Focused On Your Success


The All.Net Security Database


Use Control Cross Reference
Use Control Cross Reference


Use Control:

Use control is the combination of preventing unauthorized use and assuring authorized use.

The opposite of use control is unauthorized use or to prevention of authorized use (i.e. denial of use).

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Defense54 - accountability]
    [Defense131 - adversary principle (GASSP)]
    [Defense135 - alarms]
    [Defense62 - analysis of physical characteristics]
    [Defense32 - anomaly detection]
    [Defense30 - audit analysis]
    [Defense45 - augmented authentication devices time or use variant]
    [Defense61 - authentication of packets]
    [Defense47 - authorization limitation]
    [Defense8 - automated protection checkers and setters]
    [Defense35 - awareness of implications]
    [Defense46 - biometrics]
    [Defense105 - Chinese walls]
    [Defense49 - classifying information as to sensitivity]
    [Defense94 - concealed services]
    [Defense96 - content checking]
    [Defense114 - control physical access]
    [Defense72 - detailed audit]
    [Defense13 - detection before failure]
    [Defense87 - disable unsafe features]
    [Defense75 - disconnect maintenance access]
    [Defense60 - drop boxes and processors]
    [Defense50 - dynamic password change control]
    [Defense7 - effective mandatory access control]
    [Defense63 - encrypted authentication]
    [Defense18 - encryption]
    [Defense71 - Faraday boxes]
    [Defense56 - fine-grained access control]
    [Defense44 - hard-to-guess passwords]
    [Defense65 - increased or enhanced perimeters]
    [Defense74 - information flow controls]
    [Defense79 - inventory control]
    [Defense10 - isolated sub-file-system areas]
    [Defense37 - least privilege]
    [Defense84 - limited function]
    [Defense85 - limited sharing]
    [Defense86 - limited transitivity]
    [Defense59 - lockouts]
    [Defense82 - locks]
    [Defense111 - minimize traffic in work areas]
    [Defense31 - misuse detection]
    [Defense42 - multi-person controls]
    [Defense22 - out-of-range detection]
    [Defense69 - path diversity]
    [Defense134 - periods processing and color changes]
    [Defense15 - physical security]
    [Defense77 - physical switches or shields on equipment and devices]
    [Defense112 - place equipment and supplies out of harms way]
    [Defense28 - procedures]
    [Defense12 - properly prioritized resource usage]
    [Defense122 - protection of names of resources]
    [Defense16 - redundancy]
    [Defense26 - rerouting attacks]
    [Defense100 - retaining confidentiality of security status information]
    [Defense51 - secure design]
    [Defense80 - secure distribution]
    [Defense81 - secure key management]
    [Defense83 - secure or trusted channels]
    [Defense48 - security marking and/or labeling]
    [Defense40 - separation of duties]
    [Defense41 - separation of function]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense20 - temporary blindness]
    [Defense52 - testing]
    [Defense125 - time, location, function, and other similar access limitations]
    [Defense128 - timeliness principle (GASSP)]
    [Defense95 - traps]
    [Defense73 - trunk access restriction]
    [Defense97 - trusted system technologies]
    [Attack84 - below-threshold attacks]
    [Attack78 - breaking key management systems]
    [Attack30 - bribes and extortion]
    [Attack62 - call forwarding fakery]
    [Attack88 - collaborative misuse]
    [Attack58 - content-based attacks]
    [Attack77 - cryptanalysis]
    [Attack48 - data diddling]
    [Attack82 - dependency analysis and exploitation]
    [Attack38 - device access exploitation]
    [Attack17 - dumpster diving]
    [Attack43 - emergency procedure exploitation]
    [Attack67 - error-induced mis-operation]
    [Attack36 - excess privilege exploitation]
    [Attack71 - false updates]
    [Attack18 - fictitious people]
    [Attack31 - get a job]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack64 - illegal value insertion]
    [Attack45 - imperfect daemon exploits]
    [Attack41 - implied trust exploitation]
    [Attack86 - inappropriate defaults]
    [Attack69 - induced stress failures]
    [Attack24 - infrastructure observation]
    [Attack63 - input overflow]
    [Attack25 - insertion in transit]
    [Attack83 - interprocess communication attacks]
    [Attack33 - invalid values on calls]
    [Attack74 - man-in-the-middle]
    [Attack39 - modeling mismatches]
    [Attack27 - modification in transit]
    [Attack46 - multiple error inducement]
    [Attack72 - network service and protocol attacks]
    [Attack32 - password guessing]
    [Attack85 - peer relationship exploitation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack87 - piggybacking]
    [Attack66 - privileged program misuse]
    [Attack57 - process bypassing]
    [Attack19 - protection missetting exploitation]
    [Attack89 - race conditions]
    [Attack81 - reflexive control]
    [Attack53 - repair-replace-remove information]
    [Attack76 - replay attacks]
    [Attack20 - resource availability manipulation]
    [Attack60 - restoration process corruption or misuse]
    [Attack55 - shoulder surfing]
    [Attack40 - simultaneous access exploitations]
    [Attack22 - spoofing and masquerading]
    [Attack90 - strategic or tactical deceptions]
    [Attack13 - system maintenance]
    [Attack16 - Trojan horses]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack47 - viruses]
    [Attack54 - wire closet attacks]