SECURITY ATTACKS

 

Attacks on security of a computer system or network are best characterized by viewing the function of the computer system as providing information. In general , there is a flow of information from a source, such as a file or a region of a main memory , to a destination, such as another file or a user.The four general categories of attack are as follows.

 

Interruption:

 

An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability.Examples include destruction of a piece of hardware ,such as hard disk, the ctting of a communication line , or the disabling of the file management system.

 

Interception:

 

An unauthorized party gains access to an asset. This is an attack on confidentiality. The unauthorized party could be a person , a program, or a computer. Examples include wiretapping to capture data in a network, and the illicit copying of files or programs.

 

 

Modification:

 

An unauthorized party not only gains access to but tampers with an asset. This is an attack on integrity. Examples include changing values in a data file, altering a program so that it performs differently, and modifying the content of messages being transmitted in a network.

 

Fabrication:

 

An unauthorized party inserts counterfeit objects into the system .This is an attack on authenticity. Examples include the insertion of spurious messages in a network or the addition of records to a file.

 

 

 

cryptography by mrs.sp.nandhini