In Information technology, security refers to the defense of digital information as well as IT assets against the external and internal, accidental and malicious threats. This defense comprises of detection, prevention, as well a response to the threats with respect to the use of security policies, IT services, and software tools. Security can be physical security or information security. information security further comprises of application security, cloud security, endpoint security, network security, and internet security.
For the purpose of implementing security, there are a number of security mechanisms which are required such as authentication, authorization, accounting or auditing, data encryption, firewalls, and private public key encryption.
Authentication is a security mechanism which provides the facility of access control for several systems in order to check for whether the credentials of users match with the database or not. Authentication refers to the authenticating users who are requesting to access the services of network. As an example, some of the routing protocols have proper support for the route authentication in which a router must pass through some of the criteria before accepting the updates of routing. Authentication in the network which is based in three different proofs such as something the user knows, something that user has, and something the user is. Many of the users have two-factor authentication that requires a user to use two identity proofs. Under the implementation of two-factor authentication, one node compromise cannot affect the overall network.
Authorization is also a security mechanism of providing permission to do something. Authorization is preceded by authentication. It is the responsibility of the system administrator to allow the users to access a particular system or device and to provide the privileges for the users for accessing file directories, amount of storage allocated etc. Authorization sometimes can be seen as the preliminary setting of the permission via system administrator along with the actual checking of all the permission values. however, authorization can be varied according to user to user. as an example, only HRM should see the records of salary. In order to implement the security mechanism of authorization, principle of least privilege can be implemented according to which each of the user is provisioned with the minimum and necessary rights for the purpose of performing a particular task.
3. Accounting or Auditing
In order to effectively analyze the security of a particular network for responding towards the security incidents, there should be well established procedures for the collection of network activities and this collection of data is known as auditing or accounting. authentication, authorization, and accounting are three AAA of security mechanism which intelligently control the access to the resources of computer, enforcing policies, provision of necessary information, and auditing usage. these are combined in order to provide the secure access to the network with effective network security mechanisms.
4. Data encryption
Encryption is considered as the process which scrambles data in order to protect it from being read by anyone except the intended receiver. An encryption device basically encrypts the data before placing it on the network. On the other hand, a decryption device basically decrypts the data or information before passing it to the application. In the process of data encryption, server, router to an end device can act as the decryption or encryption device. Data encryption is considered as an important security mechanism which works in two different parts such as an encryption algorithm and encryption key. Encryption can be categorized into private and public key encryption.
5. Packet filters
Packet filer is another security mechanism which can be set up on the firewalls, routers, and servers in order to accept as well as deny the packets with respect to a particular service or address. packet filter comprises of both the authorization and authentication mechanisms which helps to protect the resources of the network from the unauthorized access, use, destruction, theft, or attacks like denial of service attacks. Packet filter works on two different policies such as deny the specific types of packets and accepting else and the second is accepting specific types of packets and denying anything else.
Firewall is another mechanism for ensuring security of the network. It can be considered as the device that enforces the policies of security at the boundary of two or more networks. A firewall can also be considered as a router with access control list, a software running on PC, or a dedicated hardware appliance. A firewall as a security mechanism is considered as important at boundary between the internet and the enterprise network. It comprises of specific set of rules and policies for allowing or denying the network traffic. Proxy firewall is considered as the advanced level of firewall which also acts as intermediary between the network hosts which intercept some or all the network traffic between local clients as well as outside servers. Firewall also examines the packets as well as support for the stateful tracking of all the sessions. Firewall like Proxy firewall has the ability to block the malicious traffic as well as content which deemed unacceptable.
7. Intrusion detection and prevention system
An intrusion detection and prevention system are a security mechanism which has the ability to detect the malicious events and immediately notifies to the network administrator through logging, paging, and email. an intrusion detection system can also perform the anomaly and statistical analysis. some of the intrusion detection and prevention system devices can report to a particular central device or database in order to correlate the information from several sensors in order to give the administrator a real time view for security.