Disrupt
A service procedure is disrupted by another service if the second service results in service primitives of the first service not being used as specified for the procedure of the first service (ITU, 2012)
Primary reference(s)
ITU, 2012. X.216: Information technology – open systems interconnection – presentation service definition (1994 E). International Telecommunication Union (ITU). Accessed 20 December 2019.
Additional scientific description
Disruption of cyber networks is a complex issue (Seattle Office of Emergency Management, 2019) and may occur through:
- Power outages which can create cyber disruptions and if fuel delivery to generator sites is impaired, can cause extensive disruption.
- Hazards such as earthquakes, floods, and fires which can destroy computer and network equipment.
- High-powered sprinkler systems which may also cause water damage.
- Accidental damage to cables during construction or repaving projects, causing temporary internet and phone outages for thousands of customers.
- An electromagnetic pulse is an intense burst of electromagnetic energy resulting from natural (e.g., solar storms) or man-made (e.g., nuclear and pulse-power device) sources that can destroy or damage unshielded electrical and electronic equipment.
- Cyber-attack to gain unauthorised access to system services, resources, or information, or an attempt to compromise system integrity.
- Human error.
Metrics and numeric limits
The ISO/ IEC 27000 series are internationally accepted standards and guidance on the security of information and communication technology networks (ISO, 2015).
Key relevant UN convention / multilateral treaty
Not identified.
Examples of drivers, outcomes and risk management
The internet and communication networks are critical for society today and are dependent on many digital and mobile services. These networks are exposed to a range of challenges in attempting to provide normal levels of operation, including non-performance of components, wireless communication connectivity issues, malware, attacks (interruption, interception, modification and fabrication), misconfiguration due to human error and malicious behaviour, power failure, natural hazards and disasters. These can be expanded further to include network links and nodes in a geographical area (Çetinkaya et al., 2013).
The drivers of any disruption in data and communication networks can severely affect the performance of these networks at different layers of the Open Systems Interconnect (OSI) model.
The examples in the table are of different services for network security standards to reduce the disruption of data and communication networks (Kizza, 2017):
| Area of application | Service | Security standard |
|---|---|---|
| Internet security | Network authentication | Kerberos |
| Secure Transmission Control Protocol/ Internet Protocol (TCP/IP) communications over the Internet | IPsec | |
| Privacy-enhanced electronic mail | S/MIME, PGP | |
| Public Key Cryptography Standards | 3DES, DSA, RSA, MD5, SHA-1, PKCS | |
| Secure Hypertext Transfer Protocol | S-HTTP | |
| Authentication of directory users | SSL, TLS, SET | |
| Digital signature and encryption | Advanced encryption standard/ Public Key Infrastructure (PKI)/ digital certificates, Extensible Markup Language (XML) digital signatures | X.509, RSA BSAFE SecurXML-C, DES, AES, DSS/ DSA, EESSI, ISO 9xxx, ISO, SHA/SHS, XML digital signatures (XML-DSIG), XML Encryption (XMLENC), XML Key Management Specification (XKMS) |
| Login and authentication | Authentication of user’s right to use system or network resources | SAML, Liberty Alliance, FIPS 112 |
| Firewall and system security | Security of local, wide, and metropolitan area networks | Secure Data Exchange (SDE) protocol for IEEE 802, ISO/IEC 10164 |
References
Çetinkaya, E.K., D. Broyles, A. Dandekar, S. Srinivasan and J.P.G. Sterbenz, 2013. Modelling communication network challenges for Future Internet resilience, survivability, and disruption tolerance: A simulation-based approach. Telecommunication Systems, 52:751-766. 10.1007/s11235-011-9575-4.
ISO, 2015. ISO/IEC 27033-1:2015 Information technology – Security techniques – Network security – Part 1: Overview and concepts. International Organization for Standardization (ISO). Accessed 22 November 2019.
Kizza, J.M., 2017. Guide to Computer Network Security. Springer. Accessed 20 December 2019.
Seattle Office of Emergency Management, 2019. Seattle Hazard Identification and Vulnerability Analysis. Accessed 25 October 2020.