Shared Flashcard Set

Details

2I - SES 622 - Module 9 - Integration Issues
N/A
8
Engineering
Graduate
05/03/2012

Additional Engineering Flashcards

 


 

Cards

Term
What is an internal interface?
Definition
A communication path between internal system components.
Term
What is an external interface?
Definition
A communication path between the system and system external to the system (Note: includes internal interfaces that communication across system boundaries)
Term
What are the four basic rules of interface security?
Definition
Rule 1 - Trust no one
Rule 2 – Trust but verify
Rule 3 – Document interface specifications, share with counterparties
Rule 4 – Support and monitor conformity to specifications
Term
Security Integration touchstones
Definition
• Operating environment, and the maintenance of a secure operating posture
• Information and the maintenance of security of the information during its manipulation and processing
• Infrastructure computing devices, and the protection of hardware software, and protocols, encompassing network, OS, electronic machines
• Facility protection buildings and physical locations and objects stored therein
• People, their trustworthiness and their awareness of security concerns
• Administration aspects of system and security
• Emanation Security deals with signals generated by all machines that can transmit information outside the security domain
• Mobile devices and their protection profile in both friendly and hostile possession
• Communications of information between internal system elements and between system elements and external systems
Term
What is an N2 (functional interface) diagram?
Definition
A diagram in the shape of a matrix, representing functional or physical interfaces between system elements.
Term
Common Interface Threats
Definition
• Fuzzing – accidental or malicious
• Spoofing – device or user level
• Tampering – physical or software or user environment or configuration, etc.
• Information leakage
• Denial of service
• Elevation of privilege
Term
What is fuzzing?
Definition
Involves providing invalid, unexpected, or random data to the inputs of a computer program. The program is then monitored for exceptions such as crashes, or failing built-in code assertions or for finding potential memory leaks.
Term
What is spoofing?
Definition
A situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Supporting users have an ad free experience!