According to David Icove [John D. Howard, "An Analysis Of Security Incidents On The Internet 1989 - 1995," Ph.D. thesis, Engineering and Public Policy, Carnegie Mellon University, 1997.] Based on the security hole, security can be classified into four, namely:
1. Physical security (physical security): includes access to the building, equipment, and the media used. Example:
- Wiretapping or things to do with access to cable or used a computer can also be included in this class.
- Denial of service, done for example by turning off equipment or communication lines flooded with messages (which can contain anything that is preferred is the large number of messages).
- Syn Flood Attack, where the system (host) The destination flooded by requests that she be too busy and can even result in breakdown of the system (hangs).
2. Security-related people (personnel), Example:
- Identify the user (username and password)
- the risk profile of people who have access (users and managers).
3. Security of data and media and communications engineering (communications).
4. Safety in operation: The procedures used to organize and manage the security system, and also including the procedures after the attack (post attack recovery).
No comments:
Post a Comment