SRI Security Research Institute, Edith Cowan University, Perth, Western Australia
Security is only as good as the weakest link and if the weakness is at a low level in the communication stack then every other Layer has potential to inherit the problem. The OSI Layer model has defined the theoretical architecture for network communications (ISO/IEC 7498-1). Standardisation assures that each element of an internetwork uses the same model and hence a message can be moved intelligibly and correctly between participants. The OSI model divides communications into seven hierarchical Layers that provide the necessary services from the application Layer through to the physical Layer of electricity (ISO/IEC 7498-2). Each Layer is dependent on the one below to provide the more primitive functions and is hence interconnected from top to bottom in a communication chain. The four Layer TCP/IP pragmatic model conveys a similar relationship of dependant services for communication that have inter-dependence (Comer, 1995). The consequence is that no matter how a communication stack is looked at – theoretically or in practice – problems low down impact higher Layers. In this research we looked specifically at the OSI Data Link Layer (2) not only because so much has been written on security issues at this Layer, but also because it is the first Layer where serious abstraction in terms of logics and protocols is made from the primitive physical impulses (Altunbasak et al., 2005; NIST, 2013). These theoretical abstractions offer opportunity for proper and improper manipulation that may either better facilitate communication or impede effective communication. The data link Layer also gives opportunity for a range of logical attacks that may exploit the effective communication but not always for the intended purposes. Such vulnerabilities occur elsewhere in the communication stack but Layer 2 is the first real opportunity for logical attacks (Shanmug et al, 2010; Altunbasak, et al., 2005). This paper is structured to briefly review current literature and define the implications of OSI Layer 2 security vulnerabilities. The OSI model is selected in preference over the TCP/IP model as it has greater clarity around specific layers and reference detail. Two gaps in the literature are identified and theoretical solutions proposed for Layer 2 security.