đź’µ
ITU DFS Security Assurance Framework
  • Acronyms
  • Executive Summary
  • Introduction
  • ITU-T Recommendation X.805 Overview
  • DFS Provider Business Models
  • Elements of DFS ecosystem
  • Security threats
  • DFS Security Assurance Framework
    • Risk assessment methodology
      • Assessment of DFS security vulnerabilities, threats and mitigation Measures
  • DFS security vulnerabilities, threats and mitigation Measures In order to systematical
    • Account and Session Hijacking
    • Attacks against systems and platforms
    • Code Exploitation Attacks
    • Data Misuse
    • Denial of Service Attacks
    • Insider Attacks
    • Man-in-the-middle and social engineering attacks
    • Compromise of DFS Infrastructure
    • Compromise of DFS Services
    • SIM attacks
    • Unauthorized access to DFS data
    • Malware
    • Rogue Devices
    • Unauthorised Access to Mobile Devices
    • Unintended Disclosure of Personal Information
    • Zero-Day Attacks
    • Attacks against credentials
Powered by GitBook
On this page
  1. DFS security vulnerabilities, threats and mitigation Measures In order to systematical

Insider Attacks

Attacks as performed by adversaries within the organization’s perimeter, often who have elevated access and privileges to resources.

Affected entity: DFS Provider

Risk: Data exposure and modification

  • Vulnerability: Insufficient internal controls on critical operations (SD: access control)

Risk: Lack of validation of data inputs (SD: data integrity)

  • Control 7.2: DFS providers should ensure sufficient separation of duties for maker-approver; for example, an administrator may not have access rights to both create and activate a DFS account

  • Vulnerability: Inadequate privilege management & control (SD: access control)

Risk: Data inaccuracy and inconsistency

  • Vulnerability: Use of test data & configurations in a production environment (SD: data integrity)

  • Vulnerability: Insufficient logging, inability to protect logs from alteration. (SD: non-repudiation)

  • Vulnerability: Inaccurate and unsynchronised clocks (SD: data integrity)

PreviousDenial of Service AttacksNextMan-in-the-middle and social engineering attacks

Last updated 2 years ago