Threat of Tampering........................

Week 4 assignment

Gregory Callahan

HIM 370

Professor Levack

June 1, 2013

I chose to write about the threat of tampering. Tampering describes any threat that allows an attacker (or accidentally causes a user) to alter or destroy data which the application has not allowed them to. Tampering threats are generally countered through quality implementations of Integrity protection and authorization. Back doors, also called trap doors, are pieces of code written into applications or operating systems to grant programmers access to programs without requiring them to go through the normal methods of access authentication. Back doors and trap doors have been around for many years. They're typically written by application programmers who need a means of debugging or monitoring code that they are developing. When debugging the program, the developer may wish to gain special privileges, or to avoid all the necessary setup and authentication steps. The programmer also may want to ensure that there is a method of activating the program should something be wrong with the authentication procedure that is being built into the application. The back door is code that either recognizes some special sequence of input, or is triggered by being run from a certain user ID. It then grants special access. Back doors become threats when they're used by unscrupulous programmers to gain unauthorized access. They are also a problem when the initial application developer forgets to remove a back door after the system has been debugged and some other individual discovers the door's existence. Back-door attacks -- those originating inside the network -- are triggered by roaming laptops, traveling floppy disks, independent contractors who unwittingly infect your network, and dial-up connections. Worms and other exploits are unleashed when the infected component reconnects to your corporate network. A layer of security at the host level is your best protection against attacks like these:...