Attacks on the security of a computer system or network are best characterized by viewing the function of the computer system as providing information .
In general,there is a flow of information from sender or a source to receiver or a destination .
The following are the general categories of Security attack
-> Interruption
-> Interception
-> Modification
-> Fabrication
-> Interruption : An asset of a computer system is either destroyed or becomes unusable or unavailable. It is nothing but an attack on availability.
Examples : Destruction of a piece of hardware such as hard disk,cutting of a communication line etc.....
-> Interception : An unauthorized party includes either a person or program or a computer gains access to an asset.This is an attack on confidentiality.
Examples : wiretapping to capture data in a network etc.....
-> Modification : This is an attack on integrity.Here in this modification ,an unauthorized user not only gains access to an asset but also tampers with an asset.
Examples : changing values in a data file,altering a program so that it performs differently and modifying the content of messages being transmitted in a network.
The following are the general categories of Security attack
-> Interruption
-> Interception
-> Modification
-> Fabrication
-> Interruption : An asset of a computer system is either destroyed or becomes unusable or unavailable. It is nothing but an attack on availability.
Examples : Destruction of a piece of hardware such as hard disk,cutting of a communication line etc.....
-> Interception : An unauthorized party includes either a person or program or a computer gains access to an asset.This is an attack on confidentiality.
Examples : wiretapping to capture data in a network etc.....
-> Modification : This is an attack on integrity.Here in this modification ,an unauthorized user not only gains access to an asset but also tampers with an asset.
Examples : changing values in a data file,altering a program so that it performs differently and modifying the content of messages being transmitted in a network.
-> Fabrication : This refers to an attack on authenticity. Here in this category, an unauthorized party counterfeit objects into the system .
Examples : insertion of spurious messages in a network or the addition of records to a file.
No comments:
Post a Comment