishing, and zero-day exploits, making it challenging for organizations to
defend against them effectively.
• Insider Threats: pose a significant risk to information security. Malicious insiders may abuse their access
privileges to steal sensitive data or sabotage systems, while negligent insiders may inadvertently expose
sensitive information or fall victim to social engineering attacks.
• Supply Chain Risks: Organizations increasingly rely on third-party vendors and suppliers for various products
and services, expanding the attack surface and introducing new security risks. Cybercriminals may target
supply chain partners to gain unauthorized access to sensitive information or compromise systems.
• Regulatory Compliance: Compliance with various regulations and standards, presents a significant challenge
for organizations. Achieving and maintaining compliance requires ongoing effort and investment in
governance, risk management, and compliance (GRC) processes.
• Skills Shortage: The shortage of skilled cybersecurity professionals exacerbates the challenge of maintaining
effective information security governance. Organizations struggle to find and retain qualified personnel with
the necessary expertise to manage security risks and respond to cyber threats adequately.
• Data Privacy Concerns: Growing concerns about data privacy and protection further complicate information
security governance. Organizations must navigate complex regulatory requirements and consumer
expectations regarding the collection, use, and storage of personal data.
• Cybersecurity Awareness: Insufficient awareness of security risks and best practices among employees
increases the likelihood of successful cyberattacks, such as phishing and social engineering.
• Cybersecurity Fragmentation: Achieving cohesive and integrated cybersecurity governance across the
organization requires collaboration and coordination among stakeholders.
Benefits of Information Security
Governance
• Improved Data Security: Organizations can better protect their sensitive information from unauthorized access, disclosure,
or alteration by implementing well-defined policies. This includes using MFA.
• Reduced Risk of Security Incidents: A robust information security governance framework helps to minimize the likelihood of
security incidents, such as data breaches and cyberattacks. It’s not enough to just respond to incidents; IT admins must seek
out proactive solutions.
• Compliance with Regulations: Organizations must comply with various regulatory requirements and industry standards,
such as the General Data Protection Regulation, the Health Insurance Portability and Accountability Act, and the Payment
Card Industry Data Security Standard. Information security governance ensures compliance by establishing policies and
processes that align with all applicable standards. You could also expand compliance to include the ability to comply with
e-Discovery requests.
• Improved Business Continuity: Can your organization continue to operate during natural disasters, cyberattacks, and other
unexpected events? Create a plan to protect critical information assets and maintain essential functions during a crisis. This
includes having backup and recovery procedures for data and strategies for managing incidents and restoring operations
quickly.
• Disaster Recovery: Fujifilm provides an excellent example of how information security governance can protect an
organization. When hackers gained unauthorized access to the company, it reportedly refused to pay the ransom. Instead, it
restored its system from backups and returned to normal operations. Could your team do the same? An effective recovery
plan outlines the steps an organization will take to bounce back from a significant disaster that results in the loss of critical
systems and data.