shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

278
active users

#nonrepudiation

0 posts0 participants0 posts today
tuxwise<p>(15/N) Two more threat types defined:</p><p><strong>Undesirable non-repudiation or repudiation</strong></p><p><a href="https://mastodon.de/tags/Repudiation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Repudiation</span></a> (plausible denial) of what somebody has said / done / known / possessed becomes impossible because an adversary has managed to collect enough evidence to establish undesirable non-repudiation. In other words: the adversary can prove beyond reasonable doubt that "it" happened.</p><p>Alternatively, <a href="https://mastodon.de/tags/NonRepudiation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NonRepudiation</span></a> (proof beyond reasonable doubt) cannot be established because an adversary has managed to suppress or destroy enough evidence to gain the option of repudiation (plausible denial). In other words: the adversary can plausibly deny "it" happened.</p><p><strong>Detecting</strong></p><p>An adversary can check for the presence or absence of specific data items, which are tell-tale indicators for something else.</p><p>(to be continued)</p><p>Start of this thread:<br><a href="https://mastodon.de/@tuxwise/113503228291818865" translate="no" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.de/@tuxwise/113503228</span><span class="invisible">291818865</span></a></p><p><a href="https://mastodon.de/tags/ThreatModeling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatModeling</span></a> <a href="https://mastodon.de/tags/4D" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>4D</span></a></p>
tuxwise<p>(14/N) Having familiarized ourselves with categories of adversaries, their main goals and their respective, overall "modus operandi", let's look at the types of threats posed by them.</p><p>Again, it pays to focus on <em>types</em> of threats: We don't want to become mainly alert-triggered, but proactive. There are several frameworks we can borrow ideas from, most notably the LINDDUN framework that is geared toward threats to privacy, and can be extended a bit to cover more ground.</p><p>First, our list of threat types:</p><ul><li><a href="https://mastodon.de/tags/Linking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linking</span></a> (spotting connections and relationships)</li><li><a href="https://mastodon.de/tags/Identifying" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Identifying</span></a> (mapping to identities)</li><li>Undesirable <a href="https://mastodon.de/tags/NonRepudiation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NonRepudiation</span></a> or <a href="https://mastodon.de/tags/repudiation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>repudiation</span></a></li><li><a href="https://mastodon.de/tags/Detecting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Detecting</span></a> (absence or presence of indicators)</li><li>Data <a href="https://mastodon.de/tags/disclosure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>disclosure</span></a> (to the unauthorized)</li><li>Manufacturing cooperation (disguised or imposed bad consequences)</li><li><a href="https://mastodon.de/tags/Obstructing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Obstructing</span></a> (access, information, resources)</li><li><a href="https://mastodon.de/tags/NonCompliance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NonCompliance</span></a></li><li><a href="https://mastodon.de/tags/Interfering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Interfering</span></a> (with information, resources, processes, interactions)</li></ul><p>Our definitions of these, for our context:</p><p><strong>Linking</strong></p><p>An adversary can figure out connections and relationships between formerly isolated items of interest.</p><p><strong>Identifiying</strong></p><p>An adversary can link items of interest directly to a natural person.</p><p>(to be continued)</p><p>Start of this thread:<br><a href="https://mastodon.de/@tuxwise/113503228291818865" translate="no" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.de/@tuxwise/113503228</span><span class="invisible">291818865</span></a></p><p>LINDDUN:<br><a href="https://linddun.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">linddun.org/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.de/tags/ThreatModeling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatModeling</span></a> <a href="https://mastodon.de/tags/4D" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>4D</span></a></p>