Difference between revisions of "Attack"
Jump to navigation
Jump to search
m (Text replacement - "Attack tree" to "Attack Tree") |
|||
| Line 27: | Line 27: | ||
===Standard Definition=== | ===Standard Definition=== | ||
| − | + | ====[[IETF]]==== | |
| + | {{definition|An intentional act by which an entity attempts to evade security services and violate the security policy of a system. That is, an actual assault on system security that derives from an intelligent [[threat]].<br/><br/>A method or technique used in an assault (e.g., masquerade).<ref name="IETFrefs"> [https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br /> | ||
== Discussion Topic == | == Discussion Topic == | ||
| Line 46: | Line 47: | ||
<!-- Add category, i.e. [[Category:Main]] --> | <!-- Add category, i.e. [[Category:Main]] --> | ||
[[Category:Threat]][[Category:Risk]] | [[Category:Threat]][[Category:Risk]] | ||
| − | {{#set:defined by=ITU-T|defined by=Czech Republic|defined by=Japan}} | + | {{#set:defined by=ITU-T|defined by=Czech Republic|defined by=Japan|defined by=IETF}} |
Revision as of 17:20, 7 February 2016
Contents
Definitions
European Definitions
Other International Definitions
ITU-T
(Cyber) attack are the activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. [1]
By a direct attack on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. Indirect attacks are performed
when they bypass the mechanism, or when they make the system use the mechanism incorrectly.
Attaque: Activités entreprises pour contourner ou exploiter des déficiences constatées dans les mécanismes de sécurité d'un système. [2]
Ataque: Actividades realizadas para obviar los mecanismos de seguridad de un sistema o aprovechar sus deficiencias. [3]
攻击: 为绕过一个系统的安全机制或利用其漏洞而采取的行动. [4]
National Definitions
Czech Republic
Útok: Pokus o zničení, vystavení hrozbě, nežádoucí změnu, vyřazení z činnosti, zcizení nebo získání neautorizovaného přístupu k aktivu nebo uskutečnění neautorizovaného použití aktiva. [5]
Attack is an attempt at destruction, exposure to a threat, unwanted change, putting out of operation, stealing or obtaining an unauthorized access to an asset or execution of an unauthorized use of an asset. [6]
Attack is an attempt at destruction, exposure to a threat, unwanted change, putting out of operation, stealing or obtaining an unauthorized access to an asset or execution of an unauthorized use of an asset. [6]
Japan
攻撃: インテリジェントな脅威、すなわちセキュリティサービスを回避し、システムのセキュリティポリシーを侵害する故意の試み(特に、方式あるいは技法という意味において)としてのインテリジェントな動作によってもたらされるセキュリティシステムへの攻撃.
(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [7]
(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [7]
Standard Definition
IETF
An intentional act by which an entity attempts to evade security services and violate the security policy of a system. That is, an actual assault on system security that derives from an intelligent threat.
A method or technique used in an assault (e.g., masquerade).[8]
A method or technique used in an assault (e.g., masquerade).[8]
Discussion Topic
See also
Notes
- ↑ ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ 关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ http://www.ipa.go.jp/security/rfc/RFC2828EN.html RFC2828 (Japanese translation)
- ↑ IETF RFC449 Internet Security Glossary 2
