Focused On Your Success


The All.Net Security Database

Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
    		•  Other:
  • Risk Management
  • Database Description
    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
    		• Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
    • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
    		• Brekne's Causal:
  • Accidental
  • Malicious
    		• Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

    • Defense7:

    Name:effective mandatory access control

    Complexity: Despite more than fifteen years of substantial theoretical and development efforts and hundreds of millions of dollars in costs, almost no systems to date have been built that provide fully effective mandatory access control for general purpose computing with reasonable performance. This appears to involve many undecidable problems and some theoretical limitations that appear to be impossible to fully resolve. Examples of unsolvable problems include perfect access control decisions and non-fixed shared resources without covert channels. Highly complex problems include viruses, data aggregation controls, and unlimited granularity in access control decision-making.
    fc@red.a.net

    Related Database Material

    [PDRPrevent - Relates to Prevent]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRUse - Relates to Use]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSSystemic - Relates to Systemic]
    [ManAlSafeguards - Relates to Safeguards]
    [ManAlPhysical - Relates to Physical]
    [ManAlOrganization - Relates to Organization]
    [Attack1 - errors and omissions]
    [Attack4 - fire]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack16 - Trojan horses]
    [Attack19 - protection missetting exploitation]
    [Attack20 - resource availability manipulation]
    [Attack23 - infrastructure interference]
    [Attack27 - modification in transit]
    [Attack31 - get a job]
    [Attack32 - password guessing]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack38 - device access exploitation]
    [Attack45 - imperfect daemon exploits]
    [Attack46 - multiple error inducement]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack52 - audio/video viewing]
    [Attack64 - illegal value insertion]
    [Attack67 - error-induced mis-operation]
    [Attack72 - network service and protocol attacks]
    [Attack78 - breaking key management systems]
    [Attack86 - inappropriate defaults]