Open Systems Interconnection Model

The OSI reference model was introduced in 1983 as a standard by the International Standards Organization (ISO). The standard is called "ISO 7498-1" and its main purpose was to enable different manufacturers and software companies to produce devices and programs that can communicate with each other.

A network model is a conceptual framework that helps us understand how we could organize communication between different devices. Studying network models can give us a high level understanding of what computers are doing across networks in spite of the fact that, in practice, physical implementations are not so clearly defined.

OSI defines seven "layers", where each layer is only concerned with its immediate predecessor. At each layer, various protocols can be defined, which establish deterministic rules for different kinds of communication. For each layer, we'll learn about its theoretical responsibility, a few of the activities that tend to happen on it in practice, and its Protocol Data Unit (PDU).

A PDU is the unit of information that is transmitted at a certain layer. Note that some activities are not necessarily layer-dependent. For example, flow control, the function of making sure information gets to its intended destination, can be implemented at several layers (especially layers 2 to 4).

Layer 7: At the very top of the model, the Application Layer defines ways in which a human or software can interact with a network. It's important to note that the word application in this context does not refer to programs or applications themselves, but rather refers to how the software receives data. For example, browsing the web and downloading emails are some types of activity facilitated by the Application Layer. Information transmitted via the Application Layer is simply referred to as data.

Layer 6: Next, the Presentation Layer is responsible for taking the data it receives from the layer below it, and for rearranging it in a way that the Application Layer can present to a user. Encrypting, compressing, or otherwise transforming data are examples of activities that happen on the Presentation Layer. As with the Application Layer, we refer to information transfer on Layer 6 as data.

Layer 5: The Session Layer implements protocols that initiate, maintain, and eventually terminate multiple different connections between computers. These ongoing connections are often called sessions. As the lowest of the data layers, we continue to refer to information on this layer as data.

Layer 4: The Transport Layer is largely (but not solely) responsible for making sure that data gets from Host A to Host B in the proper order and on time. It handles errors, makes sure that hosts involved in the communication are aware if any data needs to be resent, and alerts the sending host(s) if they are sending information across the network too quickly for the receiver(s) to handle. The Transport Layer actually has multiple PDUs, depending on if the protocol involved maintains a connection between participants, or if it merely allows one-off broadcasting.

For connection-oriented (or stateful) protocols, we refer to information units as segments, because protocols at this layer will define ways for breaking down longer messages into smaller ones via a process called segmentation. For connection-less (or stateless) protocols, we call information units datagrams, which is an amalgamation of the words "data" and "telegram".

Layer 3: The Network Layer, true to its namesake, is primarily concerned with information travelling between two or more different networks. Some of its functions are the routing and broadcasting of messages, and the addressing of multiple hosts. We're already familiar with its PDU: information at this layer are called packets.

Layer 2: The Data Link layer is tasked with transferring information between hosts that are physically connected on the same network. Protocols operating on Layer 2 define rules for initiating, monitoring, and terminating communication between physically connected machines. It performs error detection and correction for issues that occur on the layer below it. Unlike the layers above it, OSI defines two sub-layers within the Data Link Layer. Media Access Control (MAC) determines how and when different devices are allowed to communicate to each other, whereas Logical Link Control (LLC) provides flow control and error handling functions on Layer 2. The Data Link Layer's PDU is called a frame.

Layer 1: Finally, the Physical Layer transfers raw data between a physical machine and a physical transmission medium (like a wire). From a security perspective, we're often (though of course, not always) less interested in this layer, because it deals with the underlying physics of data transfer. It's responsible for the transformation of digital bits into various kinds of physical bits, like electricity, radio waves, and photons. It deals with electrical engineering topics like cable specifications, voltage calculations, and radio frequencies. The PDU at the Physical Layer can be referred to as symbols or just bits.

Earlier, we mentioned that each layer depends solely on the information provided to it from the layer immediately below it. This design principle is called encapsulation.

Encapsulation can be thought of as a spaceship launching from Earth into orbit. When it starts its journey, it contains many parts whose only purpose is to propel and safeguard the rest of the rocket. As it travels, it drops the parts that it no longer needs, so that by the time it arrives at its destination, only the most essential components remain. At each stage of its journey, we can think of the rocket containing an engine, which moves the rocket, and a payload, where the latter is simply the next engine in the journey. This remains true until the final stage, where the "true" payload is finally delivered (passengers, cargo, etc.).

Similarly, the OSI model expects data to travel up the various layers via encapsulation. Each layer contains descriptions of information at the next layer, as well as the intended message itself.

Relevant Note(s): Information Technology TCPIP Model