Focused On Your Success

The All.Net Security Database

Generated Fri Jun 27 09:58:52 PDT 2003 by

  • Threat Profiles
  • Attack Methods
  • Defense Methods
  • Prevention
  • Detection
  • Reaction
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

  • Physical
  • Informational
  • Systemic
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense132:

    Name:continuity principle (GASSP)

    Complexity: Organizations' needs for continuity may reflect legal, regulatory, or financial obligations of the organization, organizational goodwill, or obligations to customers, board of directors, and owners. Understanding the organization's continuity requirements will guide information security professionals in developing the information security response to business interruption or disaster. The objectives(4) of this principle are to ensure the continued operation of the organization, to minimize recovery time in response to business interruption or disaster, and to fulfill relevant requirements. The continuity principle may be applied in three basic concepts: organizational recovery, continuity of operations, and end user contingent operations. Organizational recovery is invoked whenever a primary operation site is no longer capable of sustaining operations. Continuity of operations is invoked when operations can continue at the primary site but must respond to less than desirable circumstances (such as resource limitations, environmental hazards, or hardware or software failures). End user contingent operations are invoked in both organizational recovery and continuity of operations.

    Related Database Material

    [PDRAvailability - Relates to Availability]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSSystemic - Relates to Systemic]
    [ManAlManagement - Relates to Management]
    [ManAlPolicy - Relates to Policy]
    [ManAlProcedures - Relates to Procedures]
    [Attack15 - inadequate maintenance]
    [Attack23 - infrastructure interference]
    [Attack29 - cascade failures]
    [Attack39 - modeling mismatches]
    [Attack44 - desychronization and time-based attacks]
    [Attack67 - error-induced mis-operation]
    [Attack69 - induced stress failures]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack91 - combinations and sequences]