Defense Cross Reference
Cause/Mechanism:
Threat Profiles
Attack Methods
Defense Methods
Process:
Prevention
Detection
Reaction
Impact:
Integrity
Availability
Confidential
Use Control
Other:
Risk Management
Database Description
Domain:
Physical
Informational
Systemic
Sophistication:
Theoretical
Demonstrated
Widespread
Perspectives:
Management
Policy
Standards
Procedures
Documentation
Audit
Testing
Technical Safeguards
Personnel
Incident Handling
Legal
Physical
Awareness
Training
Education
Organization
Brekne's Mechanistic:
Input
Output
Storage
Processing
Transmission
Brekne's Causal:
Accidental
Malicious
Brekne's Method:
Leakage
Masquerade
Denial
Corruption
Usage
Mental
accountability
adversary principle (GASSP)
alarms
analysis of physical characteristics
anomaly detection
audit analysis
auditing
augmented authentication devices time or use variant
authenticated information
authentication of packets
authorization limitation
automated protection checkers and setters
awareness of implications
background checks
biometrics
capture and punishment
change management
Chinese walls
choice of location
classifying information as to sensitivity
clear line of responsibility for protection
compliance with laws and regulations
concealed services
configuration management
conservative resource allocation
content checking
continuity principle (GASSP)
control physical access
deceptions
democracy principle (GASSP)
detailed audit
detection before failure
detect waste examination
disable unsafe features
disconnect maintenance access
document and information control procedures
drop boxes and processors
dynamic password change control
effective mandatory access control
effective protection mind-set
encrypted authentication
encryption
environmental controls
Faraday boxes
fault isolation
feeding false information
filtering devices
financial situation checking
fine-grained access control
fire doors, fire walls, asbestos suits and similar fire-limiting items
fire suppression equipment
good hiring practices
hard-to-guess passwords
human intervention after detection
improved morality
increased or enhanced perimeters
independent computer and tool use by auditors
independent control of audit information
individual accountability for all assets and actions
information flow controls
infrastructure-wide digging hotlines
inspection of incoming and outgoing materials
insurance
integration principle (GASSP)
integrity checking
integrity shells
internal control principle (GASSP)
inventory control
isolated sub-file-system areas
jamming
known-attack scanning
least privilege
legal agreements
limited function
limited sharing
limited transitivity
lockouts
locks
low building profile
minimize traffic in work areas
minimizing copies of sensitive information
misuse detection
multidisciplinary principle (GASSP)
multi-person controls
multi-version programming
noise injection
numbering and tracking all sensitive information
out-of-range detection
over-damped protocols
path diversity
perception management
periodic reassessment
periods processing and color changes
physical security
physical switches or shields on equipment and devices
place equipment and supplies out of harms way
policies
procedures
program change logs
properly prioritized resource usage
protection of data used in system testing
protection of names of resources
quad-tri-multi-angulation
quotas
redundancy
regular review of protection measures
reintegration
rerouting attacks
retaining confidentiality of security status information
searches and inspections
secure design
secure distribution
secure key management
secure or trusted channels
security marking and/or labeling
sensors
separation of duties
separation of equipment so as to limit damage from local events
separation of function
simplicity principle (GASSP)
spread spectrum
standards
standby equipment
strong change control
suppression of incomplete, erroneous, or obsolete data
tempest protection
temporary blindness
testing
timeliness principle (GASSP)
time, location, function, and other similar access limitations
tracking, correlation, and analysis of incident reporting and response information
training and awareness
traps
trunk access restriction
trusted applications
trusted repair teams
trusted system technologies
uninterruptable power supplies and motor generators
universal use of badges
waste data destruction
Fri Jun 27 09:58:56 PDT 2003 fc