Two or more simultaneous or split multi-part access attempts
are made, resulting in an improper decision or loss of audit information.
Examples include the use of large numbers of access attempts over a short
period of time so as to cause grant/refuse decision software to act in a
previously unanticipated and untested fashion, the execution of sequences of
operations required for system takeover by multiple user identities, and the
holding of a resource required for some other function to proceed so as to
deny completion of that service.
Complexity: This problem has been analyzed
in a cursory fashion and the number of possible sequences of events appears
to be factorial in the combined lengths of the programs coexisting in the
environment.
[Cohen94-3] Clearly a full analysis is infeasible for even
simplistic situations. It is closely related to the interrupt sequence
mishandling problem.
fc@red.a.net