2.kinds of security breaches
In security, an exposure is a form of possible loss or harm in a computing system; examples of exposures are unauthorized disclosure of data, modification of data, or denial of legitimate access to computing .A vulnerability is a weakness in the security system that might be exploited to cause loss or harm. Ahuman who exploits a vulnerability perpetrates an attack on the system. Threats to computing systems are circumstances that have the potential to cause loss or harm; human attacks are examples of threats, as are natural disasters, inadvertent human errors,and internal hardware or software flaws. Finally, a control is a protective measure-an action, a device , a procedure, or a technique-that reduces a vulnerability.
The major assets of computing systems are hardware, and data. There are four kinds of threats to the security of a compuing system:interruption,interception,modification,and fabrication. The four threats all exploit vulnerabilities of the assets in computing systems .These four threats are shown in fig1-1.
(1)In an interruption, an asset of the system becomes lost or unavailable or unusable.An example is malicious destruction of a hardware device,erasure of a program or data file,or failure of an operating system file manager so that it cannot find a particular disk file.
(2)An interception means that some unauthorized party has gained accessto an asset. The outside party can be a person,a program.or a computing system.Examples of this typle of failure are illicit copying of program or data files,or wiretapping to obtain data in a network While a loss may be discovered fairly quickly, a silent interceptor may leave no traces by which the interception can be readily detected.
(3)If an unauthorized party not only accesses but tampers with an asset, the failure becomes a modification.For example,someone might modify the values in a database,alter a program so that it performs an additional computation ,or modify data beingtransmitted electronically.It is even possible for hardware to be modified. Some cases of modification can be detected with simple measures,while other more subtle changes may be almost impossible to detect.
(4)Finally, an unauthorized party might fabricate counterfeit objects for a computing system.The intruder may wish to add spurious to a network communication system, ,or add records to an existing data base,sometimes these additions can be detected as forgeries, but if skillfully done,they are virtually indistinguishable from the real thing.
These four classes of interference with computer activity-interruption,interception, modification,and fabrication-can describe the kinds of exposures possible.Examples of these kinds of interferences are shown in fig1-1.
入侵计算机的特点和破坏安全的类型
1.入侵计算机的特点
对计算机作案的目标可以是计算机系统的任何部分。计算机系统指硬件、软件、存储媒体、数据和部门中用计算机去完成计算机任务的人的集合。银行抢劫犯的明显目标是现金,而储户姓名和地址目录对竞争的银行来说是很有价值的。这种目录可以大纸面上的、记录在磁介质上的、存储在内存中的或通过像电话线那样的媒体传送的。这么多的目标使得处理计算机安全问题很困难。
任何安全系统,最薄弱点是最致命的。一个强盗要偷你的房间中的东西,如果破窗而入很容易,他决不会穿国英寸厚的铁门。很高级的视野人体安全系统并不能弥补通过电话线和调制解调器这种简单地非设防入侵。最“薄弱点”哲理可用下述原理描述。
最容易攻破原理。入侵者必定要使用一种可以攻破的方法,这种方法既不可能是最常用的,也不可能是针对已经才却了最可靠的防范措施的方法。
这一原理寿命计算机安全专家必须考虑所有可能的攻击方法。由于你加强了某一方面,入侵者可能会想出另外的对付方法。我们现在就说明显赫写攻击的方法是什么。