A security service is a crucial service, offered by a hierarchy of networks, that ensures sufficient security of data transfers on both internal and external networks as stipulated by ITU-T Portable Recommendation. The main aim of security services is to prevent unauthorized access, modification, or abuse of information or data. Any organization, whether large, small, medium or home-based, can benefit from appropriate security services to protect confidential data. The services are categorized into two categories, for internal and external networks.
The first category includes the detection and prevention of security threats. The second category consists of the measures to counter security attacks. Both the first and the second categories of security services employ various techniques and tools for identifying potential security threats, vulnerability of security systems and measures against such attacks, in addition to the provision of security systems and tools. Some of these adt security services even go the extra mile and implement strong administrative controls and physical safeguards in the workplace.
Direct protection services against security attacks are divided into two general categories, including security services directed at internal users and security services directed at external users. Among the many security services that are directed at internal users, password and username logging is one of the most common vulnerabilities. The use of weak passwords increases the risk of security threats as these can be easily cracked. There are various other attacks directed at password and username loggers. These include timing attacks wherein an attacker crafts a set of timing rules that the victim will follow to reveal the contents of the computer memory. Another technique used is dictionary attacks wherein an attacker creates a list of common password entries.
Non-repudiation is one of the most important features of security services. This feature ensures the protection of confidentiality of data by ensuring that information cannot be misused. Non-repudiation means that the information is protected from being used for any purpose other than the authorized one. Several mechanisms that ensure confidentiality of information include encryption, digital signatures, MAC (Message Authentication Code), integrity, encryption of data integrity and MAC (Message Authentication Code) integrity.
As an example, the digital signature is one of the basic cryptographic security services that are available for end-users. Digital signatures ensure that the contents of a message cannot be changed without the sender’s consent. Digital certificates are also useful in preventing hacking or tampering. As such, digital certificates are commonly used in web browsers to verify that the website is safe to visit.
Apart from preventing external threats, security services also play an important role in internal security mechanisms. There are several mechanisms that help in protecting organizations from hackers and unauthorized access. Among these include PINs, passwords, and biometrics. Each mechanism has its own benefits as well as drawbacks. Get more facts about security at https://en.wikipedia.org/wiki/Cyberwarfare