To effectively assess the security needs of an organization and evaluate and choose various security products and policies, the manager responsible for computer and network security requires a systematic way of defining security requirements and characterizing approaches to satisfy those requirements. This task can be challenging enough in a centralized data processing environment, but with the use of local and wide area networks, the problems become more complex.
Key Concepts: Threats and Attacks
- Threat: A potential violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. Essentially, a threat is a possible danger that might exploit a vulnerability.
- Attack: An assault on system security that arises from an intelligent threat. It is a deliberate attempt, especially in terms of a method or technique, to evade security services and violate the security policy of a system.
The Role of ITU-T Recommendation X.800
ITU-T Recommendation X.800, "Security Architecture for OSI," defines a systematic approach that proves useful to managers for organizing the task of providing security. As this architecture was developed as an international standard, computer and communications vendors have incorporated security features into their products and services that align with this structured definition of services and mechanisms.
For the purposes of understanding security in greater depth, the OSI security architecture offers a beneficial, though abstract, overview of many relevant concepts. The architecture primarily focuses on security attacks, mechanisms, and services:
- Security Attack: Any action that compromises the security of information owned by an organization.
- Security Mechanism: A process (or a device incorporating such a process) designed to detect, prevent, or recover from a security attack.
- Security Service: A processing or communication service that enhances the security of data processing systems and information transfers within an organization. These services aim to counter security attacks and employ one or more security mechanisms to provide effective protection.
Clarifying Terminology
In the literature, the terms "threat" and "attack" are often used interchangeably. However, it is important to understand their distinct definitions. For reference, Table 1.1 provides definitions from RFC 2828, the Internet Security Glossary.
0 Comments