Home | | Information Management | Message Integrity Threats

Chapter: Security in Computing : Security in Networks

Message Integrity Threats

In many cases, the integrity or correctness of a communication is at least as important as its confidentiality. In fact for some situations, such as passing authentication data, the integrity of the communication is paramount.

Message Integrity Threats

 

In many cases, the integrity or correctness of a communication is at least as important as its confidentiality. In fact for some situations, such as passing authentication data, the integrity of the communication is paramount. In other cases, the need for integrity is less obvious. Next we consider threats based on failures of integrity in communication.

 

Falsification of Messages

 

Increasingly, people depend on electronic messages to justify and direct actions. For example, if you receive a message from a good friend asking you to meet at the pub for a drink next Tuesday evening, you will probably be there at the appointed time. Likewise, you will comply with a message from your supervisor telling you to stop work on project A and devote your energy instead to project B. As long as it is reasonable, we tend to act on an electronic message just as we would on a signed letter, a telephone call, or a face-to-face communication.

 

However, an attacker can take advantage of our trust in messages to mislead us. In particular, an attacker may

 

·      change some or all of the content of a message

 

·      replace a message entirely, including the date, time, and sender/receiver identification

 

·      reuse (replay) an old message

 

·      combine pieces of different messages into one

 

·      change the apparent source of a message

 

·      redirect a message

 

·      destroy or delete a message

 

These attacks can be perpetrated in the ways we have already examined, including

 

·      active wiretap

 

·      Trojan horse

 

·      impersonation

 

·      preempted host

 

·      preempted workstation

 

Noise

 

Signals sent over communications media are subject to interference from other traffic on the same media, as well as from natural sources, such as lightning, electric motors, and animals. Such unintentional interference is called noise. These forms of noise are inevitable, and they can threaten the integrity of data in a message.

 

Fortunately, communications protocols have been intentionally designed to overcome the negative effects of noise. For example, the TCP/IP protocol suite ensures detection of almost all transmission errors. Processes in the communications stack detect errors and arrange for retransmission, all invisible to the higher-level applications. Thus, noise is scarcely a consideration for users in security-critical applications.


Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Security in Computing : Security in Networks : Message Integrity Threats |

Related Topics

Information Management
Anna University - All Subjects
Anna University IT - All Subjects
Engineering - All Subjects
Information Technology Engineering - All Subjects
Security in Computing : Security in Networks
Security in Networks
Network Concepts
Network Media
Network Protocols
Types of Networks
Threats in Networks
Who Attacks Networks?
Threats in Transit: Eavesdropping and Wiretapping
Protocol Flaws
Impersonation
Message Confidentiality Threats
Message Integrity Threats
Format Failures
Web Site Vulnerabilities
Denial of Service
Distributed Denial of Service
Threats in Active or Mobile Code
Threats in Active or Mobile Code
Networks Complex Attacks
Network Security Controls - Security Threat Analysis
Architecture - Security in Networks
Encryption - Security in Networks
Content Integrity - Security in Networks
Strong Authentication and Kerberos - Security in Networks
Access Controls - Security in Networks


Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.