Classification of information security threats
A threat is a factor that tends to disrupt the operation of the system.
Currently, a fairly extensive list of threats to information security is being considered, numbering hundreds of items.
In addition to identifying possible threats, an analysis of these threats should be carried out based on their classification according to a number of characteristics. Each of the classification features reflects one of the requirements for the protection system. At the same time, threats corresponding to each feature of the classification make it possible to clarify the requirements.
For the protected system, not a complete list of threats is compiled, but a list of threat classes determined by a number of basic features. This is due to the fact that it is impossible to describe the full set of threats due to the large number of factors affecting the information.
For example, you can suggest classifying threats according to the following criteria:
1. The nature of the occurrence: natural threats (related to natural processes) and artificial (caused by human activity).
2. The degree of premeditation of the manifestation: accidental or intentional.
3. The source of threats: the natural environment, humans, authorized software and hardware, unauthorized software and hardware.
4. Location of the threat source: within or outside the controlled area.
5. Dependence on the activity of the system: they appear only during data processing or at any time.
6. The degree of impact on the system: passive, active (make changes to the structure and content of the system).
7. The stage of access to resources: at the stage of access, after gaining access.
8. The method of access to resources: standard, non-standard.
9. Location of information: external media, operational memory, communication lines, I/O devices.
Regardless of the specific types of threats, it was considered advisable to link threats to the basic properties of the protected information.
Accordingly, it was proposed to consider three main types of threats for information systems:
The threat of violation of confidentiality is realized if the information becomes known to a person who does not have the authority to access it. The threat of a breach of confidentiality occurs whenever access is gained to some secret information stored in an information system or transmitted from one system to another. Sometimes the term "leak" is used in connection with the threat of privacy violations.
The threat of integrity violation is realized when unauthorized changes are made to information stored in an information system or transmitted from one system to another. When attackers intentionally change information, it is said that the integrity of the information is violated. Integrity will also be compromised if an accidental software or hardware error leads to an unauthorized change. Authorized changes are those made by authorized persons for a reasonable purpose (for example, an authorized change is a periodic scheduled correction of some database).
The threat of a violation of accessibility (failure of services) is realized when, as a result of deliberate actions taken by another user or an attacker, access to some resource of the computing system is blocked. Blocking can be permanent - the requested resource will never be received, or it can only cause a delay in the requested resource.
These types of threats can be considered primary or immediate, because if we consider the concept of a threat as some potential danger, the implementation of which damages the information system, then the implementation of the above threats will lead to a direct impact on the protected information. At the same time, a direct impact on information is possible for the attacking party if the system in which information circulates is "transparent" to it, i.e. there are no protection systems or other obstacles. The threats described above were formulated in the 1960s. in relation to open UNIX-like systems, for which information protection measures were not provided.
At the present stage of information technology development, subsystems or protection functions are an integral part of information processing complexes. The information is not presented "in its pure form", there is at least some kind of protection system on the way to it, and therefore, in order to threaten, the attacking side must overcome this system. Since overcoming protection also poses a threat, for protected systems we will consider its fourth type - the threat of disclosing the parameters of a system that includes a protection system. In practice, any event is preceded by a stage of exploration, during which the main parameters of the system, its characteristics, etc. are determined. The result of exploration is the clarification of the task, as well as the choice of the most optimal technical means.
The threat of disclosure of system parameters can be considered as indirect. The consequences of its implementation do not cause any damage to the processed information, but make it possible for the primary or immediate threats listed above to be realized. The introduction of this type of threat makes it possible to describe the differences between protected and open information systems. For the latter, the threat of exploration of the system parameters is considered realized.
