1 ... 11 12 13 14 15 16 17 18 ... 30

5.1.1Operational Integrity Threats


Operational integrity threats are those threats that affect integrity of the system or information in the system and may be caused by operational users of the system. The specific threats are listed below in Table 20.

Table 20. Operational Integrity Threats




      1. Dostları ilə paylaş:

        ©2018 Учебные документы
        Рады что Вы стали частью нашего образовательного сообщества.

Operational Disclosure Threats - Ami-sec risk Assessment & System Requirements

səhifə15/30
tarix28.10.2017
ölçüsü1.35 Mb.

Operational Disclosure Threats


Operational disclosure threats are those threats that affect confidentiality of the system and may be caused by operational users of the system. The specific threats are listed below in Table 19.

Table 19. Operational Disclosure Threats




Threat Name

Severity

Likelihood

Description

T.Op.Disclosure.1

Medium

Likely

An entity views an information asset it is not authorized to view.

T.Op.Disclosure.2

Medium

Likely

An entity enters, edits, or imports content with attributes it does not have access to resulting in unauthorized disclosure.

T.Op.Disclosure.3

Medium

Likely

An entity improperly copies to the wrong ownership resulting in disclosure to a different set of entities prior to obtaining authorization to disseminate.

T.Op.Disclosure.4

Medium

Likely

An entity regrades to incorrect values in the access control attributes resulting in the unauthorized access to the information content resulting in disclosure. Incorrect values could be as a result of:

    • Negligence

    • Hidden or malicious content

    • Content different than what was displayed

T.Op.Disclosure.5

Medium

Likely

An entity improperly publishes a document resulting in disclosure or exfiltration of information assets.

T.Op.Disclosure.6

Medium

Likely

An AMI entity improperly publishes a document to the wrong location resulting in disclosure or exfiltration of information assets.

T.Op.Disclosure.7

Medium

Likely

An AMI entity fails to delete all copies of an information object resulting in disclosure of information that may have been distributed (e.g., after publishing a document with incorrect information, he tries to delete, but the genie is out of the bottle; or had a bad delete list; or user forgot to select all objects that he intended to delete).

T.Op.Disclosure.8

High

Likely

An entity collects (e.g., signals intelligence SIGINT) unprotected (plaintext) content and unprotected object attributes and endorsements resulting in unauthorized disclosure.

T.Op.Disclosure.9

Medium

Likely

An entity executes a view function (decryption) on an object they are not authorized to access resulting in unauthorized disclosure.

T.Op.Disclosure.10

High

Likely

An entity collects (e.g., signals intelligence SIGINT, human intelligence HUMINT) unprotected (plaintext) content and unprotected object attributes and endorsements resulting in unauthorized disclosure.

T.Op.Disclosure.11

Medium

Likely

An entity executes an export function on an information object they are not authorized to export resulting in unauthorized disclosure.

T.Op.Disclosure.12

Medium

Likely

An entity executes an export function on an information object they are authorized to export to the wrong non-AMI network resulting in unauthorized disclosure.

T.Op.Disclosure.13

High

Likely

An AMI entity with access in a remote information system attempts to access AMI information objects in an unauthorized manner.

T.Op.Disclosure.14

Low

Unusual

An entity views unauthorized AMI directory structure resulting in unauthorized disclosure. (e.g. an unauthorized user is presented unauthorized directory names)

T.Op.Disclosure.15

Medium

Likely

An entity views an information asset it is not authorized to view because an authorized user viewed the information on an unauthorized component.



Threat Name

Severity

Likelihood

Description

T.Op.Integrity.1

High

Likely

An entity modifies an information asset it is not authorized to modify.

T.Op.Integrity.2

Medium

Likely

An entity modifies information content it is not authorized to modify (see T.Integrity.1).

T.Op.Integrity.3

High

Likely

An entity modifies access control attributes when it does not have regrade function access (see T.Integrity.1).

T.Op.Integrity.4

High

Likely

An entity modifies information attributes it is not authorized to modify (see T.Integrity.1).

T.Op.Integrity.5

High

Likely

An entity modifies policy it is not authorized to modify (see T.Integrity.1).

T.Op.Integrity.6

High

Unusual

An entity modifies display signals resulting in incorrect information being displayed.

T.Op.Integrity.7

High

Likely

An AMI entity with access in a remote information system attempts to modify AMI information objects in an unauthorized manner.

T.Op.Integrity.8

High

Likely

An entity modifies a AMI component software or operating system resource asset in an unauthorized manner.

?


opredelenie-serdechnoj.html

opredelenie-sindroma-2.html

opredelenie-socialnogo.html

opredelenie-soderzhaniya-5.html

opredelenie-sostava.html