Chapter 3: Copies

IN THIS SECOND section on basic Axioms, we overview methods for achieving privacy in terms of our interpersonal communication(s). Building on the security definitions established in the first section; we hereby characterise privacy as being concerned primarily with exposed-copies of the communicated datum (+ meta-data). Therefore cybersecurity vulnerabilities may be mitigated by social restriction—and protection—of such copies.

A second goal of this section is to list and classify, plus compare and contrast, the different kinds of threats, potential exploits and attack-vectors/surfaces/windows that may exist for a digital point-to-point communication system.

In simple terms we can characterise private communication as being concerned primarily with protection of ownership right(s) for datum-copies—or management of safe: storage, transfer and social-access for replicated datum(s) (+ meta-data).


Formula For Absolute Security

Once we recognise that any potential copy has to be either—a primary, secondary or tertiary one—then we can develop a formula for what we might term absolute security.

Absolute security—for a point-to-point communication instance—is the replication of a single instance (or primary-copy) of a private-datum from one socially restricted access-node to another [Axiom 12] [ref. Absolute Security:TARGET]. In other words, it is the single-copy-send of a datum from one party to another; whereby no—socially accessible—nth-party copies exist whatsoever (hopefully persistently—or on a long-term basis).

Likewise we can define partial/absent security as the existence of any unprotected—or nth-party accessible— primary/secondary/tertiary datum-copies [Axiom 13].

Both of these metrics—absolute and partial/absent security—are mutually-exclusive true/false values for any act of communication. It is obvious that just because a datum-copy has (apparently) been communicated with absolute security at one epoch; then that does not mean that such a status will necessarily be permanent.


Digital Media

Digital-media are electronic media used to store, transmit and receive digitised information; and may refer to any media that has been encoded in a machine-readable format. Digital-media—or simply media—can be created, viewed, distributed, modi ed and preserved on computers.

For our purposes we have compartmentalised media into three types: storage, transfer and access [Axiom 14].


Form And Content

A datum is a discrete pattern of meaning that may be transferred between minds (network access-nodes). A datum-copy is a particular instantiation of a datum’s pattern—that exists inside or (potentially) outside of a point-to-point communication system.

A copy has two primary aspects: firstly form (the encapsulating format)—or media of storage, communication/ delivery, and access; and secondly content (a representation with metrical, descriptive and selectional aspects) [Axiom 15].

Creation of a datum-copy involves instantiation of form in place and time (i.e. illustration of content in the real and/or virtual worlds—and ultimately in a human mind). A datum-copy has a natural owner—often the sender/creator of the datum [Axiom 16]. Ownership rights include protection of social access (e.g. secrecy, privacy, openness) for the copy—in terms of who can see, know and/or change the content and/or form of the copy (ref. new owner(s)/user(s)) [Axiom 17].

When we speak of—a datum-copy being hacked and/or a data-breach/system-exploit occurring—that is defined as unwarranted social access to the informational content of the datum (i.e. loss/change of privacy status) [Axiom 18].

It may be that loss of privacy—extends also to aspects of the copy’s form, but for the datum itself loss of privacy relates to—and consists of—purely informational content.

 

Infographic_C7

SCF 1.0 – InfoGraphic C

Aetiology Of a Datum-Copy

Source: ‘The Science Of Cybersecurity’ (2017) – by Alan Radley

Privacy Status

All kinds of hardware/software, networking and social influencing factors can affect the privacy status of a primary, secondary and/or tertiary copy. Potential vulnerabilities include exposed: user IDs, logins, passwords, and private encryption keys, meta-data etc; and each may contribute to privacy breaches.

We are now in a position to classify the different ways in which a hacker could potentially gain unwarranted access to a primary, secondary or tertiary copy of a private-datum. Obviously, in order to improve the security of any communication system; one seeks to reduce the number of—attack-surfaces/windows—and related attack-vectors (for datum-copies)—and so to minimise the opportunities for break-ins to an (ostensibly) secure network.

Accordingly, we now define the principal ways in which a nominal—or generalised—communication system may be compromised; and hence result in a data-breach.

At least eight kinds of hacking/spying/eaves-dropping methods are possible; as detailed below in the list of networked system hacking methods.


Absolute Security Target / Methods

The Absolute Security: TARGET—for a point-to-point communication system—is the replication of a single instance (or primary-copy) of a datum—from one socially restricted access-node to another. In other words, it is the single-copy-send of a datum from one party to another; whereby no—socially accessible—nth-party copies exist whatsoever (hopefully persistently).

Absolute Security: METHODS—are continually working security: systems, rules, actors, networks, programs, defences and human/automatic operational procedures etc; that protect: an Absolute Security TARGET.


Network System Hacking Methods

A basic list of network System hacking methods is given below:

  • Cloud provider legal request—‘back-door‘ —primary/secondary copy
  • Transmission provider legal request —primary/secondary copy
  • Transmission line reconstruction (remote) —tertiary copies
  • Communications hacking (local and remote) —primary/secondary copy (+ tertiary copies?)
  • Communications eavesdropping (environment) —primary/secondary copy (+ tertiary copies?)
  • Cloud account hacking—‘front-door‘ —primary/secondary copy
  • Physical device hacking —primary/secondary copy
  • Physical device data replication —primary/secondary copy

(See later discussions for Threat Taxonomies and Effective Countermeasures).

Obviously, depending upon the nature of a particular breaching technique, different impacts arise—on the primary, secondary and/or tertiary copies—as to whether or not a system is vulnerable at any particular place/time. Dependent variables include: degree of access of the attacker to local resources, relationships of attacker to/with ‘nth’ parties, motivations/capabilities of attacker, attack/defence techniques, system and network vulnerabilities, and the capabilities/legal operating frameworks—plus assumptions—of all the parties involved.

Note that for the purposes of our analysis, we make no distinctions (legal, ethical or otherwise) between an ordinary attacker; and one who may possess any supposed: legal, moral, and/or ethical right(s); in relation to gaining unauthorised access to a private-datum (see Axioms C).

Finally, and given what’s been said; I do find myself wondering how—or even if—it is possible to mount an effective defence—permanently—against any and all cyber-attacks and unwarranted access methods.