Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Attack88:

    Name:collaborative misuse

    Complexity: Collaborative misuse has not been extensively analyzed mathematically, but limited analysis has been done from a standpoint of identifying effects of collaborations on leakage and corruption in POset networks and results indicate that detecting or limiting collaborative effects is not highly complex if the individual attacks are detectable.
    fc@red.a.net

    Related Database Material

    [TBVMalicious - Relates to Malicious]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRUse - Relates to Use]
    [PDRWidespread - Relates to Widespread]
    [PLSSystemic - Relates to Systemic]
    [Threat1 - insiders]
    [Threat2 - private investigators]
    [Threat3 - reporters]
    [Threat4 - consultants]
    [Threat5 - vendors]
    [Threat6 - customers]
    [Threat7 - Fraudsters]
    [Threat8 - competitors]
    [Threat9 - whistle blowers]
    [Threat10 - hackers]
    [Threat11 - crackers]
    [Threat13 - cyber-gangs]
    [Threat14 - tiger teams]
    [Threat15 - maintenance people]
    [Threat16 - professional thieves]
    [Threat19 - activists]
    [Threat20 - crackers for hire]
    [Threat22 - organized crime]
    [Threat23 - drug cartels]
    [Threat25 - industrial espionage experts]
    [Threat28 - government agencies]
    [Threat30 - economic rivals]
    [Threat31 - nation states]
    [Threat32 - global coalitions]
    [Threat33 - military organizations]
    [Threat35 - information warriors]
    [Defense54 - accountability]
    [Defense131 - adversary principle (GASSP)]
    [Defense35 - awareness of implications]
    [Defense5 - background checks]
    [Defense33 - capture and punishment]
    [Defense105 - Chinese walls]
    [Defense96 - content checking]
    [Defense99 - deceptions]
    [Defense76 - effective protection mind-set]
    [Defense6 - feeding false information]
    [Defense38 - financial situation checking]
    [Defense39 - good hiring practices]
    [Defense34 - improved morality]
    [Defense102 - independent computer and tool use by auditors]
    [Defense109 - independent control of audit information]
    [Defense119 - individual accountability for all assets and actions]
    [Defense37 - least privilege]
    [Defense107 - minimizing copies of sensitive information]
    [Defense42 - multi-person controls]
    [Defense43 - multi-version programming]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense69 - path diversity]
    [Defense25 - policies]
    [Defense28 - procedures]
    [Defense100 - retaining confidentiality of security status information]
    [Defense140 - searches and inspections]
    [Defense40 - separation of duties]
    [Defense41 - separation of function]
    [Defense1 - strong change control]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]