Deliberate vs. Non-deliberate
Internal vs. External
Identify the threats
Likelihood of occurence estimation
Human error
Natural disasters
System failures (HW, SW, infrastructure)
Malicious acts & software
Error:most common threat
training: most cost-effective security program
least privileges user given only the minimum authorizations and
time necessary to preform task. Limits extent of damage.
Disaster recovery: offsite storage of info. Backups critical. Alernate site.
Hardware failure is solvable: redundancy e.g. disk mirroring: copies
of data on multiple disks
failover: group of systems monitor each other, take over
function of failed system.
Software quality concerns:
complexity is largest factor of SW reliability
evolution, maintenance
testing for correctness, not for security (test the unexpected)
change management
Infrastructure: electricity, communications, AC, network. Service level agreement contracted level of availability.
Malicious attack: need, greed, revenge
external: get publicity. Random or specific
internal: more damaging.
who you are is prime contributor to being a target
PR and employee satisfaction are biggest steps to reduce being a
target.
Malicious software (malware): creates or exploits a vulnerability
buffer overflow
logic bomb unauthorized program dormant until triggered
sniffer intercepts network traffic
spoof assume identity of another person or process
email spoof (forge sender address)
Mobile code:
trojan horse real program contains hidden program, becomes
independant when real program runs once.
virus largest impact of any malware. Only executes when host
program does.
worm transports itself across a network