The figure below shows the OSI model for the transmission data from one side to another. Previously, I have explained the data flow between the two parties, where it starts from the application layer all the way down to the physical layer; while it works upside down on the receiver side (See the PowerPoint file for more information about the transmission-data).
This blog discusses the possible ways to provide security in these protocols. The Network layer protocol used on the Internet, in fact, is known as the Internet Protocol (IP); while, the two Transport layer protocols used are Transport Control Protocol (TCP) and User Datagram Protocol (UDP). These protocols provide no security guarantees, since the packets are transmitted in plaintext (clear text). Transmission Control Protocol/Internet Protocol (TCP/IP) has some vulnerabilities because it is difficult to verify the following:
- Confidentiality – Data has not been viewed by a third party while in transit.
- Integrity – Data has not been modified in transit.
- Authentication – The claimed client or server is the true client or server.
The solution is to provide security in various layers such as, IPSec at the Network layer, SSL/TLS at the Transport layer and S/MIME at the Application layer (for emails).