Professional Documents
Culture Documents
CH 1
CH 1
CH 1
Yirga Y. (PhD)
byyirga@gmail.com
Department of Information Technology
• The fact that the violation might occur means that the actions that might
cause it should be guarder against
Terrorist
Criminal-
Hacker
for-hire
Loosely
Individual connected
group
Organized
crime member
Terrorists
Terrorists using computers in four ways:
• Computer as target of attack: Denial-of-service attacks and website defacements
Interception Interruption
Modification Fabrication
Advanced Information Security 16
Threats
In an interception means that some unauthorized party has gained access to
an asset.
Motive
Method
Confidentiality
Secure
Integrity Availability
• i.e. chmod on UNIX: (Read, Write, Execute) vs. (Owner, Group, Other)
– Independent control programs: application programs,
• i.e. password checkers, intrusion detection utilities, or virus scanners, that protect against certain types of
vulnerabilities