Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense10:

    Name:isolated sub-file-system areas

    Complexity: Implementing this functionality is not very difficult, but implementing it so that it cannot be bypassed under any conditions has proven unsuccessful. There appears to be no fundamental reason that this cannot be done, but in practice, interaction with other portions of the system is almost always required - for example - in order to perform input and output, to afford interprocess communication, and to use commonly available system libraries.
    fc@red.a.net

    Related Database Material

    [PDRPrevent - Relates to Prevent]
    [PDRReact - Relates to React]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRUse - Relates to Use]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSLogical - Relates to Logical]
    [ManAlSafeguards - Relates to Safeguards]
    [Attack1 - errors and omissions]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack16 - Trojan horses]
    [Attack20 - resource availability manipulation]
    [Attack29 - cascade failures]
    [Attack33 - invalid values on calls]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack42 - interrupt sequence mishandling]
    [Attack45 - imperfect daemon exploits]
    [Attack46 - multiple error inducement]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack52 - audio/video viewing]
    [Attack58 - content-based attacks]
    [Attack63 - input overflow]
    [Attack66 - privileged program misuse]
    [Attack67 - error-induced mis-operation]
    [Attack72 - network service and protocol attacks]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack89 - race conditions]
    [Attack91 - combinations and sequences]