Next: Entities Organization
Up: Security Requirements for Management
Relations are the main idea relevant for security in this paper. A
relation between two entities exists if they exchange any kind of
information. An intruder either attacks an existing relation or
an existing entity. In the latter case, he must establish a relation
with his target.
If there are no relations with others, an entity
is isolated and thus not subject to attacks (certainly even isolated
systems may be subject to attacks. However, this requires physical
access to the system and is thus not considered in this paper).
If there are relations security may become important.
To recognize attacks
it is necessary to identify relations and entities
participating in these relations. Knowing these entities it is
possible to classify relations as specific forms of interactions.
Finally, the functional components of these entities must be
identified. These components are the actual points of attacks and
thus have to implement security.
Copyright Munich Network Management Team