
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
2
|
Chapter 1: Threat Modeling and Risk Management
Components of Risk
Simply put, risk is the relationship between your assets, the vulnerabilities character-
istic of or otherwise applicable to those assets, and attackers who wish to steal those
assets or interfere with their intended use. Of these three factors, you have some
degree of control over assets and their vulnerabilities. You seldom have control over
attackers.
Risk analysis is the identification and evaluation of the most likely permutations of
assets, known and anticipated vulnerabilities, and known and anticipated types of
attackers. Before we begin analyzing risk, however, we need to discuss the compo-
nents that it comprises.
Assets
Just what are you trying to protect? Obviously you can’t identify and evaluate risk
without defining precisely what is at risk.
This book is about Linux security, so it’s safe to assume that one or more Linux sys-
tems are at the top of your list. Most likely, those systems handle at least some data
that you don’t consider to be public.
But that’s only a start. If somebody compromises one system, what sort of risk does
that entail for other systems on the same network? What sort of data is stored on or
handled by these other systems, and is any of that data confidential? What are the
ramifications ...