csc205 security

threat -potential security violation
attack -attempt to breach

accidental/malicious
unauth read, write, delete

4 levels
physical
human
network
os

types of attack
interrupt [block]
intercept [read]
modify [change]
fabricate [fake as sender]

program threat
trapdoor [hole put by designer for himself]
worms [standalone program spawns itself]
trojan horse