Network security

The OSI model and TCP/IP model

Nitesh Malviya
September 23, 2020 by
Nitesh Malviya

What is the OSI model?

The OSI model was the primary standard model for network communications, adopted by all major telecommunication companies and computers within the early 1980s. The users of a network are located across the world. So, an international group of standards has been developed for ensuring that nationwide and worldwide electronic communication systems may be developed and are compatible with one another. 

A conceptual framework has been developed by the International Organization of Standardization (ISO) in which these standards will fit. This framework is called Open System Interconnection (OSI) and it is generally referred to as the OSI reference model. The OSI model is a seven-layered architecture where each layer is assigned a specific task.

Learn Network Security Fundamentals

Learn Network Security Fundamentals

Build your skills with seven hands-on courses covering network models and protocols, wireless and mobile security, network security best practices and more.

Functions of different layers

There are seven layers in the OSI model:

  1. Physical layer 
  2. Data-link layer
  3. Network layer
  4. Transport layer
  5. Session layer
  6. Presentation layer
  7. Application layer

Their roles are as follows.

Layer 1: Physical layer

The lowest layer of the OSI reference model is the physical layer. The physical layer describes the electrical and physical specifications of the data connection. It contains information in the form of bits, and the digital data bits are converted into electrical signals. 

It defines the transmission mode, whether it is simplex, half-duplex or full-duplex between two devices on the network. The physical layer defines voltages and data rates needed for transmission. The physical layer isn’t concerned with protocols or other higher-layer items.

Layer 2: Data-link layer

The main function of a data-link layer is to handle the errors which might occur at the physical layer. The data-link layer is accountable for node-to-node delivery of the data. It takes packets from the network, breaks them into smaller pieces called frames and then passes them on to the physical layer. This layer adds a header to the frame, which has the physical address of the sender or receiver of that frame. This layer consists two sub-layers:

  1. Logical Link Control (LLC): This sub-layer is responsible for establishing and maintaining links between the communicating devices and allows you to find errors.
  2. Media Access Control (MAC): This sub-layer uses MAC addresses for connecting devices and permits to transmit and receive data.

Layer 3: Network layer

The main function of the network layer is to transfer packets from source to destination across multiple networks. There is no need for this layer if two systems are connected on the same network. The network layer is responsible for routing, i.e., it selects the shortest path to transmit the packet. This layer defines an addressing scheme during which the sender’s and receiver’s IP address is placed within the header.

Layer 4: Transport layer

As the name suggests, this layer is responsible for transportation services. The transport layer decides whether the data transmission should occur on parallel paths or single paths. This layer is responsible for multiplexing, splitting or segmenting on the data. 

This layer is capable of both connectionless and connection-oriented transfer of data. Flow control is a fundamental function of this layer. 

Layer 5: Session layer

The session layer is employed to establish, maintain and synchronize conversations between two different applications. This layer allows two systems to enter in dialog, which can be half-duplex or full-duplex. At this layer, streams of data are marked and resynchronized so that the whole message is delivered and data loss is avoided.

Layer 6: Presentation layer

The presentation layer prepares data for the application layer, based on syntax and semantics. This layer makes sure that the form in which data is delivered to the receiving system will be understandable and usable. Some important responsibilities of this layer are translation, encryption and compression.

Layer 7: Application layer

The topmost layer of the OSI model is the application layer. This layer defines services that are directly supported by a user application. It allows the creation of a virtual terminal, which is the software version of a physical terminal. This layer gives File Transfer Access and Management, which enables a user to access, retrieve, manage or control files in a remote computer.

TCP/IP model

The TCP/IP model was designed and developed by the US Department of Defense in the 1960s, based on basic protocols. The TCP/IP model is a compact version of the OSI model. TCP/IP is a short form of two protocols, namely Transmission Control Protocol and Internet Protocol which is a set of networking protocols which allows two or more computers to communicate. 

TCP/IP model is a four-layered architecture as shown:

  1. Network access layer
  2. Internet layer
  3. Transport layer
  4. Application layer

Layer 1: Network access layer

The lowest layer of the TCP/IP model is the network access layer. This layer provides only connectionless services. This layer describes how messages should be sent using the network. 

The network layer is accountable for the transmission of the message between two devices on the same network. Ethernet, token ring, frame relay, FDDI and X.25 are the protocols used by the network layer.

Layer 2: Internet layer

The internet layer describes the protocols which are reliable for logical transmission of data over the entire network. The main protocols in this layer are as follows:

  1. IP: The internet protocol is accountable for the delivery of packets from the source host to the destination host by seeing at the IP addresses in the packet headers.
  2. ICMP: The internet control message protocol is encapsulated within IP datagrams.
  3. ARP: The address resolution protocol is used to find the hardware address of the host from a known IP address.

Layer 3: Transport layer

Transport is responsible for end-to-end communication, reliability and flow control and error-free delivery of the data. TCP is responsible for sequencing and segmentation of data. UDP is a connectionless protocol.

Layer 4: Application Layer

Application layer is the topmost layer of the TCP/IP model. This layer is accountable for node to node communication and controls user interface details. HTTP, HTTPS, SSH and NTP are the main protocols present in this layer.


TCP/IP model is the older of the two techniques for data communication and very well accepted. The OSI model is a proven concept which is used as a base to apply to most of the new applications. 

Learn Network Security Fundamentals

Learn Network Security Fundamentals

Build your skills with seven hands-on courses covering network models and protocols, wireless and mobile security, network security best practices and more.


Nitesh Malviya
Nitesh Malviya

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog - and Linkedin -