Page 34 - ITGC_Audit Guides
P. 34

Layered Service Network Model
                   When referencing networks, it helps
                   to conceptualize the different network   Figure 11: The Open Systems Interconnection Model
                   “layers” using a model. Sometimes
                   collectively referred to as the network
                   stack, the most commonly used
                   network-layered model is the Open
                   Systems Interconnection (OSI)
                   Seven-Layer model, as shown in
                   Figure 11.

                   Like many IT concepts, this model is
                   not universal, but it may be helpful
                   when thinking about services
                   provided by a network stack. Most
                   operating systems provide a network
                   stack that contains a series of
                   applications allowing for remote
                   connections and sending/receiving of
                   data to remote devices. Each layer        For more details on the specifics of the OSI
                   has a responsibility and operates         Seven-layer Model, see Appendix D and
                   independently of other layers.            Appendix E.
                   Additionally, each layer accepts data
                   from the higher level and performs its
                   required functions before passing it to a lower level. This is referred to as passing information
                   down the “network stack” and allows developers to assume that necessary services will have
                   been provided by lower layers. It also requires that the services they develop provide stable
                   interoperation “up the stack.”

                   Information passed down from a higher layer is most often intact. It can be divided or combined
                   as needed at the new layer because all data from the higher level is simply a field of data. Control
                   information called metadata (data about data) is added; this metadata is usually called a header.
                   Portions of this guide will reference the different layers.

                   Network Protocols
                   The protocol of a network is an agreed-upon format for exchanging or transmitting data between
                   systems (or up and down the network stack). Protocols define a number of agreed-upon
                   parameters, such as the method to compress data, the type of error checking to use, and
                   mechanisms for systems to signal when they have finished either receiving or transmitting data. A
                   simple analogy is a telephone conversation in which the recipient of the call says “hello” when
                   answering the call, and the caller responds, “hello,” establishing a voice protocol (speaking in an
                   agreed-upon language).
                   Some common network protocols include Ethernet, Transmission Control Protocol/Internet
                   Protocol (TCP/IP), File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), and Secure
                   Sockets Layer (SSL) Protocol. Simple descriptions of each are available in Appendix F.





                   26 — theiia.org
   29   30   31   32   33   34   35   36   37   38   39