YOU MAY SOMETIMES hear a security professional say something like: ‘in the field of information security— there are no absolutes— except that there are no absolutes’—or words to that effect. Perhaps these same people do not realise that this statement is, in actual fact, an example of circular reasoning—or a logical statement that restates the premise as the conclusion.
What I think these same experts are alluding to— is the impossibility of making any absolute security predictions; or attaining perpetual—ever-lasting—security protection in relation to information that is stored/transferred by means of networked computers. Such an interpretation is correct—because security is (and always has been throughout history) an arms race between those who seek to protect information and those who seek to circumvent those protections.
Today’s best ciphers will doubtless be trivially broken in the future at some point. However, it seems that the dissent surrounding the word “absolute” is due to varied interpretations of what it actually means.
In this section I would like to define “absolute” in the context of security literature.
Need For Metrics
Let us begin by assuming that the term ‘Absolute Security’—alludes to a system that is permanently impregnable for all time (i.e. it can never be broken into). That is not what I am claiming here for the meaning of the term Absolute Security—and for several reasons.
Earlier I had defined security as protection of Privacy Status for an item; and Absolute Security (for a private-copy existing on a networked communication system) as single-copy-send—or no access whatsoever for unsafe-actors.
Wherein Absolute Security is a kind of ruler or metric—one that indicates/reflects the specific Accessibility (or Privacy) Status for the datum-copy. An item is absolutely secure when it is—at the present epoch—out of reach of any unsafe actors—and there are no illegitimate copies.
Henceforth, I would suggest that Absolute Security is a measurable protective status—and one that does not have to be possible—or permanent— in order for it to be a valid goal or metric in relation to a copy. Accordingly, we have neatly moved emphasis away from systems—and onto datum-copies—in accordance with the basic theme of the present theory (security = protecting copies).
Evidently, computing systems are extremely complex, varied and changeable—and many uncertainties can be the case for a datum-copy existing in a networked computing environment (even an ostensibly protected one).
It follows that the Privacy Status for any item on a networked computer system—is a situation-specific property that may (quite possibly) change over time.
However this does not mean that we should adopt an attitude whereby we just shrug our shoulders whenever a leak/data-breach occurs. And then make the excuse that when it comes to security there are no absolutes—or even idealised metrics with which to judge security status. Systematic security is therein misrepresented as (forever) a contradiction in terms—something not even worthy of comprehensive definition and/or accurate measurement.
A clear security target is required in order to have any chance of discovering whether we have attained it—or lost it—and why!
Surely we cannot be expected to just passively await the arrival of evil tidings in the form of system exploits— without full knowledge of what is the key goal/measure of communications security (single-copy-send).
Unsurprisingly, such an ‘no-absolutes’ attitude pre-shadows a built in excuse for the designers of security systems. It gives them a get-out-clause; because they do not have to explain why or how the security targets failed—and because there are none—or at least highly specific ones like single- copy-send—complete with appropriate logical happenings.
We may conclude that successful exploits are not the result of a lack of absolutes in security—that is a wholly illogical argument—and because it renders uncertainty/lack-of-knowledge/poor-defences as a valid excuse for failure. Whereby we put the symptom ahead of the cause.
Rather we must accurately define continuous security as the goal—which is itself a type of absolute—or how else would you define successful protection of privacy—but as a kind of temporary permanence to be constantly achieved.
Please note, that I am not claiming here that we cannot have zero-day-exploits—or unknown-unknowns in terms of system design/operation(s)— but rather that we should wake up and smell the gunpowder.
We must seek to identify bone-fide explanations for our security failure(s)—and not hide behind logical-conundrums/meaningless-mantras. Rather, we embrace the truth—that it is a complete lack of precise, logical and measurable—security targets that holds us back.
Absolute Security and Copies
As stated, on this site we are dealing primarily with the information communication aspects of a Security System (i.e. Media of Storage, Transfer and Access)—and ignoring (for example) Command and Control.
As a result we have categorised Cybersecurity as being all about Datum Copies. In other words, Copies of Client Data (Datums) held on, and transferred between Communication Node(s), and associated Gateways or Entry-Methods/Entry-Items such as: Encryption Keys, User IDs, Logins and passwords etc.
In fundamental terms, any Security Audit asks:
- Where are the Copies?
- How many Copies exist?
- Who/what protects each Copy?
- Who/what controls each Copy?
- Who/what can access each Copy?
- What is the lifetime of each Copy?
Two special facets determine whether or not Absolute Security is achieved for any particular Copy; named as a Copies Security Status and Privacy Status. Both types of status may be known or unknown.
Security-related copy facets:
- A Copies Security Status reflects the protection status of its Privacy Status; and can be either protected or unprotected.
- A Copies Privacy Status can be either legitimate (controlled solely by Legal/Safe Actor(s)) or illegitimate (controlled by Illegal/Unsafe Actor(s).
A Copies legitimate Privacy Status exists in one of three distinct and non-intermediate states; named as Open, Private and Secret.
For Absolute Security – Each Copy has a Privacy Status that is:
- Known – On each System/Media: the Legal Owner controls the Privacy Status.
- Protected – On each System/Media: we Lock, Block, Conceal all Entrance Gateways or Accessibility Pathways (for Illegal/Unsafe Actor(s)).
- Legitimate – On each System/Media: no Illegitimate copies exist.
Need For Absolutes
In conclusion, we need absolutes—and the concept of Absolute Security—not because it is a nieve dream-like state of system/data safety. We need the target(s) and method(s) of Absolute Security because these are idealised goal(s)—or assurance objective(s)—and reflect the very status values that we seek to measure our success and/or failure against.
We could choose another grouping of words to represent the goal of continuous security (i.e comprehensive security). Nevertheless the underlying security metric is the same—a system that strives towards ideal and (hopefully) attainable long-term security protection for our private information.