id: Гость   вход   регистрация
текущее время 05:55 29/04/2024
Владелец: SATtva редакция от 08/03/2009 19:16 (автор: SATtva) Печать
Категории: инфобезопасность, модель угрозы
https://www.pgpru.com/Библиотека/Основы/SSD/Риски/Противники
создать
просмотр
редакции
ссылки

Это старая редакция страницы Библиотека / Основы / S S D / Риски / Противники за 08/03/2009 19:16.

Adversaries


Who Poses a Threat?


A critical part of assessing risk and deciding on security solutions is knowing who or what your adversary is. An adversary, in security-speak, is any person or entity that poses a threat against an asset. Different adversaries pose different threats to different assets with different risks; different adversaries will demand different solutions.


For example, if you want to protect your house from a random burglar, your lock just needs to be better than your neighbors', or your porch better lit, so that the burglar will choose the other house. If your adversary is the government, though, money spent on a better lock than your neighbors' would be wasted — if the government is investigating you and wants to search your house, it won't matter how well your security compares to your neighbors. You would instead be better off spending your time and money on other security measures, like encrypting your valuable information so that if it's seized, the government can't read it.


Here are some examples of the kinds of adversaries that may pose a threat to your digital privacy and security:


  • U.S. government agents that follow laws which limit their activities
  • U.S. government agents that are willing and able to operate without legal restrictions
  • Foreign governments
  • Civil litigants who have filed or intend to file a lawsuit against you
  • Companies that store or otherwise have access to your data
  • Individual employees who work for those companies
  • Hackers or organized criminals who randomly break into your computer, or the computers of companies that store your data
  • Hackers or organized criminals that specifically target your computer or the computers of the companies that store your data
  • Stalkers, private investigators or other private parties who want to eavesdrop on your communications or obtain access to your machines

This guide focuses on defending against threats from the first adversary — government agents that follow the law — but the information herein should also provide some help in defending against the others.


Назад | Дальше