Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Attack42:

    Name:interrupt sequence mishandling

    Complexity: This problem has been analyzed in a cursory fashion and the number of possible sequences of events appears to be factorial in the combined lengths of the programs coexisting in the environment. [Voas93] Clearly a full analysis is infeasible for even simplistic situations. It is closely related to the simultaneous access exploitation problem.
    fc@red.a.net

    Related Database Material

    [TBVProcessing - Relates to Processing]
    [TBVAccidental - Relates to Accidental]
    [TBVDenial - Relates to Denial]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRTheoretical - Relates to Theoretical]
    [PLSLogical - Relates to Logical]
    [Threat4 - consultants]
    [Threat14 - tiger teams]
    [Threat28 - government agencies]
    [Threat30 - economic rivals]
    [Threat31 - nation states]
    [Threat32 - global coalitions]
    [Threat33 - military organizations]
    [Threat35 - information warriors]
    [Defense32 - anomaly detection]
    [Defense30 - audit analysis]
    [Defense91 - conservative resource allocation]
    [Defense13 - detection before failure]
    [Defense72 - detailed audit]
    [Defense21 - fault isolation]
    [Defense14 - human intervention after detection]
    [Defense127 - integration principle (GASSP)]
    [Defense130 - internal control principle (GASSP)]
    [Defense10 - isolated sub-file-system areas]
    [Defense37 - least privilege]
    [Defense84 - limited function]
    [Defense59 - lockouts]
    [Defense22 - out-of-range detection]
    [Defense19 - over-damped protocols]
    [Defense69 - path diversity]
    [Defense134 - periods processing and color changes]
    [Defense12 - properly prioritized resource usage]
    [Defense51 - secure design]
    [Defense83 - secure or trusted channels]
    [Defense4 - sensors]
    [Defense41 - separation of function]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense52 - testing]
    [Defense9 - trusted applications]