Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense89:

    Name:integrity checking

    Complexity: In general, the integrity checking problem can be quite complex, however, there are many useful systems that are quite efficient and cost effective. There is no limit to the extent to which integrity can be checked and the question of how certain we are based on which checks we have done is open. As an apparently fundamental limitation, information used to differentiate between two otherwise equivalent things can only be verified by independent means.
    fc@red.a.net

    Related Database Material

    [PDRDetect - Relates to Detect]
    [PDRReact - Relates to React]
    [PDRIntegrity - Relates to Integrity]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSLogical - Relates to Logical]
    [ManAlProcedures - Relates to Procedures]
    [ManAlAudit - Relates to Audit]
    [ManAlTesting - Relates to Testing]
    [ManAlSafeguards - Relates to Safeguards]
    [ManAlPersonnel - Relates to Personnel]
    [ManAlIncident - Relates to Incident]
    [ManAlLegal - Relates to Legal]
    [ManAlPhysical - Relates to Physical]
    [Attack1 - errors and omissions]
    [Attack7 - solar flares]
    [Attack10 - static]
    [Attack12 - relocation]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack15 - inadequate maintenance]
    [Attack16 - Trojan horses]
    [Attack18 - fictitious people]
    [Attack20 - resource availability manipulation]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack25 - insertion in transit]
    [Attack27 - modification in transit]
    [Attack33 - invalid values on calls]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack37 - environment corruption]
    [Attack38 - device access exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack51 - PBX bugging]
    [Attack58 - content-based attacks]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack60 - restoration process corruption or misuse]
    [Attack63 - input overflow]
    [Attack64 - illegal value insertion]
    [Attack66 - privileged program misuse]
    [Attack67 - error-induced mis-operation]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack71 - false updates]
    [Attack72 - network service and protocol attacks]
    [Attack74 - man-in-the-middle]
    [Attack78 - breaking key management systems]
    [Attack80 - error insertion and analysis]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack85 - peer relationship exploitation]
    [Attack89 - race conditions]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]
    [Attack94 - repudiation]