Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Attack46:

    Name:multiple error inducement

    Complexity: The limited work on multiple error effects indicates that even the most well-designed and trusted system fail unpredictably under multiple error conditions. This problem appears to be even more complex than proving program correctness, perhaps even falling into the factorial time and space realm. For an attacker, producing multiple errors is often straightforward, but for a defender to analyze them all is essentially impossible under current theory.
    fc@red.a.net

    Related Database Material

    [TBVInput - Relates to Input]
    [TBVProcessing - Relates to Processing]
    [TBVAccidental - Relates to Accidental]
    [TBVMalicious - Relates to Malicious]
    [TBVLeakage - Relates to Leakage]
    [TBVmasQuerade - Relates to masQuerade]
    [TBVDenial - Relates to Denial]
    [TBVUsage - Relates to Usage]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRUse - Relates to Use]
    [PDRTheoretical - Relates to Theoretical]
    [PLSSystemic - Relates to Systemic]
    [Threat1 - insiders]
    [Threat2 - private investigators]
    [Threat14 - tiger teams]
    [Threat26 - foreign agents and spies]
    [Threat28 - government agencies]
    [Threat30 - economic rivals]
    [Threat31 - nation states]
    [Threat32 - global coalitions]
    [Threat33 - military organizations]
    [Threat35 - information warriors]
    [Defense32 - anomaly detection]
    [Defense30 - audit analysis]
    [Defense13 - detection before failure]
    [Defense7 - effective mandatory access control]
    [Defense21 - fault isolation]
    [Defense74 - information flow controls]
    [Defense10 - isolated sub-file-system areas]
    [Defense42 - multi-person controls]
    [Defense43 - multi-version programming]
    [Defense22 - out-of-range detection]
    [Defense19 - over-damped protocols]
    [Defense134 - periods processing and color changes]
    [Defense16 - redundancy]
    [Defense51 - secure design]
    [Defense41 - separation of function]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense20 - temporary blindness]
    [Defense52 - testing]
    [Defense9 - trusted applications]
    [Defense97 - trusted system technologies]