|
The threats to our products April 1, 1999 By Loren Kohnfelder and Praerit Garg
|
| bet | 6/15 | | Sana | 30.03.2021 | | Hajmi | 58.92 Kb. | | #13786 |
| What products are susceptible? All software products, with the possible exception of desktop applications, are susceptible to such threats. Desktop applications typically depend on the underlying operating system to handle non-repudiability requirements of the environment. This mostly includes the ability to trace "who-done-it" for unauthorized data modifications.
Information disclosure (privacy breach)
What's the threat? Compromising the user's private or business-critical information. Information disclosure threats expose information to individuals who are not supposed to see it. A user's ability to read a file that she or he was not granted access to, as well as an intruder's ability to read the data while in transit between two computers, are both disclosure threats. Note that this threat differs from a spoofing threat in that here the perpetrator gets access to the information directly rather than by having to spoof a legitimate user.
|
| |
