入侵計算機的特點和破壞安全的類型

CHARACTERISTICS OF COMPUTER INTRUSION AND KINDS OF SECURITY BREACHES

1．CHARACTERISTICS OF COMPUTER INTRUSION

　　The target of a crime involving computers may be any piece of the computing system．A computing system is a collection of hardware，software，storage media，data，and persons that an organization uses to do computing tasks．Whereas the obvious target of a bank robbery is cash，a list of names and addresses of depositors might be valuable to a competing bank．The list might be on paper，recorded on a magnetic medium，stored in internal computer memory，or transmitted electronically across a medium such as a telephone line．This multiplicity of targets makes computer security difficult．
　　In any security system，the weakest point is the most serious vulnerability．A robber intent on stealing something from your house will not attempt to penetrate a two-inch thick metal door if a window gives easier access．A sophisticated perimeter physical security system does not compensate for unguarded access by means of a simple telephone line and a modem．The“weakest point”philosophy can be restated as the following principle．
　　Principle of Easiest Penetration．An intruder must be expected to use any available means of penetration．This will not necessarily be the most obvious means，nor will it necessarily be the one against which the most solid defense has been installed[1]．
　　This principle says that computer security specialists must consider all possible means of penetration，because strengthening one may just make another means more appealing to intruders[2]．We now consider what these means of penetration are．

2．KINDS OF SECURITY BREACHES

　　In security，an exposure is a form of possible loss or harm in a computing system；examples of exposures are unauthorized disclosure of data，modification of data，or denial of legitimate access to computing．A vulnerability is a weakness in the security system that might be exploited to cause loss or harm．A human who exploits a vulnerability perpetrates an attack on the system．Threats to computing systems are circumstances that have the potential to cause loss or harm；human attacks are examples of threats，as are natural disasters，inadvertent human errors，and internal hardware or software flaws[3]．Finally，a control is a protective measure—an action，a device，a procedure，or a technique一that reduces a vulnerability．
　　The major assets of computing systerns are hardware，software，and data．There are four kinds of threats to the security of a computing system：interruption，interception，modification，and fabrication．The four threats all exploit vulnerabilities of the assets in computing systems．These four threats are shown in Fig. 18-1．

　　（1）In an interruption，an asset of the system becomes lost or unavailable or unusable．An example is malicious destruction of a hardware device，erasure of a program or data file，or failure of on operating system file manager so that it cannot find a particular disk file．
　　（2）An interception means that some unauthorized party has gained access to an asset．The outside party can be a person，a program，or a computing system．Examples of this type of failure are illicit copying of program or data files，or wiretapping to obtain data in a network．While a loss may be discovered fairly quickly，a silent interceptor may leave no traces by which the interception can be readily detected[4]．
　　（3）If an unauthorized party not only accesses but tampers with an asset，the failure becomes a modif ication．For example，someone might modify the values in a database，alter a program so that it performs an additional computation，or modify data being transmitted electronically．It is even possible for hardware to be modified．Some cases of modification can be detected with simple measures，while other more subtle changes may be almost impossible to detect．
（4）Finally，an unauthorized party might fabricate counterfeit objects for a computing system．The intruder may wish to add spurious transactions to a network communication system，or add records to an existing data base．Sometimes these additions can be detected as forgeries，but if skillfully done，they are virtually indistinguishable from the real thing．
　　These four classes of interference with computer activity—interruption，interception，modification，and fabrication—can describe the kinds of exposures possible．Examples of these kinds of interferences are shown in Fig. 18-2．

NOTES
[1]not…，nor結搆，譯爲“既不…也不…”，against which…爲定語從句，脩飾前麪的one，one代表means。
[2]主句中由that引出的是賓語從句。because引出的原因狀語從句中，主語爲strengthening one，more appealing爲賓語補足語。