HostedDB - Dedicated UNIX Servers
fips191_8 FIPS PUB 191 2 THREATS, VULNERABILITIES, SERVICES & MECHANISMS A threat can be any person, object, or event that, if realized, could potentially cause damage to the LAN.  Threats can be malicious, such as the intentional modification of sensitive information, or can be accidental, such as an error in a calculation, or the accidental deletion of a file.  Threats can also be acts of nature, i.e. flooding, wind, lightning, etc.   The immediate damage caused by a threat is referred to as an impact. Vulnerabilities  are  weaknesses  in  a  LAN  that  can  be  exploited  by  a  threat. For  example, unauthorized  access  (the  threat)  to  the  LAN  could  occur  by  an  outsider  guessing  an  obvious password.   The vulnerability exploited is the poor password choice made by a user.   Reducing or eliminating the vulnerabilities of the LAN can reduce or eliminate the risk of threats to the LAN.   For example, a tool that can help users choose robust passwords may reduce the chance that users will utilize poor passwords, and thus reduce the threat of unauthorized LAN access. A security service is the collection of security mechanisms, supporting data files, and procedures that   help   protect   the   LAN   from   specific   threats. For   example,   the   identification   and authentication service helps protect the LAN from unauthorized LAN access by requiring that a user identify himself, as well as verifying that identity.    The security service is only as robust as the mechanisms, procedures, etc. that make up the service. Security  mechanisms  are  the  controls  implemented  to  provide  the  security  services  needed  to protect the LAN.  For example, a token based authentication system (which requires that the user be  in  possession  of  a  required  token)  may  be  the  mechanism  implemented  to  provide  the identification and authentication service.  Other mechanisms that help maintain the confidentiality of  the  authentication  information  can  also  be  considered  as  part  of  the  identification  and authentication service. This  section  is  composed  of  two  parts.    The  first  part  discusses  threats,  impacts  and  related vulnerabilities.   The threats are generally categorized based on the impact caused if the threat is realized.  For each impact category there is a discussion regarding the threats that may cause the impact,  potential  losses  from  the  threat,  and  the  vulnerabilities  that  may  be  exploited  by  the threat.  The  second  part  of  this  section  discusses  LAN  security  services  and  the  possible mechanisms that can be implemented to provide these services. 2.1 Threats and Vulnerabilities Identifying  threats  requires  one  to  look  at  the  impact  and  consequence  of  the  threat  if  it  is realized.   The impact of the threat, which usually points to the immediate near-term problems, results in disclosure, modification, destruction, or denial of service.   The more significant long- term consequences of the threat being realized are the result of lost business, violation of privacy, 10