What is asset and threat?

 Threats and Assets

The property of a laptop gadget may be classified as hardware, software, data,

and verbal exchange traces and networks. In this subsection, we in short describe those

4 classes and relate those to the ideas of integrity, confidentiality, and

availability added in Section 

What is asset and threat?

Computer and Network Assets, with Examples of Threats.

HARDWARE

A major threat to the hardware of computer systems is the threat of availability. Hardware is  most vulnerable to attack and  least vulnerable to automated controls. Threats include accidental and intentional damage to devices, as well as theft. The proliferation of personal computers and workstations and the widespread use of LANs increase the potential for loss in this area. Theft of CD-ROMs and DVDs can lead to loss of confidentiality.Physical and administrative security measures are required to deal with these threats

SOFTWARE 

Software includes the operating system, utilities and application programs. A major threat to software is an availability attack. Software, especially application software, is often easy to remove. Software can also be modified or damaged to make it unusable. Careful management of software configuration, including backing up the latest version of the  software, can maintain high availability.

A more difficult issue to address is software modifications that cause a program to still work but behave differently than before, posing a threat to integrity/authenticity. Computer viruses and related attacks fall into this category. A final issue is protection against software piracy. In general, although certain countermeasures are available,  the problem of unauthorized copying of software has not been solved.

DATA

Hardware and software security is often a concern of data center professionals or an individual concern of PC users. A more widespread issue is data security, which involves files and other forms of data controlled by individuals, groups, and commercial organizations. Data security concerns  are broad and include availability, confidentiality, and integrity. In the case of availability, the concern is  the destruction of files, which can happen accidentally or maliciously.

The obvious privacy concern  is  unauthorized reading of data files or databases, and this area has perhaps been the subject of  more research and effort than any other area of ​​computer security. A less obvious threat to confidentiality concerns data analysis  and is manifested in the use of so-called statistical databases that provide summary or aggregated information.

Presumably, the existence of aggregated information does not endanger the privacy of the individuals involved. However, as the use of statistical databases increases, there is  increasing potential for disclosure of personal data. In essence, the characteristics of the constituent persons can be identified through careful  analysis.

For example, if one table shows the total income of respondents A, B, C, and D and another shows the total income of respondents A, B, C, D, and E, the difference between the two totals would be  E. This problem is compounded by growing desire aggravated to combine records. In many cases, matching multiple datasets for consistency at different levels of aggregation requires access to individual entities. Therefore, individual entities that are the subject of privacy concerns are available at different stages  of record processing.

COMMUNICATION LINES AND NETWORKS

Attacks on network security  can be divided into passive attacks and active attacks. A passive attack attempts to learn or use system information, but does not affect system resources. An active attack attempts to alter system resources or compromise its operation.

Passive attack

Passive attacks are in the nature of spying or monitoring transmissions. The attacker's goal is to get hold of the transmitted information. Two types of passive attacks are news content publishing and traffic analysis. News content publishing is easy to understand. A telephone conversation, an e-mail message and a transmitted file may contain sensitive or confidential information.

We want to prevent an adversary from learning the content of these transmissions.A second type of passive attack, traffic analysis, is more subtle. Suppose we had a way to mask the content of messages or other information traffic so that even if adversaries intercepted the message, they couldn't extract the information from the message. The usual technique for masking content is encryption. If we had encryption protection, an adversary could still  observe the pattern of these messages. 

The adversary could determine the location and identity of the communicating hosts and  observe the frequency and duration of the messages exchanged.This information can be useful in guessing the type of communication that took place. Passive attacks are very difficult to detect as they do not involve any modification of the data.

 Typically,  message traffic appears to be sent and received normally, and neither the sender nor the receiver are aware that a third party has read the messages or observed the traffic pattern. However,  the success of these attacks can usually be prevented by encryption. Therefore, when dealing with passive attacks, the focus is more on prevention than detection.

Active attacks

Active attacks involve some modification of the data stream or creation of a spoofed stream and can be further divided into four categories: playback, masquerading, message modification and denial of service. Replay involves passively capturing a unit of  data  and then retransmitting it to produce an unauthorized effect. 

A masquerade occurs when an entity pretends to be another entity. A masquerade attack usually involves one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has occurred, allowing an authorized entity with low privileges to gain additional  privileges by  impersonating an entity with those privileges.

Message altering simply means altering part of a legitimate message, or delaying or rearranging messages  to produce an unauthorized effect. For example, a message that says "Allow John Smith to read confidential file accounts" is changed to "Allow Fred Brown to read confidential file accounts".The denial of service prevents or prevents the normal use or management of communication facilities. 

This attack can have a specific target; For example, an entity can delete all messages addressed to a specific destination (e.g. the security verification service). Another form of denial of service  is the disruption of an entire network, either by disabling the network or by overloading it with messages  to degrade performance. Active attacks have the opposite characteristics of passive attacks.

 While passive attacks are difficult to detect, there are measures  to prevent their success. On the other hand, it is quite difficult to absolutely prevent active attacks, as this would require physical protection of all facilities and communication channels at all times. Instead, the goal is to recognize them and  recover from any disruption or lag they cause. Because  detection is a deterrent, it can also help prevent.