A lot has changed since the creation of the Open Systems Interconnection (OSI) model. The OSI model dates back to the mid-1970s, designed to serve as a common basis for system interconnection and networking. It has been very useful in that regard, but we have to be aware a lot has changed since its inception. The greatest disrupter to this model is cloud computing. With that said, there is still value in the OSI model and how to reduce risk in each layer, as many of our systems today still rely on its design.
What Is the OSI Application Layer?
As the name suggests, the application layer is designed to serve the end user. It is the layer most users will know and see even if they aren’t familiar with the rest of the OSI model layers. All types of services, such as mail and file transfers, happen here. It covers your web browsers, software and almost anything you see on your screen. To be clear, the applications themselves are not always part of this layer, but the services they offer are.
Cybersecurity Threats to the Application Layer
This list can be exhaustive if you start listing all of the different types of malware, because all viruses, worms, key loggers and Trojans do their damage to this part of the OSI model. This is where user ID and password sniffing happen. It’s also where user error happens. That means this is the widest surface area for attacks to happen. Steal data? Yep. Edit data? Of course! Crash an app? For sure! Take down a network? Yes.
Preventing attacks and cutting down on risk at this layer is where most cybersecurity and information security workers spend their time. It’s also what wears them out.
As we have noted before, addressing these issues with the OSI model in mind is more than just tech skills. It’s about behavior, design, knowing business processes and cost resilience. It even involves being aware of the value of our data throughout the life cycle, making it all a risk management issue.
Moving Forward on the OSI Model Journey
The OSI model was not designed with security in mind; as mentioned, it was designed to explain interconnectivity. But the OSI model does allow us to pinpoint where security issues lie. For example, a threat actor — depending on their level of technical expertise — can cause much more damage to the network at the physical level than at the application level if identity and management (IAM) controls are not in place. On the other hand, if your team is guilty of bad coding practices, you can focus in on strengthening your presentation layer.
In other words, use the OSI model as a tool to help you identify where attackers could find a foothold. Fixing the problem can be a whole lot easier if you know where to look.
Senior Director, Educator and Author