The OSI Security Architecture
To assess effectively the security needs of an organisation and to evaluate and choose various security products and policies, we need some systematic way of defining the requirements for security and characterising the approaches to satisfying those requirements. The OSI Security Architecture focuses on three essential parts: security attacks, security mechanisms and security services.
Security attack: Any action that compromise the security of information owned by an organization.
Security mechanism: Any process that is used to detect, prevent or recover from a security attack.
Security service: Any processing or communication service that enhances the security of data processing systems and the information transformation of an organisation.
Security Attack
Security attacks can be classified into passi