A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. These services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. Following are the five categories of these services: Authentication: The assurance that the communicating entity is the one that it claims to be.
- Peer Entity Authentication: Used in association with a logical connection to provide confidence in the identity of the entities connected.
- Data-Origin Authentication: In a connectionless transfer, provides assurance that the source of received data is as claimed.
Data Confidentiality: Protects data from unauthorized disclosure.
Access Control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do).
Data Integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).
Non-repudiation: Protects against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Proof of Origin: Proof that the message was sent by the specified party.
Proof of Delivery: Proof that the message was received by the specified party.