Focused On Your Success


The All.Net Security Database


Integrity Cross Reference
Integrity Cross Reference


Integrity:

Integrity is commonly considered in any of four different forms: The opposite of integrity is commonly called corruption.
Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Defense54 - accountability]
    [Defense131 - adversary principle (GASSP)]
    [Defense135 - alarms]
    [Defense62 - analysis of physical characteristics]
    [Defense32 - anomaly detection]
    [Defense30 - audit analysis]
    [Defense29 - auditing]
    [Defense45 - augmented authentication devices time or use variant]
    [Defense88 - authenticated information]
    [Defense61 - authentication of packets]
    [Defense47 - authorization limitation]
    [Defense8 - automated protection checkers and setters]
    [Defense35 - awareness of implications]
    [Defense5 - background checks]
    [Defense46 - biometrics]
    [Defense57 - change management]
    [Defense105 - Chinese walls]
    [Defense49 - classifying information as to sensitivity]
    [Defense120 - clear line of responsibility for protection]
    [Defense123 - compliance with laws and regulations]
    [Defense58 - configuration management]
    [Defense91 - conservative resource allocation]
    [Defense96 - content checking]
    [Defense99 - deceptions]
    [Defense129 - democracy principle (GASSP)]
    [Defense72 - detailed audit]
    [Defense13 - detection before failure]
    [Defense87 - disable unsafe features]
    [Defense75 - disconnect maintenance access]
    [Defense118 - document and information control procedures]
    [Defense60 - drop boxes and processors]
    [Defense7 - effective mandatory access control]
    [Defense76 - effective protection mind-set]
    [Defense139 - environmental controls]
    [Defense71 - Faraday boxes]
    [Defense21 - fault isolation]
    [Defense138 - filtering devices]
    [Defense38 - financial situation checking]
    [Defense56 - fine-grained access control]
    [Defense39 - good hiring practices]
    [Defense34 - improved morality]
    [Defense65 - increased or enhanced perimeters]
    [Defense102 - independent computer and tool use by auditors]
    [Defense109 - independent control of audit information]
    [Defense119 - individual accountability for all assets and actions]
    [Defense74 - information flow controls]
    [Defense116 - inspection of incoming and outgoing materials]
    [Defense89 - integrity checking]
    [Defense55 - integrity shells]
    [Defense130 - internal control principle (GASSP)]
    [Defense79 - inventory control]
    [Defense10 - isolated sub-file-system areas]
    [Defense53 - known-attack scanning]
    [Defense37 - least privilege]
    [Defense124 - legal agreements]
    [Defense84 - limited function]
    [Defense85 - limited sharing]
    [Defense86 - limited transitivity]
    [Defense59 - lockouts]
    [Defense82 - locks]
    [Defense111 - minimize traffic in work areas]
    [Defense31 - misuse detection]
    [Defense42 - multi-person controls]
    [Defense43 - multi-version programming]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense22 - out-of-range detection]
    [Defense69 - path diversity]
    [Defense98 - perception management]
    [Defense36 - periodic reassessment]
    [Defense134 - periods processing and color changes]
    [Defense15 - physical security]
    [Defense77 - physical switches or shields on equipment and devices]
    [Defense112 - place equipment and supplies out of harms way]
    [Defense25 - policies]
    [Defense28 - procedures]
    [Defense121 - program change logs]
    [Defense104 - protection of data used in system testing]
    [Defense16 - redundancy]
    [Defense101 - regular review of protection measures]
    [Defense140 - searches and inspections]
    [Defense51 - secure design]
    [Defense80 - secure distribution]
    [Defense81 - secure key management]
    [Defense83 - secure or trusted channels]
    [Defense40 - separation of duties]
    [Defense115 - separation of equipment so as to limit damage from local events]
    [Defense41 - separation of function]
    [Defense133 - simplicity principle (GASSP)]
    [Defense27 - standards]
    [Defense1 - strong change control]
    [Defense48 - security marking and/or labeling]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense64 - tempest protection]
    [Defense20 - temporary blindness]
    [Defense52 - testing]
    [Defense125 - time, location, function, and other similar access limitations]
    [Defense9 - trusted applications]
    [Defense78 - trusted repair teams]
    [Defense97 - trusted system technologies]
    [Defense17 - uninterruptable power supplies and motor generators]
    [Attack68 - audit suppression]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack78 - breaking key management systems]
    [Attack30 - bribes and extortion]
    [Attack62 - call forwarding fakery]
    [Attack91 - combinations and sequences]
    [Attack58 - content-based attacks]
    [Attack48 - data diddling]
    [Attack82 - dependency analysis and exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack38 - device access exploitation]
    [Attack50 - electronic interference]
    [Attack43 - emergency procedure exploitation]
    [Attack37 - environment corruption]
    [Attack11 - environmental control loss]
    [Attack80 - error insertion and analysis]
    [Attack67 - error-induced mis-operation]
    [Attack1 - errors and omissions]
    [Attack36 - excess privilege exploitation]
    [Attack71 - false updates]
    [Attack18 - fictitious people]
    [Attack31 - get a job]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack64 - illegal value insertion]
    [Attack45 - imperfect daemon exploits]
    [Attack41 - implied trust exploitation]
    [Attack35 - inadequate notice exploitation]
    [Attack86 - inappropriate defaults]
    [Attack69 - induced stress failures]
    [Attack23 - infrastructure interference]
    [Attack63 - input overflow]
    [Attack25 - insertion in transit]
    [Attack83 - interprocess communication attacks]
    [Attack42 - interrupt sequence mishandling]
    [Attack33 - invalid values on calls]
    [Attack92 - kiting]
    [Attack74 - man-in-the-middle]
    [Attack39 - modeling mismatches]
    [Attack27 - modification in transit]
    [Attack46 - multiple error inducement]
    [Attack72 - network service and protocol attacks]
    [Attack85 - peer relationship exploitation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack87 - piggybacking]
    [Attack66 - privileged program misuse]
    [Attack57 - process bypassing]
    [Attack19 - protection missetting exploitation]
    [Attack89 - race conditions]
    [Attack81 - reflexive control]
    [Attack53 - repair-replace-remove information]
    [Attack76 - replay attacks]
    [Attack94 - repudiation]
    [Attack20 - resource availability manipulation]
    [Attack60 - restoration process corruption or misuse]
    [Attack93 - salami attacks]
    [Attack40 - simultaneous access exploitations]
    [Attack7 - solar flares]
    [Attack22 - spoofing and masquerading]
    [Attack10 - static]
    [Attack90 - strategic or tactical deceptions]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack16 - Trojan horses]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack47 - viruses]
    [Attack54 - wire closet attacks]