Two types of security Mechanisms.
1.Specific Security Mechanisms
2.Pervasive Security Mechanisms
Specific Security Mechanisms
These may be incorporated into the appropriate protocol layer in order to provide some of the OSI security services.
Encipherment: The use of mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an
algorithm and zero or more encryption keys.
Digital Signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the recipient).
Access Control: A variety of mechanisms that enforce access rights to resources.
Data Integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of
data units.
Authentication Exchange: A mechanism intended to ensure the identity of an entity by means of information exchange.
Traffic Padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis
attempts.
Routing Control: Enables selection of particular physically secure routes for certain data and
allows routing changes, especially when a breach of security is suspected.
Notarization: The use of a trusted third party to assure certain properties of a data exchange.
Pervasive Security Mechanisms:
Mechanisms those are not specific to any particular OSI security service or protocol layer.
Trusted Functionality: That which is perceived to be correct with respect to some criteria (e.g.,
as established by a security policy).
Security Label: The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource.
Event Detection: Detection of security-relevant events.
Security Audit Trail: Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities.
Security Recovery: Deals with requests from mechanisms, such as event handling and
management functions, and takes recovery actions.
