Balancing Value and ThreatsInformation security protects our information assets. These assets have a value that can be broken down into three major attributes: confidentiality, integrity, and availibility. These values are always in danger of the three major threats to information: disclosure, modification, and interruption. You will learn that these three values and, in turn, the three threats against them are tightly intertwined. It is very difficult to separate them when discussing the value of information. You will see that the threats to these attributes often attack all at once or the downfall of one easily leads to the downfall of the others. The identification and definition of these concepts should not restrict us in describing why information is important to an organization but serve as a guide and vocabulary when describing information. Confidentiality vs. DisclosureConfidentiality is secrecy. The value of many types of information rests in limiting those who have that information. Our goal in maintaining confidentiality is limiting the viewing of information to only the authorized users of specific information. Credit card numbers are a good example of information with confidentiality value. The worst that could happen with this information would be parties other than the buyer and seller seeing this information. If another party had this information, they have the potential to turn around and use that credit card number somewhere else for unauthorized purchases. This breach of confidentiality is often described as disclosure. Disclosure is simply the viewing or knowledge of information by unauthorized parties. One difficulty in countering the threat of disclosure is that it is normally a passive attack. This means that the unauthorized viewer of information does not have to interfere with the information. The attacker can simply watch the information in transit, on a computer screen, or on a disk without any indication that the threat is occur- ring. Due to this, we often employ tools to prevent disclosure since there is little we can do along the lines of detecting and recovering from the threat. Integrity vs. ModificationIntegrity is the completeness and accuracy of information. Information should be free of unauthorized modifications or destruction. Web sites are a good example of information with integrity value. Most web sites would lose substantial value if vandals altered them. Replacing a corporate site with pornography or activist messages would more than likely hurt the owner of that web site. They would suffer from visitors to that web site receiving obviously incorrect information and damage to the image of the company. This threat is termed modification. Unlike disclosure, modification is normally an active attack. Since the attacker is attempting to manipulate information, she must exert her influence on the information. Because of this, detection is often our primary concern with modification if we cannot prevent it. This is often the case since with public networks, we do not control all of the intermediate systems our information traverses. Availability vs. InterruptionAvailability is the value of users or systems ability to get information at the time they want it in a useful form. All information is useless if people and systems are not able to access it. The recent rash of distributed denial of service attacks against sites like Yahoo, EBay and E*Trade illustrate the potential damage caused by lack of availability. These distributed denial of service attacks illustrate the threat of interruption. In an information rich economy, the distribution of information is just as important as the content of that information. |
|||||||||
|
|
|||||||||
| ©2001-2003 by Itillious, Inc. All
Rights Reserved. |
||||