Part of the Defense.tex database ()

Focused On Your Success

The All.Net Security Database

Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism: Threat Profiles Attack Methods Defense Methods Process: Prevention Detection Reaction Impact: Integrity Availability Confidential Use Control	Other: Risk Management Database Description Domain: Physical Informational Systemic Sophistication: Theoretical Demonstrated Widespread	Perspectives: Management Policy Standards Procedures Documentation Audit Testing Technical Safeguards Personnel Incident Handling Legal Physical Awareness Training Education Organization
Brekne's Mechanistic: Input Output Storage Processing Transmission	Brekne's Causal: Accidental Malicious	Brekne's Method: Leakage Masquerade Denial Corruption Usage Mental

Defense108:

Name:numbering and tracking all sensitive information

Each copy of sensitive information is numbered, cataloged, and tracked to assure that no illicit copies are accidentally made and to add identifying information to each copy to enable it to be traced to the individual responsible for its handling. Complexity: This is a bit expensive but is not complex.

fc@red.a.net

Related Database Material

[PDRPrevent - Relates to Prevent]
[PDRDetect - Relates to Detect]
[PDRIntegrity - Relates to Integrity]
[PDRAvailability - Relates to Availability]
[PDRConfidentiality - Relates to Confidentiality]
[PDRDemonstrated - Relates to Demonstrated]
[PLSPhysical - Relates to Physical]
[ManAlPolicy - Relates to Policy]
[ManAlStandards - Relates to Standards]
[ManAlProcedures - Relates to Procedures]
[ManAlDocumentation - Relates to Documentation]
[ManAlLegal - Relates to Legal]
[ManAlPhysical - Relates to Physical]
[Attack1 - errors and omissions]
[Attack13 - system maintenance]
[Attack16 - Trojan horses]
[Attack19 - protection missetting exploitation]
[Attack25 - insertion in transit]
[Attack26 - observation in transit]
[Attack27 - modification in transit]
[Attack31 - get a job]
[Attack35 - inadequate notice exploitation]
[Attack43 - emergency procedure exploitation]
[Attack57 - process bypassing]
[Attack59 - backup theft, corruption, or destruction]
[Attack60 - restoration process corruption or misuse]
[Attack66 - privileged program misuse]
[Attack71 - false updates]
[Attack76 - replay attacks]
[Attack78 - breaking key management systems]
[Attack85 - peer relationship exploitation]
[Attack88 - collaborative misuse]
[Attack94 - repudiation]