Security Breaches Security Breach And Vulnerability

Charlie O’Donnell Security Breach and Vulnerability Dr. Mohammed 11/20/2014 Abstract Security breaches are occurring at a much more rapid rate in the world today. Major companies and corporations are revealing their breaches and telling the public false information. Many security breaches occur because of exploitation of vulnerabilities, exploits and attacks both internal and external within the system. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. The purpose of this paper is to understand the vulnerabilities, framework, and types of attacks for security requirements and analysis centered on preventing a breach. The framework shows†¦show more content†¦In security engineering, a vulnerability causes errors and weakness to the IT systems. Environment vulnerabilities in combination with an internal or external threats leads to a security failure. For example, vulnerabilities may result from input validation errors, memory safety violations, weak passwords, viruses, or other malware. In recent years, software companies and government agencies have become particularly aware of security risks that vulnerabilities impose on the system security and have started analyzing and reporting detected vulnerabilities of products and services (Ogut, Cavusoglu Raghunathan (2008). Internet and Web-based applications have made it possible to access information from anywhere. This new capability not only brings convenience to the authorized users but also motivates attackers alike. Only prevention based security measures that rely on access control or even fine-grained access control schemes, firewall and encryption, often fail to protect sensitive information against novel attacks. In view of this, a lot of emphasis is being given on strengthening intrusion detection systems for protecting secure information from unintended users. Related Work / Literature Review Information security breaches are often classified into the following categories: breaches of information confidentiality (breaches that allow unauthorized users access to confidential information); breaches related to information availability (breaches that prevent