Classification of security threats.
In order for one to produce a secure system, it is important to classify
threats. The classification of threats could be:
Physical threats
Accidental error
Unauthorized access
Malicious misuse.
Pysical Threat
Physical threat to a computer system could be as a result of loss of the whole
computer system, damage of hardware, damage to the computer software, theft of
the computer system, vandalism, natural disaster such as flood, fire, war,
earthquakes etc. Acts of terrorism such as the attack on the world trade centre
is also one of the major threats to computer which can be classified as physical
threat.
Another good example of a physical threat to computer system is the flooding of
the city of New Orleans (Hurricane Katrina) during which valuable information
was lost and billions of computer data were destroyed.
Accidental error
This is also an important security issue which computer security experts should
always put into consideration when designing security measures for a system.
Accidental errors could occur at any time in a computer system but having proper
checks in place should be the major concern of the designer. Accidental error
includes corruption of data caused by programming error, user or operator error.
Unauthorized access
Dada stored on the computer system has to be accessed for it to be translated
into useful information. This also poses a great security threats to the
computer system due to unauthorized person's having access to the system. Not
only this, information can be accessed via a remote system in the process of
being transmitted from one point to the other via network media which includes
wired and wireless media. Considering an example of an organization in which a
member of staff at a particular level of hierarchy within the establishment is
only allowed access to specific area according to the policy of the
organization. If this employee by other means not set in the organization policy
gain access to the restricted data area on the computer, this can be termed an
un authorized access.
Malicious misuse
Any form of tampering of the computer system which includes penetration, Trojan
horses’ viruses and any form of illegal alteration of the computer system which
also includes the generation of illegal codes to alter the standard codes within
the system can be termed as malicious misuse. This could also lead to a great
financial loss and should be prevented in all cases.
University of east London school of computing and technology. System Integration
(CNM009) Lecture Manual.
Author: Olundegun A. O.