TABLE OF CONTENTS Notification comes in many forms. One can notify another system, subsystem, or even a person that an event is occurring. All notification processes require an event to occur, which determines that something is right or wrong. The destination of the notification process may itself fall under attack, which leads us to redefine the standard processes by which notification events can and should occur.
Here we review the standard methods of notification and how they fail to get the job done. We can see from methods of implementing always on communications that it is possible to detect deviations based on the absence of communication, but it is an expensive method to ensure security of the notification process.
We will now revisit some concepts introduced in the software section, namely the concept of enveloping. When a target is enveloped, that entails that the communication lines that exist between the target and external sources are compromised. The notification subsystems of security devices are prone to spoofing and blocking attacks.
Suppose we have a security system that dials the police or a security agency when an alarm is sounded. Despite all precautions, the security system fails because the external communication lines are cut. Newer variations of security systems will perhaps use alternate means of communication should the lines fail. However, if the telephone lines were merely rerouted or intercepted, the security system would not be able to assert that the communication failed. Especially if the attackers knew the protocols...
