Difference between revisions of "Cyber Attack"
Jump to navigation
Jump to search
(→NIST) |
|||
| Line 1: | Line 1: | ||
<br /> | <br /> | ||
==Definitions== | ==Definitions== | ||
| − | + | === Other International Definitions === | |
| − | --> | + | ==== [[ITU-T]] ==== |
| + | {{definition|(Cyber) attack are the activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. <ref>ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T H.235.</ref>}}By a ''direct attack'' on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. ''Indirect attacks'' are performed | ||
| + | when they bypass the mechanism, or when they make the system use the mechanism incorrectly.<br /> | ||
| + | {{definition|Attaque: Activités entreprises pour contourner ou exploiter des déficiences constatées dans les mécanismes de sécurité d'un système. <ref>Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T H.235.</ref>}}<br /> | ||
| + | {{definition|Ataque: Actividades realizadas para obviar los mecanismos de seguridad de un sistema o aprovechar sus deficiencias. <ref>Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T H.235.</ref>}}<br /> | ||
| + | {{definition|攻击: 为绕过一个系统的安全机制或利用其漏洞而采取的行动. <ref>关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.</ref>}} | ||
| + | <br /> | ||
| + | |||
=== National Definitions === | === National Definitions === | ||
| + | |||
| + | ==== [[Japan]] ==== | ||
| + | {{definition|攻撃: インテリジェントな脅威、すなわちセキュリティサービスを回避し、システムのセキュリティポリシーを侵害する故意の試み(特に、方式あるいは技法という意味において)としてのインテリジェントな動作によってもたらされるセキュリティシステムへの攻撃. <br/><br/>(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. <ref>http://www.ipa.go.jp/security/rfc/RFC2828EN.html RFC2828 (Japanese translation) </ref>}}<br/> | ||
| + | |||
==== [[United States]]==== | ==== [[United States]]==== | ||
===== [[NIST]]===== | ===== [[NIST]]===== | ||
| Line 20: | Line 31: | ||
* Test reference. --> | * Test reference. --> | ||
[[Category:Security]] | [[Category:Security]] | ||
| − | {{#set:defined by=United States|defined by=NIST}} | + | {{#set:defined by=Japan|defined by=United States|defined by=NIST}} |
Revision as of 14:32, 15 March 2016
Contents
Definitions
Other International Definitions
ITU-T
(Cyber) attack are the activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. [1]
By a direct attack on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. Indirect attacks are performed
when they bypass the mechanism, or when they make the system use the mechanism incorrectly.
Attaque: Activités entreprises pour contourner ou exploiter des déficiences constatées dans les mécanismes de sécurité d'un système. [2]
Ataque: Actividades realizadas para obviar los mecanismos de seguridad de un sistema o aprovechar sus deficiencias. [3]
攻击: 为绕过一个系统的安全机制或利用其漏洞而采取的行动. [4]
National Definitions
Japan
攻撃: インテリジェントな脅威、すなわちセキュリティサービスを回避し、システムのセキュリティポリシーを侵害する故意の試み(特に、方式あるいは技法という意味において)としてのインテリジェントな動作によってもたらされるセキュリティシステムへの攻撃.
(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [5]
(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [5]
United States
NIST
Cyber attack is an attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. [6]
See also
Notes
- ↑ ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ 关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.
- ↑ http://www.ipa.go.jp/security/rfc/RFC2828EN.html RFC2828 (Japanese translation)
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
