|
What do these threats have in common?
|
| bet | 4/9 | | Sana | 12.08.2023 | | Hajmi | 58.92 Kb. | | #78423 |
Bog'liq The-Threats-To-Our-ProductsWhat do these threats have in common?
Modification of data that should not be accessible.
Causing a trusted entity to modify data improperly.
Elevation of privilege can enable tampering
Examples
Packet injection attacks where data on the wire is modified. The vulnerability that exposes this threat is a lack of integrity on data sent on the wire.
Modification of file data without authorization checks. The vulnerability that exposes this threat is missing access checks, buffer overflows, no integrity checks, and so on.
Data corruption due to execution of erroneous code. Vulnerabilities include unhandled memory allocation failures, uninitialized memory, use of freed memory resources, and miscalculations like divide by zero.
Data corruption or modification by Trojans and viruses. The vulnerability is the software's susceptibility to Trojans.
What products are susceptible? All kinds of software products are susceptible to data tampering threats and therefore should address them.
Repudiability
What's the threat? An untrusted user performing an illegal operation without the ability to be traced. Repudiability threats are associated with users (malicious or otherwise) who can deny a wrongdoing without any way to prove otherwise.
What do these threats have in common?
Way to avoid logging of important security event.
Spoofing can be used to conceal the identity of the agent performing an action.
Tampering with security log can result in repudiability.
Examples
Undetected attempts to break into a user account by the attacker. Lack of failed logon audits is the vulnerability.
Deletion of sensitive files inadvertently or maliciously by a user. Lack of successful auditing of object access is the vulnerability.
Ability of a malicious user to deny sending a message. Lack of message signatures and signature verification before accepting the message is the vulnerability.
|
| |
