정보 시스템 보안 3-1 장. 네트워크 기초 최미정mjchoi@kangwon.ac.kr 강원대학교...

정보 시스템 보안정보 시스템 보안

3-13-1 장장 . . 네트워크 기초네트워크 기초

최미정최미정mjchoi@kangwon.ac.krmjchoi@kangwon.ac.kr강원대학교 컴퓨터과학전공강원대학교 컴퓨터과학전공

이 장에서 다룰 내용이 장에서 다룰 내용이 장에서 다룰 내용이 장에서 다룰 내용

OSI 7 계층의 세부 동작을 이해한다 .1

OSI : Open System Interconnection by ISO

Purpose of OSI Model

~ is to open communication between different systems without requiring changes to the logic of the underlying hardware and software.

OSI Model

~ is layered framework for the design of network systems that allows for communication across all types of computer systems

Layered Architecture

~ shows the layers involved when a message is sent from device A to device B

Peer-to-peer process

~ process on each machine that communicates at a given

layer

Interfaces between Layers

~ defines what information and services a layer must

provide for the layer above it

Organization of the Layers Layer 1, 2, 3(network support layers)

~ deal with the physical aspects of moving data from one device to another

Layer 5, 6, 7(user support layers)

~ allow interoperability among unrelated software systems

Layer 4(transport layer)

~ links the two subgroups and ensures that what the lower layers have transmitted is in a form that the upper layers can use

OSI 모델을 이용한 교환

Headers are added to the data at layers 6, 5, 4, 3, and 2. Trailers are usually added only at layer 2.

물리 계층 (Physical Layer) 데이터 링크 계층 (Data Link Layer) 네트워크 계층 (Network Layer) 전송 계층 (Transport Layer) 세션 계층 (Session Layer) 표현 계층 (Presentation Layer) 응용 계층 (Application Layer)

coordinates the functions required to transmit a bit stream over a physical medium.

(deal with the mechanical and electrical specification of the primary connections: cable, connector)

Physical Layer

특징 인터페이스 및 매체의 물리적 특성 Representation of bits : 부호화 (Encoding); 신호에 의한 data

표현 Data rate : 전송속도 비트의 동기화 (Synchronization of bits)

회선구성 (Line configuration) : point-to-point, multipoint

물리적 접속형태 (Topology) : mesh, star, ring, bus

데이터 전송 모드 (Data transmission mode) : simplex, half-duplex, full- duplex

is responsible for delivering data units(group of bits) from one station to the next without errors.

It accepts a data unit from the third layer and adds meaningful bits to the beginning(header) and end(trailer) that contain addresses and other control information: Frame

Data Link Layer

Specific responsibilities

Framing : dividing into Frames

물리주소지정 (Addressing) : 프레임 수신 주소지정 흐름 제어 (Flow control) : for avoiding overwhelming

the receiver

에러 제어 (Error Control) : retransmission

액세스 제어 (Access control) : for avoiding collision

is responsible for the source-to-destination delivery of a packet across multiple network link

provides two related services. Switching Routing

Switching

~ refer to temporary connections between physical links, resulting in longer links for network transmission.(ex: telephone conversation)

Routing

~ means selecting the best path for sending a packet from one point to another when more than one path is available

• End-to-End Delivery

Specific responsibilities

Source-to-destination delivery(packet)

Logical addressing

Routing

is responsible for source-to-destination (end-to-end) delivery of the entire message.

cf: the network layer oversees end-to-end delivery of individual packet.

Specific responsibility

Reliable End-to-end message delivery

Service-point(port) addressing delivery of a message to the appropriate application on a computer

running multiple applications

Segmentation and reassembly

Connection control

Flow Control

Error Control

Reliable End-to-end delivery of a message

Transport Layer

Specific responsibility

Session management

Synchronization

Dialog control : Deciding who sends, and when

ensures interoperability among communicating devices. is responsible for the encryption and decryption of data for

security purpose and for the compression and expansion of data when necessary for transmission efficiency.

Specific responsibility Translation Encryption Compression

enables the user, whether human or software, to access the network.

provides user interfaces and support for services. Email, remote file access and transfer, shared

database management

Application Layer

Specific services

Network virtual terminal

File access, transfer, and management

Mail services

Directory services