Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense91:

    Name:conservative resource allocation

    Complexity: In general, the allocation problem is at least NP-complete. As a far more important limitation, most systems are designed to handle 90th to 99th percentile load conditions, but the cost of handling worst case load is normally not justified. In such systems, stress-induced failures are almost certain to be possible.
    fc@red.a.net

    Related Database Material

    [PDRPrevent - Relates to Prevent]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSLogical - Relates to Logical]
    [ManAlStandards - Relates to Standards]
    [ManAlProcedures - Relates to Procedures]
    [ManAlSafeguards - Relates to Safeguards]
    [ManAlPhysical - Relates to Physical]
    [ManAlTraining - Relates to Training]
    [ManAlEducation - Relates to Education]
    [Attack1 - errors and omissions]
    [Attack15 - inadequate maintenance]
    [Attack20 - resource availability manipulation]
    [Attack23 - infrastructure interference]
    [Attack29 - cascade failures]
    [Attack39 - modeling mismatches]
    [Attack42 - interrupt sequence mishandling]
    [Attack50 - electronic interference]
    [Attack63 - input overflow]
    [Attack67 - error-induced mis-operation]
    [Attack68 - audit suppression]
    [Attack69 - induced stress failures]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack89 - race conditions]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]