Security Basics mailing list archives
RE: Was Re: RAID 5 drive replacement schedule - Now "Availability"
From: "Nick Vaernhoej" <nick.vaernhoej () capitalcardservices com>
Date: Mon, 23 Jun 2008 08:47:40 -0500
Mike, Based on my interpretation it seems to me like your interpretation will make a customer attempting to access his online banking but fails because the ISP has issues a security concern because his data isn't available. I think you say it best "It's about preventing unauthorized access and change while maintaining it's useability to authorized users." This means that regardless of our security implementations we have to make the data available to users. The availability criteria tries to make sure we do not unplug the server in our efforts to avoid an incident. It does not mean that hardware reliability becomes a security issue. Nick Vaernhoej "Quidquid latine dictum sit, altum sonatur." - -----Original Message----- - From: listbounce () securityfocus com - [mailto:listbounce () securityfocus com] On Behalf Of Mike Hale - Sent: Friday, June 20, 2008 4:10 PM - To: Mike Hale - Cc: Rivest, Philippe; Murda Mcloud; security-basics () securityfocus com - Subject: Re: Was Re: RAID 5 drive replacement schedule - Now - "Availability" - - Availability is allowing your authorized users to access the data when - they need to. - - "that in its self is not _always_ a security concern, but it can be." - I disagree with you. Availability is a fundamental portion of it - because without availability, that data is useless. If you don't have - access to it when you need it, I think your security system has - failed. - - You're also correct that if a system crashes, data is no longer - available. Sometimes, attacks on a network seek to do just that. - - As far as the definition of security (especially in terms of data), - papers have been written trying to pin it down. I think at it's most - basic, however, is CIA. Confidentiality, Integrity and Availability. - - It's about preventing unauthorized access and change while maintaining - it's useability to authorized users. This electronic transmission is intended for the addressee (s) named above. It contains information that is privileged, confidential, or otherwise protected from use and disclosure. If you are not the intended recipient you are hereby notified that any review, disclosure, copy, or dissemination of this transmission or the taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please notify the sender that this message was received in error and then delete this message. Thank you.
Current thread:
- RAID 5 drive replacement schedule Murda Mcloud (Jun 20)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 20)
- RE: RAID 5 drive replacement schedule Rivest, Philippe (Jun 20)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 20)
- Re: RAID 5 drive replacement schedule Mike Hale (Jun 20)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 20)
- Re: RAID 5 drive replacement schedule Mike Hale (Jun 20)
- Was Re: RAID 5 drive replacement schedule - Now "Availability" Adriel Desautels (Jun 20)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Mike Hale (Jun 20)
- RE: Was Re: RAID 5 drive replacement schedule - Now "Availability" Nick Vaernhoej (Jun 23)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Mike Hale (Jun 23)
- RE: Was Re: RAID 5 drive replacement schedule - Now "Availability" Murda Mcloud (Jun 24)
- RE: RAID 5 drive replacement schedule Rivest, Philippe (Jun 20)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Adriel Desautels (Jun 23)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Mike Hale (Jun 23)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Adriel Desautels (Jun 23)
- Message not available
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Adriel Desautels (Jun 23)
- RE: Was Re: RAID 5 drive replacement schedule - Now "Availability" Nick Vaernhoej (Jun 23)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 20)
- RE: Was Re: RAID 5 drive replacement schedule - Now "Availability" Steve Fox (Jun 26)
- RE: RAID 5 drive replacement schedule Petter Bruland (Jun 20)
- RE: RAID 5 drive replacement schedule Murda Mcloud (Jun 23)