OSI Security Architecture
The security of an organization is the utmost concern of people working at the organization. Safety and security are the pillars of cyber technology. It is hard to imagine the cyber world without thinking about security. The architecture of security is thus a very important aspect of the organization. All the requirements concerned with security are taken care of by the managers of the organization by using a well-organized OSI Security Architecture. OSI Security Architecture defines the well-planned standard architecture for security features in computer networking. OSI architecture is internationally acceptable as it lays the flow of providing safety in an organization.
Need of OSI Architecture:
Below listed are the need for OSI Architecture in an organization:
1. Security Needs:
- OSI Architecture caters to the security needs of an organization.
- Safety and security are ensured by OSI Architecture to prevent risk and threats.
2. Systematic Arrangement:
- OSI Architecture gives a systematic approach to the security requirements of an organization.
- Security policies are well maintained through OSI Architecture.
3. Centralised Processing:
- OSI Architecture maintains a central processing environment.
- LAN and WAN help in the Centralised Processing of OSI Architecture.
Benefits of OSI Architecture:
Below listed are the benefits of OSI Architecture in an organization:
1. Providing Security:
- OSI Architecture in an organization provides the needed security and safety, preventing potential threats and risks.
- Managers can easily take care of the security and there is hassle-free security maintenance done through OSI Architecture.
2. Organising Task:
- Managers get the opportunity to organize tasks in an organization effectively.
- A well-planned standard architecture for security features enhances performance.
3. Meets International Standards:
- Security services are defined and recognized internationally meeting international standards.
- The standard definition of requirements defined using OSI Architecture is globally accepted.
Three Pillars of OSI Security Architecture:
OSI Security Architecture is categorized into three broad categories mentioned Security Attacks, Security mechanisms, and Security Services. We will discuss each in detail:
1. Security Attacks:
These are defined as the actions that put at risk an organization’s safety. They are further classified into 2 sub-categories:
A. Passive Attack:
Attacks in which a third-party intruder tries to access the message/ content/ data being shared by the sender and receiver by keeping a close watch on the transmission or eave-dropping the transmission is called Passive Attacks.
Here, both the sender and receiver have no clue that their message/ data is accessible to some third-party intruder. The message/ data transmitted remains in its usual form without any deviation from its usual behavior. This makes passive attacks very risky as there is no information provided of the attack happening in the communication process. One way to prevent passive attacks is to encrypt the message/data that needs to be transmitted, this will prevent third-party intruders to use the information though it would be accessible to them. Passive attacks are therefore divided into two parts based on their behavior:
- Message Content is the type of passive Attack that involves the intruder stealing all the message/data transmitted. Here, the information gathered by the intruder is stolen unethically.
- Masked Traffic Analysis: This type of passive Attack involves messages/ data being encrypted before transmission. Here, the message being masked/ encrypted the intruder can’t read the message but only understand the pattern and length of encryption.
B. Active Attacks:
Attacks in which both the sender and receiver have no clue that their message/ data is modified by some third-party intruder. The message/ data transmitted doesn’t remain in its usual form and shows deviation from its usual behavior. This makes active attacks dangerous as there is no information provided of the attack happening in the communication process and the receiver is not aware that the data/ message received is not from the sender.
Active attacks are further divided into four parts based on their behavior:
- Masquerade is a type of active attack, the attacker tampers the information received by the receiver by claiming itself as the sender.
- Replay is a type of active attack, the attacker attacks the transmitted message through a passive channel and make the final message received by the receiver look like it’s not authorized and safe
- Modification of Message is a type of active attack, the attacker modifies the transmitted message and makes the final message received by the receiver look like it’s not authorized and safe
- Denial of Services is a type of active attack, the receiver is prevented from receiving the transmitted message as there is an overflow of requests to the receiver, which makes the services hampered from their usual behavior.
2. Security Mechanism
The mechanism that is built to identify any breach of security or attack on the organization, is called a security mechanism. Security Mechanisms are also responsible for providing ways in which an attack can be prevented as soon as it is detected.
3. Security Services:
Security services refer to the different services available for maintaining the security and safety of an organization. They help in preventing any potential risks to security. Security services are divided into 5 types:
- Authentication is the most basic service to ensure that desired permission is well verified and safe
- Access Control ensures that only authorized users have access to the available resources.
- Data Confidentiality is responsible for ensuring that the data is kept extremely safe from third-party intruders.
- Data Integrity ensures that the transmitted information received by the receiver is well- authenticated and there is no tampering with the information received.
- Non- repudiation restricts the forwarding of the transmitted message by either of the parties( sender and receiver).