Seonglae ChoConfidentiality, Integrity, Availability
Threats to Confidentiality
- Disclosure
- Usurpation
Threats to Integrity
- Deception
- Usurpation
Threats to Availability
- Disruption
- Usurpation
Threats to Data
Data in transit (usually midm between Alice and Bob is Eve because of Eavesdropper)
- Eavesdropper (passive)
- Man-in-the-middle (active)
Data at rest
- Storage Security
Data in use
- Vulnerability
Common Threats
- Snooping (passive wiretapping)
- Modification / Alteration / MITM (active wiretapping)
- Masquerading / Spoofing (impersonation of an entity)
- Repudiation of origin (false denial that an entity created something)
- Denial of receipt
- Delay
- Denial of Service
Information leakage
비밀 정보가 관찰 가능한 정보와 연관되거나 연관 될 수있을 때 발생