nt-part2_21
Analysis of the Security of Windows NT
1 March 1999
21
4.1 Network Architecture
In the early days of computing, it was nearly impossible to communicate between com-
puters from different vendors as they all follow their own standard(s). For two comput-
ers to communicate, they had to follow the same rules, i.e. use the same protocol. In
late 1970s, International Standard Organization (ISO) addressed this problem through
a model for Open Systems Interconnect (OSI), which became an international stan-
dard. The OSI reference model (RM) consists of seven layers, see Figure 4, where the
physical layer is the lowest one, and the application layer is closest to the applications.
FIGURE 4. The OSI layered model
Network architectures of today are also normally implemented in a layered fashion,
and NT's network architecture is not an exception. Although few companies strictly
follow the OSI model, it is still used as a reference model.
4.1.1 OSI versus NT Layer Model
The various NT layers are presented in Figure 5. On the right side of the figure, the cor-
responding OSI layers are given.
Note. The scope of this report does not permit in-depth coverage of each layer. More
details can be found in [42]. Below, however, we will describe NDIS, Transport Proto-
cols, STREAMS, TDI and finally, some network APIs, including the WinSock API,
the NetBIOS API and the RPC facility.
7. Application layer
6. Presentation layer
5. Session layer
4. Transport layer
3. Network layer
2. Data-link layer
1. Physical layer
7. Application layer
6. Presentation layer
5. Session layer
4. Transport layer
3. Network layer
2. Data-link layer
1. Physical layer
Transport medium