#header-inner {background-position: right !important; width: 100% !important;}


The Internet Threat Model.

it's useful when planning for a distributed Internet application's security, it's configuration & implementation.

it's a summary of threats to be expected.

there are different threat models, this is most common threat model for the Internet, more or less, i read. at least from designers' of security protocols perspective.

this does not include wiretapping, social engineering & possibly other threats as power failures.

common threats:
- attacks on end systems threat, to disable or take over parts of distributed application.
- single point of failure threat - taking out a single system should not bring down whole distributed application, or too many of it's parts.
- poisoning threat - attackers might attempt to pretend to be legitimate users & attack communication protocols.
- modifying or reading communication between end systems threat.
- denial of service attack threat.
- security's too high cost threat.

source: [17].

No comments:

Post a Comment