Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1. SECURITY ATTACKS
I) Interruption
II) Interception
III) Modification
IV) Fabrication
Interruption
In an Information Security context, interruption is one of the four broad-based categories
used to classify attacks threats. An interruption attack attempts to make systems (or the
information in them) unavailable for use.
Just like in conversations, interruptions in an information security setting are disruptions that
block the flow of information.
Examples
Interception
In an Information Security context, an interception refers one of the four broad categories
used to classify attack patterns. The actual or intended effect of an interception attack is that
unintended parties gain access to information or other digital assets (applications,
environments, files).
Common Examples
Network sniffing/eavesdropping
Man In The Middle (MITM) hijacking
Lawful Uses
While commonly discussed as a malicious activity in the InfoSec world, interception is also
sometimes used for lawful purposes in law enforcement, intelligence gathering and
administrative or regulatory auditing.
Modification
In an Information Security context, modification (or alteration) refers one of the four broad
categories used to discuss attacks and threats. The actual or intended effect of an modification
Examples
DNS Cache Poisoning
STP Manipulation
Website defacement
Malware piggy-backing
Fabrication
In an Information Security context, fabrication is one of the four broad-based categories used
to classify attacks and threats. A fabrication attack creates illegitimate information,
processes, communications or other data within a system.
Often, fabricated data is inserted right alongside authentic data. When a known system is
compromised, attackers may use fabrication techniques to gain trust, create a false trail,
collect data for illicit use, spawn malicious or extraneous processes. In addition, fabricated
data may reduce confidence in genuine data with the affected system.
Examples
SQL Injection
Route Injection
User / Credential Counterfeiting
Log / Audit Trail Falsification
Email Spoofing
SPIT Attacks
2. SECURITY SERVICES
There are 6types of Security Services
i) Confidentiality iii) Authentication v) integrity
ii) Non-repudiation iv) Access control vi) Availability
Confidentiality
So, in summary, a breach of confidentiality means that someone gains access to information
who shouldn't have access to it.
Authentication
Modern computer systems provide service to multiple users and require the ability to
accurately identify the user making a request.
Password based authentication is not suitable for use on computer network – as it can be
easily intercepted by the eavesdropper to impersonate the user.
Integrity
Non-repudiation
From the point of view of information security, non-repudiation usually applies to cases of a
formal contract, a communication, or the transfer of data. Its aim is to ensure that an
individual or organization bound by the terms of a contract, or the parties involved in a
particular communication or document transfer are unable to deny the authenticity of their
signatures on the contract documents, or that they were the originator of a particular message
or transfer.
Classic analog examples of non-repudiation methods would include the signatures and
documentation associated with a registered mail delivery (where by signing, the recipient is
unable to deny having received that court summons from the utilities company), or the
recorded presence of witnesses to the signing of a legal document or treaty.
Access control
Access control is a security technique that regulates who or what can view or use resources in
a computing environment. It is a fundamental concept in security that minimizes risk to the
business or organization.There are two types of access control: physical and logical. Physical
access control limits access to campuses, buildings, rooms and physical IT assets. Logical
access control limits connections to computer networks, system files and data.Access control
systems perform identification authentication and authorization of users and entities by
evaluating required login credentials that can include passwords, personal identification
numbers (PINs), biometric scans, security tokens or other authentication factors. Multifactor
authentication, which requires two or more authentication factors, is often an important part
of layered defense to protect access control systems.
Mandatory access control (MAC): A security model in which access rights are
regulated by a central authority based on multiple levels of security. Often used in
government and military environments, classifications are assigned to system
resources and the operating system or security kernel, grants or denies access to those
resource objects based on the information security clearance of the user or device. For
example, Security Enhanced Linux is an implementation of MAC on the Linux
operating system.
Role-based access control (RBAC): A widely used access control mechanism that restricts
access to computer resources based on individuals or groups with defined business functions
-- executive level, engineer level 1 -- rather than the identities of individual users. The role-
based security model relies on a complex structure of role assignments, role authorizations
and role permissions developed using role engineering to regulate employee access to
systems. RBAC systems can be used to enforce MAC and DAC frameworks.
Availability
Availability means that information is accessible by authorized users. If an attacker is not able
to compromise the first two elements of information security (see above) they may try to
execute attacks like denial of service that would bring down the server, making the website
unavailable to legitimate users due to lack of availability.
Internet standards
The IETF is the premier Internet standards organization. It follows open and well-
documented processes for setting these standards.
The Internet, a loosely-organized international collaboration of autonomous, interconnected
networks, supports communication through voluntary adherence to open protocols and
procedures defined by Internet Standards.
From its inception, the Internet has been, and is expected to remain, an evolving system
whose participants regularly factor new requirements and technology into its design and
implementation. Therefore, improving existing standards and creating, implementing, and
deploying new standards is an ongoing effort. Users of the Internet and providers of the
equipment, software, and services that support it should anticipate and embrace this evolution
as a major tenet of Internet philosophy.
RFCs
Memos in the RFC document series contain technical and organizational notes about the
Internet.
Advanced search options are available at IETF Data tracker and the RFC Search Page.
A text index of RFCs is available on the IETF web site here: RFC Index (Text).
RFC Errata
Published RFCs never change. Although every published RFC has been submitted to careful
proofreading by the RFC Editor and the author(s), errors do sometimes go
undetected. Technical Errata are errors in the technical content. Editorial Errata are
spelling, grammar, punctuation, or syntax errors that do not affect the technical meaning.