What are the specific security mechanism in Information Security?

A process (or a device compilation such a process) that is designed to identify, avoid, or restore from a security attack. The mechanisms are divided into those that are performed in a definite protocol layer, including TCP or an application-layer protocol. These mechanisms are known as specific security mechanisms.

These can be integrated into the relevant protocol layer in order to support some of the OSI security services. There are some approaches for realizing security are as follows −

  • Encipherment − This is the procedure of using numerical algorithms to change data into a form that is not freely intelligible. The transformation and subsequent recovery of the information based on an algorithm and zero or higher encryption keys.

  • Digital Signature − A digital signature is an analytical approach which validates the authenticity and integrity of a message, application or digital records. It allows us to test the author name, date and time of signatures, and verify the message text.

    The digital signature supports far more basic security and designed to solve the problem of tampering and impersonation (deliberately copy another person's features) in electronic connection.

    Data or cryptographic transformation of an information unit is additional to the data, therefore that the recipient of the information unit is converted of the source and integrity of the information unit and this can also serve to secure the data against forgery (such as by the recipient).

  • Access Control − Access control is an information security process that enables organizations to manage who is authorized to access corporate data and resources.

    Secure access control need policies that check users are who they claim to be and support proper control access levels are allowed to users. There are several structure are available that accomplish access rights to resources.

  • Data Integrity − Integrity can use to a flow of messages, an individual message, or selected areas inside a message. In data integrity, it is a connection-oriented integrity service, it can handle with a flow of messages, and assure that messages are received as sent with no duplication, insertion, modification, reordering, or replays.

    There are several structure that can be used to encourage the integrity of a data unit or flow of data units.

  • Authentication Exchange − This is a structure intended to provide the integrity of an entity by means of information exchange.

  • Traffic Padding − The insertion of bits into gaps in an information flow is known as traffic padding. This provide to counter traffic analysis attempts.

  • Routing Control − Routing control allows selection of specific physically secure routes for specific data transmission and enables routing changes, particularly when a gap of security is suspected.

  • Notarization − This is the usage of a trusted third party to assure specific properties of an information exchange.