Defenses Methods

Prevention

Prevent attackers from violating security policy.

Detection

Detect attackers’ violation of security policy.

Recovery

Stop attacks, assess, and repair damage. Continue to function correctly even if the attack succeeds

Controls

Encryption

• To ensure confidentiality and integrity of data.

• Weak encryption can be worse than no encryption.

Software / Program Controls

• Prevent outside attacks.

• Maintained and developed to ensure confidence.

Development controls

• Quality standards (e.g. recommending Penetration Testing).

Program controls include

• Internal program controls: parts of the program that enforce security restrictions.

  • i.e. access limitations in a database management program.

• Operating system and network system controls limitations enforced by the operating system or network to protect each user from all other users.

  • i.e. chmod on UNIX: (Read, Write, Execute) vs. (Owner, Group, Other).

• Independent control programs: application programs.

  • i.e. password checkers, intrusion detection utilities, or virus scanners, that protect against certain types of vulnerabilities.