1 00:00:01,340 --> 00:00:07,400 I'd like to welcome you to the next installment of the network security lecture series this lecture 2 00:00:07,400 --> 00:00:10,100 will be devoted to protocol and networking hardware. 3 00:00:11,400 --> 00:00:15,190 We will learn about the risks related to each of the OS and model layers. 4 00:00:17,200 --> 00:00:25,160 To fully appreciate these risks we will now revise the design of VLSI model more than 30 years ago. 5 00:00:25,180 --> 00:00:30,440 Engineers who are creating protocols that are still in use today encountered a serious issue. 6 00:00:33,370 --> 00:00:38,950 They had to find a universal way of communication between any two hosts. 7 00:00:38,980 --> 00:00:43,150 These may be both modern supercomputers and modern mobile devices. 8 00:00:44,570 --> 00:00:47,800 There is a huge gap here when it comes to computational power. 9 00:00:49,050 --> 00:00:52,950 Also the people who designed and created it never met. 10 00:00:53,090 --> 00:00:59,370 There have to be some general standards and principles successful communication between such devices 11 00:00:59,370 --> 00:01:00,840 poses a challenge. 12 00:01:03,320 --> 00:01:08,930 Engineers tackled the issue by dividing it into smaller problems. 13 00:01:09,000 --> 00:01:15,480 One big task finding a universal way of communication between any two hosts in the Internet was split 14 00:01:15,480 --> 00:01:17,120 into some smaller tasks. 15 00:01:17,340 --> 00:01:24,550 Seven to be precise each of these tasks is fulfilled by a different layer of the OS model. 16 00:01:26,640 --> 00:01:29,970 We have to know something more than only what's done in each of the layers. 17 00:01:32,800 --> 00:01:36,850 The model itself is slightly outdated. 18 00:01:36,900 --> 00:01:43,370 It's getting harder and harder to say precisely which function is located and which layer. 19 00:01:43,540 --> 00:01:48,040 Very often the schematic representation of the model shows only three layers for simplicity 20 00:01:50,740 --> 00:01:56,960 for us it's most important to remember that higher layers are dependent upon lower layers. 21 00:01:57,120 --> 00:02:02,190 If there's a problem in the physical error or in the data link player you won't find the solution in 22 00:02:02,190 --> 00:02:11,280 the presentational layer or the network layer individual layers are strongly interconnected. 23 00:02:11,280 --> 00:02:16,350 The second important point is that there is a mutual trust between individual layers of the ISI model 24 00:02:18,970 --> 00:02:21,180 for example Protocols of the fourth layer. 25 00:02:21,370 --> 00:02:29,070 Don't check up on the data provided by the third layer protocols protocols don't verify incoming data. 26 00:02:29,130 --> 00:02:33,960 The next piece of information worth remembering is that each layer communicates only with its immediate 27 00:02:33,960 --> 00:02:36,510 neighbors. 28 00:02:36,540 --> 00:02:40,320 That's all when it comes to the most important points of the US my architecture. 29 00:02:43,060 --> 00:02:45,220 Let's have a closer look at each layer. 30 00:02:46,000 --> 00:02:48,050 We'll start from the bottom. 31 00:02:48,190 --> 00:02:51,150 The physical layer sends a signal through a physical medium. 32 00:02:52,250 --> 00:03:00,130 It may be a copper or optical fiber cable or a radio wave next there is a datalink layer. 33 00:03:00,470 --> 00:03:03,770 It controls access to the medium. 34 00:03:03,860 --> 00:03:06,910 It has to take into account various features of the medium. 35 00:03:08,400 --> 00:03:15,240 For example one copper cable cannot transmit two signals of the same frequency lots of these layers 36 00:03:15,240 --> 00:03:17,700 like any kind of security measures. 37 00:03:17,850 --> 00:03:19,110 Even the simplest ones 38 00:03:24,110 --> 00:03:30,810 layer three is the network layer that's responsible for the IP addressing and routing. 39 00:03:30,840 --> 00:03:35,590 This involves sending packets between networks and transferring them to the destination host. 40 00:03:39,180 --> 00:03:47,130 The transport layer is the fourth one that's responsible for communication channels Layer 4 allows you 41 00:03:47,130 --> 00:03:50,480 to establish a two way connection. 42 00:03:50,490 --> 00:03:57,890 It also enables you to control the session in contrary to layers one and two you can implement some 43 00:03:57,890 --> 00:04:03,620 security measures in layers three and four internet protocols are used for that purpose. 44 00:04:06,100 --> 00:04:12,240 Then there is the session layer this layer may compromise reliable protocols which are connected with 45 00:04:12,240 --> 00:04:14,670 managing assertion. 46 00:04:14,670 --> 00:04:20,870 These are however usually implemented in lower layers a closer look at this layer will show that it 47 00:04:20,870 --> 00:04:26,180 includes protocols such as and TLM or Kerberos which will be discussed in another lecture 48 00:04:31,440 --> 00:04:39,630 the six layer of the model is the presentation layer one of its tasks is data encoding it's responsible 49 00:04:39,630 --> 00:04:43,630 for the delivery and formatting of information to the communication protocols. 50 00:04:43,800 --> 00:04:50,180 So they're prepared to be sent the application layer is the last layer of the model. 51 00:04:58,090 --> 00:05:02,560 In this module We'll see why a successful attack on one of the layers can give the attacker control 52 00:05:02,560 --> 00:05:04,400 over the entire computer system. 53 00:05:05,270 --> 00:05:10,260 This is another reason for implementing layered security. 54 00:05:10,280 --> 00:05:16,310 We will also consider risks and threats connected with each individual or us-I layer. 55 00:05:16,320 --> 00:05:21,690 We will also examine what kind of measures provide real protection against those threats and in which 56 00:05:21,690 --> 00:05:29,200 circumstances such protection is only illusory as a summary of all this information. 57 00:05:29,280 --> 00:05:35,480 We will try to answer the question how can you effectively improve the security of your computer networks. 58 00:05:39,120 --> 00:05:40,620 Let's start module 6.