Professional Documents
Culture Documents
3.1 Confidentiality: the assets of a computing system are accessible only by authorized
parties. The type of access is read-type access: reading, viewing, printing or even just
knowing the existence of an object. Confidentiality is also called secrecy or privacy.
3.2 Integrity: means that assets can be modified only by authorized parties or only in
authorized ways. Modification includes writing, changing, changing status, deleting and
creating. Some meanings of integrity are:
Precise
Accurate
Unmodified
modified only in acceptable ways
modified only by authorized people
modified only by authorized processes
consistent
internally consistent
meaningful and correct results
3.3. Availability - assets are accessible to authorized parties. Goals of availability are:
timely response
fair allocation
fault tolerance
utility or usability
controlled concurrency: support for simultaneous access, deadlock management,
and exclusive access
4.1. Security Attack: Any action that compromises the security of information owned by an
organization.
4.2. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from
a security attack.
4.3. Security Services: A service that enhances the security of the data processing systems
and the information transfers of an organization. The services are intended to counter
security attacks, and
5. Threat
A threat is a person, thing, event, or idea which poses some danger to an asset, in terms of
that asset's confidentiality, integrity, availability, or legitimate use. Threats can be classified as
being deliberate (e.g., hacker penetration) or accidental (e.g., message sent in error to the
wrong address). Deliberate threats may be further classified as being passive or active.
5.1. Passive threats involve monitoring or interception but not alteration of information (e.g.
wiretapping). These include release of message contents and traffic analysis.
5.2. Active threats involve deliberate alteration of information (e.g., changing the amount
of a financial transaction). These include interruption (availability), modification
(integrity) and fabrication (authenticity).
In general, passive attacks are easier and less costly to engineer than active attacks.
5.3 There are four fundamental threats, directly reflecting the four security objectives
identified earlier:
5.4 Four kinds of threats to the security of a computing system: interruption, interception,
modification and fabrication:
5.5 These threats enable the fundamental threats. Such threats are significant because a
realization of any of these threats can lead directly to a realization of any of the fundamental
threats. The primary enabling threats comprise of penetration threats and planting threats.
vi. Denial of Service: The denial of service prevents or inhibits the normal use or
management of communications facilities. Another form of service denial is the
disruption of an entire network, either by disabling the network or by overloading it with
message so as to degrade performance.
NO KOD / CODE NO KSK 7023 Muka: 5 Drp: 6
i. Trojan horse: Software contains an invisible or apparently innocuous part which, when
executed, compromises the security of its user. An example of a Trojan horse is a
software application which has an outwardly legitimate purpose, e.g., text editing, but
which also has a surreptitious purpose, e.g., copying user documents into a hidden
private file which is read later by the attacker who planted the Trojan horse.
ii. Trapdoor: A feature is built into a system or system component such that the provision
of specific input data allows security policy to be violated. An example is a log-in
processing subsystem which allows processing of a particular user-identifier to bypass
the usual password checks.
iii. Planting threats are usually realized by the planting party only after the planted
capability has been left dormant for a period of time.
iv. Safeguards: Safeguards are physical controls, mechanisms, policies, and procedures
that protect assets from threats.
Note:
Risk: Risk is a measure of the cost of a realized vulnerability that incorporates the
probability of a successful attack. Risk is high if the value of a vulnerable asset is high,
and the probability of a successful attack is high. Conversely, risk is low if the value of
the vulnerable asset is low and the probability of a successful attack is low. Risk
analysis can provide a quantitative means of determining whether the expenditure on
safeguards is warranted.
6. Methods of defense
6.1 Controls
i. Encryption
Most powerful tool - coding - transforming data so that it is unintelligible to the outside observer
provides confidentiality for data. Encryption can be used to achieve integrity since data that
cannot be read, generally also cannot be changed in a meaningful manner. Encryption is the
basis of some protocols, which are agreed-upon sequences of actions to accomplish some
task. Some protocols ensure availability of resources. Therefore, encryption is at the heart of
methods for ensuring all three goals of computer security.
iv. Policies
v. Physical Controls
RUJUKAN :