Attacks on security of a computer system or network are best characterized by viewing the function of the computer system as providing information. In general , there is a flow of information from a source, such as a file or a region of a main memory , to a destination, such as another file or a user.The four general categories of attack are as follows.

An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability.Examples include destruction of a piece of hardware ,such as hard disk, the ctting of a communication line , or the disabling of the file management system.

An unauthorized party gains access to an asset. This is an attack on confidentiality. The unauthorized party could be a person , a program, or a computer. Examples include wiretapping to capture data in a network, and the illicit copying of files or programs.

An unauthorized party not only gains access to but tampers with an asset. This is an attack on integrity. Examples include changing values in a data file, altering a program so that it performs differently, and modifying the content of messages being transmitted in a network.

An unauthorized party inserts counterfeit objects into the system .This is an attack on authenticity. Examples include the insertion of spurious messages in a network or the addition of records to a file.