Security Attributes

This section describes which security attributes (of the previously-identified assets) were compromised during the incident. To accomplish this, VERIS uses a paired version of the six primary security attributes of confidentiality/possession, integrity/authenticity, availability/utility. An extension of the “C-I-A Triad,” they are commonly called the “Parkerian Hexad,” after their originator, Donn Parker. Multiple attributes can be affected for any one asset and each attribute contains different metrics.

Confidentiality/Possession

Confidentiality refers to limited observation and disclosure of an asset (or data). A loss of confidentiality implies that data were actually observed or disclosed to an unauthorized actor rather than endangered, at-risk, or potentially exposed (the latter fall under the attribute of Possession and Control). Short definition: Limited access, observation, and disclosure.

Possession refers to the owner retaining possession and control of an asset (or data). A loss of possession or control means that the organization no longer has exclusive (or intended) custody and control over the asset or is unable to adequately prove it. The concept of endangerment (exposure to potential compromise or harm) is associated with this attribute whereas actual observation or disclosure of data falls under confidentiality. Short definition: Exclusive ownership and control (and ability to prove it).

tldr; A C/P compromise involves unauthorized access, disclosure or loss of control.

Disclosure

Question Text: Was non-public data disclosed?

User notes: N/A

Question type: enumerated list (multi-select)

Variable name: attribute.confidentiality.data_disclosure (string)

Purpose: Distinguishes between data compromise and exposure (at-risk) events.

Developer notes: N/A

Miscellaneous: For data_disclosure to be 'Yes,' there must be some indication that data was actually viewed or accessed by an unauthorized individual. The following are example scenarios and guidance on how to set this variable:

  • Unencrypted stolen or lost device: Potentially
  • Encrypted stolen or lost device: No
  • Improperly disposed documents or devices: Potentially
  • Accidentally publishing private data to a public website (no evidence that anyone viewed it): Potentially
  • Misaddressed envelope that was never traced or recovered: Potentially
  • Misaddressed envelope that was opened by the incorrect recipient: Yes
  • Scenarios not marked No or Potentially will change to Yes if discovered by an outside party. For instance, if an external party notifies the victim of a publishing error, the data is, by definition, disclosed.

Variety

Question Text: What varieties and amount of data were exposed or compromised?

User notes: Enter the number of records affected for each data variety. Be wary of double-counting.

Question type: enumerated list (multi-select) for variety and text field for amount

Variable name: attribute.confidentiality.data (comprised of the variety (string) and amount (integer)

Purpose: The variety and amount of data affected is central to assessing impact, proper response and reporting, etc.

Developer notes: N/A

Miscellaneous: N/A

State

Question Text: At the time of exposure or compromise, was the data being stored, transmitted, or processed?

User notes:

Question type: enumerated list (multi-select)

Variable name: attribute.confidentiality.state (string)

Purpose: Controls for data at-rest and data in-motion are often different.

Developer notes: N/A

Miscellaneous: N/A

Notes

Question Text: Enter any additional details you deem noteworthy about confidentiality/possession losses in this incident.

User notes:

Question type: text field

Variable name: attribute.confidentiality.notes (string)

Purpose: Catch-alls are handy

Developer notes: N/A

Miscellaneous: N/A

Integrity/Authenticity

Integrity refers to an asset (or data) being complete and unchanged from the original or authorized state, content, and function. Losses to integrity include unauthorized insertion, modification, manipulation, etc. Short definition: Complete and unchanged from original.

Authenticity refers to the validity, conformance, correspondence to intent, and genuineness of the asset (or data). Losses of authenticity include misrepresentation, repudiation, misappropriation, etc. Short definition: Valid, genuine, and conforms to intent.

tldr; An I/A compromise involves unauthorized change, non-conformance or invalidity.

Variety

Question Text: What was the variety or nature of integrity/authenticity loss?

User notes: N/A

Question type: enumerated list (multi-select)

Variable name: attribute.integrity.variety (string)

Purpose: Provides some additional context and structure around how integrity/authenticity was affected.

Developer notes: N/A

Miscellaneous: N/A

Notes

Question Text: Enter any additional details you deem noteworthy about integrity/authenticity losses in this incident.

User notes: N/A

Question type: text field

Variable name: attribute.integrity.notes (string)

Purpose: Catch-alls are handy

Developer notes: N/A

Miscellaneous: N/A

Availability/Utility

Availability refers to an asset (or data) being present, accessible, and ready for use when needed. Losses to availability include destruction, deletion, movement, performance impact (delay or acceleration), and interruption. Short definition: Accessible and ready for use when needed.

Utility refers to the usefulness or fitness of the asset (or data) for a purpose. Losses of utility include obscuration and conversion to a less useable or indecipherable form. Utility is distinguished from availability in that the data are still present but no longer (as) useable. Short definition: Usefulness or fitness for a purpose.

tldr; An A/U compromise involves assets being inaccessible or unusable as needed when needed.

Variety

Question Text: What was the variety or nature of availability/utility loss?

User notes: N/A

Question type: enumerated list (multi-select)

Variable name: attribute.availability.variety (string)

Purpose: Provides some additional context and structure around how availability/utility was affected.

Developer notes: N/A

Miscellaneous: N/A

Duration

Question Text: What was the duration of availability/utility loss?

User notes: N/A

Question type: enumerated list (multi-select)

Variable name: attribute.availability.duration (comprised of the unit (string) and value (number)

Purpose: The duration of availability/utility loss provides useful context and helps assess impact.

Developer notes: N/A

Miscellaneous: N/A

Notes

Question Text: Enter any additional details you deem noteworthy about availability/utility losses in this incident.

User notes:

Question type: text field

Variable name: attribute.availability.notes (string)

Purpose: Catch-alls are handy

Developer notes: N/A

Miscellaneous: N/A