U2.1 Comp Sec: deals with prevention & detection of unauthorised actions by users of a comp system

Craig Parker
Mind Map by , created almost 6 years ago

Masters Comp Sec Mind Map on U2.1 Comp Sec: deals with prevention & detection of unauthorised actions by users of a comp system, created by Craig Parker on 11/02/2013.

32
1
0
Tags
Craig Parker
Created by Craig Parker almost 6 years ago
U4. Security Models & Policy
Craig Parker
U4. Bell-LaPladula
Craig Parker
U4. Harrison–Ruzzo–Ullman
Craig Parker
'The Merchant of Venice' - William Shakespeare
cian.buckley
Making the Most of GoConqr Flashcards
Sarah Egan
U3.3 Administration
Craig Parker
U3. Labels & Access Control
Craig Parker
U3.2 Access Control Structures
Craig Parker
U2.2 Fundamentals
Craig Parker
U3.1 Access Control
Craig Parker
U2.1 Comp Sec: deals with prevention & detection of unauthorised actions by users of a comp system
1 Accountability & Authorisation
1.1 Accountability closely related to detection
1.1.1 Keep audit trails and logs protected so actions affecting Sec can be traced to those responsible
1.2 Authorisation related to prevention
1.2.1 Users must be identified and authorised, usernames / passwords
2 Confidentiality
2.1 Prevent unauthorised disclosure
2.1.1 Stop unauthorised viewing
2.1.1.1 Prevention more important than detecting or reacting
2.1.2 Cant recover from a breach of confidentiality
2.2 Privacy
2.2.1 Protecting personal data
2.3 Secrecy
2.3.1 Protecting organisational secrets
3 Integrity
3.1 Prevent unauthorised modification
3.1.1 Internal Consistency
3.1.1.1 Clark & Wilson
3.1.1.1.1 No user of a system even if authorised may be permitted to modify data in a way that assets or accounting records are lost /corrupted
3.1.2 External consistency
3.1.2.1 Orange Book
3.1.2.1.1 data has not been exposed to to accidental or malicious alteration or destruction
3.1.3 Detection of intentional / accidental modifications
3.2 A prerequisite for many security services
4 Availability
4.1 Prevent unauthorised withholding of information / resources
4.2 May be the most important aspect of Comp Sec
4.3 DDOS
5 Prevention
5.1 Measures to prevent damage
6 Detection
6.1 Detecting when, how & who did damage
6.1.1 Maintaining the integrity
7 Reaction
7.1 Recovery from damage
8 Reliability & dependability
8.1 Making systems dependable
8.1.1 Extremley important in safety critical systems, national infrastructure

Media attachments