Accession Number:

ADA465577

Title:

Storage Jamming

Descriptive Note:

Corporate Author:

NAVAL RESEARCH LAB WASHINGTON DC

Personal Author(s):

Report Date:

1995-01-01

Pagination or Media Count:

20.0

Abstract:

In the past, the most likely motive for attacks that modify data would have been financial gain. The problem of fraud has been addressed by Clark and Wilson 2, by Sandhu and Jajodia 13, and by others 8, 9. However, changes in technology have made many organizations so dependent on information systems that it is now possible to disrupt or degrade their operations by interfering with their supporting information systems 3. When this disruption is accomplished by unauthorized modification of data we call it storage jamming. Storage jamming is the malicious modification of stored data, done for the purpose of degrading or disrupting real-world operations that depend on the correctness of the data. We assume the person initiating the malicious modification frequently via a Trojan horse does not receive any direct benefit, financial or otherwise, but rather is motivated by more indirect goals such as improving the competitive position of his or her own organization. The target data need not be data stored by a general purpose database system, it can be any values stored for future reference application data, system data e.g. initialization files, linking data index structures, hot lists, routing tables, or metadata. In this sense, a file of electronic mail messages that have been saved for future reference is a fair target. We call the values introduced into storage by the jammer bogus values. We call the values we meant to store authentic values. If a data item contains a bogus value, we say that the data item has been jammed. In order to simplify our analysis of a very complex problem, we will exclude the possibility of mistakes made by users or inadvertent flaws in software. This does not mean that we exclude from consideration conventional data integrity techniques that also have anti-jamming properties.

Subject Categories:

  • Computer Hardware

Distribution Statement:

APPROVED FOR PUBLIC RELEASE