In computer security a countermeasure is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.
The definition is as IETF RFC 2828 that is the same as CNSS Instruction No. 4009 dated 26 April 2010 by Committee on National Security Systems of United States of America.
According to the Glossary by InfosecToday, the meaning of countermeasure is:
The deployment of a set of security services to protect against a security threat.
A synonym is security control.
In telecommunications, communication countermeasures are defined as security services as part of OSI Reference model by ITU-T X.800 Recommendation.
X.800 and ISO ISO 7498-2 (Information processing systems – Open systems interconnection – Basic Reference Model – Part 2: Security architecture are technically aligned.
The following picture explain the relationships between these concepts and terms:
-+
| An Attack: | |Counter- | | A System Resource: |
| i.e., A Threat Action | | measure | | Target of the Attack |
| +----------+ | | | | +-----------------+ |
| | Attacker |
Cette page est générée automatiquement et peut contenir des informations qui ne sont pas correctes, complètes, à jour ou pertinentes par rapport à votre recherche. Il en va de même pour toutes les autres pages de ce site. Veillez à vérifier les informations auprès des sources officielles de l'EPFL.
This advanced course will provide students with the knowledge to tackle the design of privacy-preserving ICT systems. Students will learn about existing technologies to prect privacy, and how to evalu
In computer security, a threat is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application. A threat can be either a negative "intentional" event (i.e. hacking: an individual cracker or a criminal organization) or an "accidental" negative event (e.g. the possibility of a computer malfunctioning, or the possibility of a natural disaster event such as an earthquake, a fire, or a tornado) or otherwise a circumstance, capability, action, or event.
Common Vulnerabilities and Exposures (« Vulnérabilités et expositions communes ») ou CVE est un dictionnaire des informations publiques relatives aux vulnérabilités de sécurité. Le dictionnaire est maintenu par l'organisme MITRE, soutenu par le département de la Sécurité intérieure des États-Unis. Les identifiants CVE sont des références de la forme CVE-AAAA-NNNN (AAAA est l'année de publication et NNNN un numéro d'identifiant). Par exemple, la faille FREAK a pour identifiant CVE-2015-0204.
Security service is a service, provided by a layer of communicating open systems, which ensures adequate security of the systems or of data transfers as defined by ITU-T X.800 Recommendation. X.800 and ISO 7498-2 (Information processing systems – Open systems interconnection – Basic Reference Model – Part 2: Security architecture) are technically aligned. This model is widely recognized A more general definition is in CNSS Instruction No.
Couvre les techniques de test de sécurité, l'usurpation de vulnérabilités, les interdictions de cryptage et les propriétés de sécurité du réseau.
Explore la pensée contradictoire, les faiblesses communes et les défenses inefficaces dans les systèmes logiciels, en soulignant l'importance d'atténuer les vulnérabilités courantes.
The pervasive adoption of field-programmable gate arrays (FPGAs) in both cyber-physical systems and the cloud has raised many security issues. Being integrated circuits, FPGAs are susceptible to fault and power side-channel attacks, which require physical ...
EPFL2023
, ,
The vulnerability against interference, spoofing, and jamming of GNSS receivers is considered nowadays a major security concern. This security threat is exacerbated with the existing market availability of GPS jamming and spoofing equipment sold at reasona ...