Security services and security mechanisms
Security mechanisms

Security mechanism is a process that implements security services based on a hardware (technical), software (logical), physical or administrative approach. Security mechanisms support the security services and execute specific activities for the protection against attacks or attack results.

The security mechanisms are divided into those that are implemented in a specific protocol layer and those that are not specific to any particular protocol layer or security service.

To the basic mechanisms of enciphering belong:

Encipherment is a mechanism aimed at protecting a message’s information content by using mathematical algorithms that transform data into a form that is not readable by unauthorized subjects.

Digital signature is the mechanism that uses the cryptographic transformation of a data unit to prove the source and integrity of the data unit and protect against forgery.

Access control covers a variety of mechanisms that enforce access rights to resources. This mechanism involves authorization to access some resources.

Data integrity covers a variety of mechanisms used to assure the integrity of a data unit or stream of data units.

Authentication exchange is a mechanism intended to ensure the identity of an entity by means of information exchange.

Traffic padding is a mechanism that inserts bits into gaps in a data stream to frustrate traffic analysis attempts.

Routing control enables selection of particular physically secure routes for certain data and allows routing changes, especially when a security breach is suspected. This mechanism also involves perimeter security.

Notarization is a mechanism that uses a trusted third party to assure certain properties of a data exchange.

Perimeter security is a mechanism that allows accepting or denying data from or to a particular address or service located outside of the local network. Security service – security mechanism mapping.