What are the types of security mechanism in information security?

There are various types of security mechanism which are as follows −

Physical Security − Physical security define limiting access to key network resources by maintaining the resources behind a locked door and secured from natural and human-made disasters.

Physical security can secure a network from unintended exploitation of network equipment by untrained faculty and contractors. It can also secure the network from hackers, competitors, and terrorists walking in off the street and changing equipment configurations.

It is based on the level of protection, physical security can secure a network from terrorist and biohazard events, such as bombs, radioactive spills, etc. Physical security can also protect resources from natural disasters including floods, fires, storms, and earthquakes.

Authentication − Authentication recognizes who is asking network services. The term authentication generally define the authenticating users but can also define authenticating devices or software processes.

For example, there are some routing protocols provides route authentication, whereby a router should pass some element before another router accepts its routing updates.

Some security policies state that to access a network and its services, a user should enter a login ID and password that are authoritative by a security server. It can maximize security, and one-time (dynamic) passwords can be used.

With one-time password systems, a user's password continually shift. This is generally accomplished with a security card, also known as Smartcard.

A security program is a physical device around the content of a credit card. The customer method a personal identification number (PIN) into the card. The PIN is an original level of security that simply provides the user permission to use the card.

The card supports a one-time password that can be used to access the corporate network for a definite time. The password is synchronized with a fundamental security card server that occupy on the network. Security cards are generally used by telecommuters and mobile users.

Data Encryption − Encryption is a procedure that scrambles information to secure it from being read by anyone but the pre-determined receiver. An encryption device encrypts information before locating it on a network. A decryption device decrypts the information before passing it to an application.

A router, server, end system, or dedicated tool can facilitate as an encryption or decryption device. Data that is encrypted is known as ciphered data (or simply encrypted data). Data that is not encrypted is known as plain text or clear text.

Authorization − Authorization change from user to user, partly based on a user's department or job function. For instance, a policy can state that only Human Resources employees should view salary data for people they don't handle.

Access Control − It uses an approach to certify that a user has access right to the information or resources owned by a system.

Updated on: 11-Mar-2022

1K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started