Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense45:

    Name:augmented authentication devices time or use variant

    Complexity: Despite several potential vulnerabilities associated with these devices, they are basically encryption devices used for authentication and the complexity issues are similar to those involved in other areas of cryptography.
    fc@red.a.net

    Related Database Material

    [PDRPrevent - Relates to Prevent]
    [PDRDetect - Relates to Detect]
    [PDRReact - Relates to React]
    [PDRIntegrity - Relates to Integrity]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRUse - Relates to Use]
    [PDRWidespread - Relates to Widespread]
    [PLSSystemic - Relates to Systemic]
    [ManAlPolicy - Relates to Policy]
    [ManAlProcedures - Relates to Procedures]
    [ManAlSafeguards - Relates to Safeguards]
    [Attack16 - Trojan horses]
    [Attack18 - fictitious people]
    [Attack19 - protection missetting exploitation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack27 - modification in transit]
    [Attack36 - excess privilege exploitation]
    [Attack41 - implied trust exploitation]
    [Attack50 - electronic interference]
    [Attack55 - shoulder surfing]
    [Attack58 - content-based attacks]
    [Attack61 - hangup hooking]
    [Attack62 - call forwarding fakery]
    [Attack71 - false updates]
    [Attack72 - network service and protocol attacks]
    [Attack76 - replay attacks]
    [Attack83 - interprocess communication attacks]
    [Attack84 - below-threshold attacks]
    [Attack85 - peer relationship exploitation]
    [Attack90 - strategic or tactical deceptions]
    [Attack94 - repudiation]