Definition Of Absolute In The Context Of Security
You may sometimes hear a security professional say something like: ‘in the field of information security— there are no absolutes— except that there are no absolutes’—or words to that effect. Perhaps these same people do not realise that this statement is, in actual fact, an example of circular reasoning—or a logical statement that restates the premise as the conclusion.
What I think these same experts are alluding to— is the impossibility of making any absolute security predictions; or attaining perpetual—ever-lasting— security protection in relation to information that is stored/transferred by means of networked computers. Such an interpretation is correct— because security is (and always has been throughout history) an arms race between those who seek to protect information and those who seek to circumvent those protections.
Today’s best ciphers will doubtless be trivially broken in the future at some point. However, it seems that the dissent surrounding the word “absolute” is due to varied interpretations of what it means. In this essay I would like to fully define “absolute” in the context of security literature.
Need For Metrics
Let us begin by assuming that the term ‘Absolute Security’—alludes to a system that is permanently impregnable for all time (i.e. it can never be broken into). That is not what I am claiming here for the meaning of the term Absolute Security—and for several reasons. Earlier I had defined security as protection of Privacy Status for an item; and Absolute Security (for a private-copy) as single-copy-send—or no access whatsoever for unsafe-actors.
Wherein Absolute Security is a kind of ruler or metric—one that indicates/reflects the specific Accessibility (or Privacy) Status for the datum-copy. An item is absolutely secure when it is—at the present epoch—out of reach of any unsafe actors— and there are no illegitimate copies.
Henceforth, I would suggest that Absolute Security is a measurable protective status—and one that does not have to be possible—or permanent— in order for it to be a valid goal or metric in relation to a copy. Accordingly, we have neatly moved emphasis away from systems—and onto datum-copies—in accordance with the basic theme of the present theory (security = protecting copies). However any copy-related insecurity must be the result of system failure(s)—so how/where do these problems arise?
Evidently, computing systems are extremely complex, varied and changeable—and many uncertainties can be the case for a datum-copy existing in a networked computing environment (even an ostensibly protected one). It follows that the privacy status for any item on a networked computer system—is a situation-specific property that may (quite possibly) change over time.
However this does not mean that we should adopt an attitude whereby we just shrug our shoulders whenever a leak/data-breach occurs. And then make the excuse that when it comes to security there are no absolutes—or even idealised metrics with which to judge security status. Systematic security is therein misrepresented as (forever) a contradiction in terms—something not even worthy of comprehensive definition and/or accurate measurement.
Inevitably, security experts encourage us all to install protective mechanisms, but often without providing the concordant means to adequately adjudge/measure if they are, in fact, working. It would seem essential to first-of-all define the security goal for a private datum-copy—being Absolute Security (i.e. single-copy-send for a specific communication instance). A clear security target is required in order to have any chance of discovering whether we have attained it—or lost it—and why!
Surely we cannot be expected to just passively await the arrival of evil tidings in the form of system exploits— without full knowledge of what is the key goal/measure of communications security (single-copy-send). Unsurprisingly, such an ‘no-absolutes’ attitude pre-shadows a built in excuse for the designers of security systems. It gives them a get-out-clause; because they do not have to explain why or how the security targets failed—and because there are none—or at least highly specific ones like single- copy-send—complete with appropriate logical happenings.
We may conclude that successful exploits are not the result of a lack of absolutes in security—that is a wholly illogical argument—and because it renders uncertainty/lack-of-knowledge/poor-defences as a valid excuse for failure. Whereby we put the symptom ahead of the cause. Rather we must accurately define continuous security as the goal—which is itself a type of absolute—or how else would you define successful protection of privacy—but as a kind of temporary permanence to be constantly achieved.
Please note, that I am not claiming here that we cannot have zero-day-exploits—or unknown-unknowns in terms of system design/operation(s)— but rather that we should wake up and smell the gunpowder.
We must seek to identify bone-fide explanations for our security failure(s)—and not hide behind logical-conundrums/meaningless-mantras. Rather, we embrace the truth—that it is a complete lack of precise, logical and measurable—security targets that holds us back.
Accordingly, we hereby define:
A) The Absolute Security Method(s) for a communications system as consideration of every aspect of security to produce an all-round system that works coherently as a whole against all types of attacks, using the full gamut of known defensive techniques.
We do not mean that the system is permanently impregnable for all time (i.e. that it can never be broken). Absolute Security is an attainable ideal (potentially), with a robust theoretical footing to back up its practicality and achievability.
We also provide a second related definition (communications security domain):
B) The Absolute Security Target for a private datum-copy is defined as single-copy-send— whereby it is the communications system’s Absolute Security Method(s) that helps to deliver the same. Note that both definitions are ideal status metrics to be achieved and not permanent features that somehow self-perpetuate.
Now whenever we begin to speak of any aspect of data/information gathering, organisation, manipulation and/or communication etc; we are dealing with computers and related topics.
Typically present are five fundamental categories of computing operations:
- PROCESSING—deals with aspects of data entry, gathering, movement, combination and transformation (local/remote);
- STORAGE—deals with aspects of data permanence and preservation (local/remote);
- PRESENTATION—deals with aspects of data connection, visibility and display (local/remote);
- COMMUNICATION—deals with aspects of data transfer between networked devices and/or computers (local/remote);
- COMMAND AND CONTROL—deals with aspects of the automatic, semi-automatic, plus remote control, of networked devices (systems/machines/mechanisms) and/or computers (local/remote).
Obviously in a real-world system these categories do interrelate—often in complex ways—and it is difficult, if not impossible, to separate one domain from another. However for the purposes of analysis and initial clarity of thought, it is useful (at first) to deal with each domain separately—whilst recognising that the design of a real-world security system inevitably involves analysing the features and interrelationships amongst all computing domains together.
As explained under the Science section of this site; two key Axioms can help us to analyse and map any Security System; and these are defined thusly:
SECURITY—for a private, secret and/or open datum is the preservation of social accessibility status (or privacy status)—by means of protection of said datum’s status. Put simply, Security is defined as protection of the Social Accessibility Status of an item [Axiom 5].
SOCIAL ACCESSIBILITY STATUS (PRIVACY STATUS)—The ability of a person to see, know and/or change a datum’s form and/or content [Axiom 6].
Absolute Security and Copies
As stated, in this section we are dealing solely with the information aspects of a Security System (i.e. Media of Storage, Transfer and Access)—and ignoring (for example) Command and Control. As a result we have categorised Cybersecurity as being all about Datum Copies. In other words, Copies of Client Data (Datums) held on, and transferred between Communication System(s), and associated Gateways or Entry-Methods/Entry-Items such as: Encryption Keys, User IDs, Logins and passwords etc.
In fundamental terms, any Security Audit asks:
- Where are the Copies?
- How many Copies exist?
- What is the lifetime of each Copy?
- Who/what controls each Copy; and Who/what can access each Copy?
Remember, that a Copies Security Status can be either Protected or Unprotected; and its Privacy Status can be either Legitimate (controlled solely by Legal/Safe Actor(s)) or Illegitimate (controlled by Illegal/Unsafe Actor(s). Both types of status may be Known or Unknown. The rightful owner of a Copy may not know its true Security or Privacy Status (e.g. you might not know if —or when/how—you have been hacked)!
For Absolute Security – Each Copy has a Privacy Status that is:
- Known – On each System/Media: the Legal Owner controls the Privacy Status.
- Protected – On each System/Media: we Lock, Block, Conceal all Entrance Gateways.
- Legitimate – On each System/Media: no Illegitimate copies exist or can be made.
Peer-To-Peer and Cloud Systems
A typical Cloud System has a central-server (which performs the task of managing Copies held on a Media of Storage, Transfer and Access). Now these same Copies may be Absolutely Secure if the System has been designed with appropriate protective measures. Unfortunately however the job of protecting each Copy is quite a complex and long-lived task. With a typical Cloud System Copies are replicated to all kinds of Secondary Networks (e.g. organisation copies, transfer copies, central server copies etc)—and each one with multiple Gateways to protect. As a result determining the Security Status of all these Copies is by no means easy.
Plus with a Cloud System the number of Copies may be gradually increasing over time due to ongoing replication processes. To say nothing of the fact that protecting the Privacy Status of a great many Copies is a far more difficult task to achieve with certainty. We must conclude that with Cloud Systems, determining if a Copy has been communicated/stored/used with Absolute Security is a difficult task that potentially continues indefinitely into the future.
However when using a Peer-To-Peer (P2P) file-transfer system such as KeyMail—copies are transferred by Direct Transfer (P2P method using end-to-end multi-encryption) or in other words the file is communicated by: Single-Copy-Send. As a result—ALL COPIES (TWO ONLY)—achieve Absolute Security with apparent ease (and are presumably protected and safe so as long both the Primary Copy and Secondary Copy are Secure on related Transfer, Storage and Access Media).
In this section we have characterised Security as being concerned primarily with protection of ownership right(s) for datum-copies—or management of safe: storage, transfer and social-access for replicated datum(s) (+ meta-data). However whilst we have ostensibly focussed on Communications Security; we do think that a similar logical approach can be adopted when analysing the other computing domains; and in turn for the complex job of assessing all such domains together.
Need For Absolutes
In conclusion, we need absolutes—and the concept of Absolute Security—not because it is a nieve dream-like state of system/data safety. We need the target(s) and method(s) of Absolute Security because these are idealised goal(s)—or assurance objective(s)—and reflect the very status values that we seek to measure our success and/or failure against.
We could choose another grouping of words to represent the goal of continuous security (i.e comprehensive security). Nevertheless the underlying security metric is the same—a system that strives towards ideal and (hopefully) attainable security protection for our private information.