Back to Security Pattern Catalog

Enterprise Security Services

Classification Key : Security Pattern Space


Effective integration of security in the business model is contingent upon the identification of security services. The selection of security services need to follow the security approach that has been chosen. Some services, such as access control, emphasize a prevention approach. Other services, such as accounting, emphasize detection and response. Still others, such as identification and authentication, support both prevention and detection. How do you select and integrate security services across the organization to support security properties using preferred security approaches?


Specify an integrated set of security services to address identified security approaches and security properties for each asset type. The process emphasizes two perspectives. One perspective is to think about the assets individually. Create an association of security approaches and security services to apply them effectively on asset categories. Another perspective is to think of the enterprise as a whole. Ensure that the security services adopted for assets complement and reinforce each other.

Known Uses

ISO 13335-4 discusses services and mechanisms. NIST800-33 describes a security service model.

Related Patterns

Enterprise Security Approaches


Wiley Book


Prevention, Detection, Response


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz