The mechanisms of protection are the elements that have direct contact with threats and content. While many other elements of protection are involved in the overall process, these mechanisms are at the business end of technical security.
- Perception: Perception defenses include obscurity, profiles of facilities and systems, appearances, and deception methods and are the part of technical protection that directly contacts the attack and their agents. [Drill-Down]
- Structure: Structural defenses are predominantly separation mechanisms intended to implement access control policies, provide functional units with their functions, and implement the separation associated with change controls. They include mandatory and discretionary access controls and different resulting communications structures such as partially ordered sets, diodes, firewalls, and other similar barriers.
- Content: Content controls include separation mechanisms (high surety) transforms (medium surety) and filters (low surety). They analyze location, markings, syntax, and situation to determine what information should be transformed or allowed to pass.
- Behavior: Behavioral mechanisms tend to be low surety but some can be higher surety. They involve looking for and limiting changes, effects of time, fail safe modes, fault tolerant computing, intrusion and anomaly detection and response systems, and human behavioral traits and patterns. This includes separation of duties, least privilege, and other similar limitations as well.
The overall utility of protection mechanisms is that they interact directly with the content and facilitate it proper use for business while limiting its improper use. They assure business utility and mitigate against attempts to reduce this utility or misuse it for nefarious purposes.
For more details and in-depth coverage of these issues, buy the Governance Guidebook.