IF WE ARE to establish a new Science Of Cybersecurity, then it is vitally important to be certain that we are founding—or building—upon a firm substructure. In normal scientific language, the foundation, or basis of any argument is named as the hypothesis, and is often a subject’s supposition, or primary subject-matter.
Ergo, before we can attempt to discuss what a Cybersecurity Science is, could or should be; and explore the nature of this area of computer science; we must first establish a clear idea of what is meant by the term data/information security.
A simple security model is the CIA Triad; standing for Confidentiality, Integrity and Availability. In this context, confidentiality (equivalent to privacy) is a set of rules that limits access to information; integrity is maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle, and availability is a guarantee of reliable access to the information by authorised people.
SCF 1.0 – InfoGraphic M
The CIA Triad
Source Of CIA Triad:
Origins of the CIA Triad are lost in the mists of time. We do see references in the InfoSec Community to the CIA Triad during 1990s. But the concepts of confidentiality, integrity and availability of information have been used by war generals for quite some time; for instance, Julius Caesar operated along these lines during the Gallic Wars. N.B. The CIA Triad does not have anything to do with the US Central Intelligence Agency!
Whilst all three elements of the CIA Triad are crucially important in any Information Security scenario whatsoever; in truth Cybersecurity is normally understood to be concerned more with data privacy. In other words—Cybersecurity deals with aspects of just two facets, confidentiality and availability; whilst leaving the third (data integrity) to be dealt with by broader system reliability concerns.
Ergo, here on the ScienceOfCybersecurity.com we are concerned with aspects of the confidentiality and availability of private and secret data.
Before we can begin to discuss Cybersecurity, we must define our primary topic…
CYBERSECURITY—The state of being protected against criminal or unauthorised use of electronic data, or the measures taken to achieve this.
Whereby all illegitimate actor(s)—the unwarranted human plus machine actor(s), and their helper(s)—are prevented from Accessing (ie. Finding, Contacting and Knowing) a private/secret datum’s Form and/or Content. Protection involves use of security protocols/mechanisms for Locking, Blocking and Concealing all system access gateways.
In summary, Cybersecurity is the protection of social accessibility status for an item of meaning—or a Datum—and as such refers to the protection of secrecy, privacy or openness of meaning; or the safe transfer/storage/access of single/multiple Datum(s) between/for human(s).
Do not worry if you find the above definition(s) of Cybersecurity complex, overly-technical and/or opaque. In truth, we have jumped ahead of ourselves by several leaps. In fact, the primary goal of this site (e.g. SCF theory sections under the Science tab) is to provide an adequate definition of Cybersecurity; including all of its terms, concepts and principles etc. We simply offered up the above definition(s) at this stage, in order to give the reader a preview of where we are headed.
Let us now begin—with a look at the central issues of Cybersecurity Science…
We base our Cybersecurity treatise on 3 founding arguments (or premises):
[A] AN OBSERVATIONAL PLUS DESCRIPTIVE SCIENCE: Cybersecurity is impossible to develop as a logical subject of study—without first establishing an observational plus descriptive science that identifies what we are dealing with in the first place. Ergo, we become able to know what kinds of phenomena to look for, measure, model and control.
Accordingly, desired is a science that focusses on definition, classification, axioms and establishing taxonomies of threats and countermeasures—plus topic: structure/relationship ‘maps’ for all relevant concepts, events, processes and objects etc.
For an extended discussion in relation to our scientific method, see the section under Hypothesis: Premise A: An Observational Plus Descriptive Science.
[B] SUBJECT OF STUDY: Cybersecurity is defined as the protection of social accessibility status for an item of meaning—or a Datum—and as such refers to the protection of secrecy, privacy or openness of meaning; or the safe transfer/storage/access of single/multiple Datum(s) between/for human(s).
Legitimate social accessibility status can only exist in one of three distinct and non-intermediate states; named as Open, Private and Secret (for illegitimate types—see expanded discussion under the THEORY sections).
In accordance with the aforementioned principal statement of Cybersecurity theory; the founding principles for the entire subject of Cybersecurity are established as, and wholly contained within, the Science Of Cybersecurity Framework or SCF (Version 1.0)— which consists of a specific list of Axioms and associated Lexicon definitions.
For an extended discussion in relation to the terms Open, Private and Secret, see the section under Hypothesis: Premise B: Subject Matter – Secrecy and Privacy Status.
[C] CYBERSECURITY METRICS: It is our contention that for a practical science—such as Cybersecurity—it is important to establish appropriate and clearly defined targets.
Accordingly, we recognise continuous security as the key goal—whereby—we establish Absolute Security is a kind of ruler or metric—being one that indicates/reflects the specific (time-bound) social accessibility (or Privacy) Status for a nominal datum-copy. An item is absolutely secure when it is—at the present epoch—out of reach of any unsafe actors—and there are no illegitimate copies.
Henceforth, Absolute Security is a (potentially) measurable protective status—and one that does not have to be indisputably knowable/possible/true—or permanent—in order for it to be a valid goal or metric in relation to a Datum copy. Ergo, we have neatly moved emphasis away from nebulous and ill-defined talk of ‘systems’ security—and onto datum-copies—in accordance with a basic theme of the present theory (security = protection of datum copies).
Consequently, we define an Absolute Security TARGET [SCF Axiom 12]—for a point-to-point communication system—as the replication of a single instance (or primary-copy) of a datum—from one socially restricted access-node to another. In other words, it is the single-copy-send of a datum from one party to another (note: may be the same party in another place/time); whereby no—socially accessible—nth-party copies exist whatsoever (hopefully persistently).
Absolute Security METHOD(S) [SCF Axiom 62]—are continually working security: systems, rules, actors, networks, programs, defences and human/automatic operational procedures etc; that protect: An Absolute Security TARGET.
For an extended discussion in relation to the term Absolute Security, see the section under Hypothesis: Premise C: Metrics – Absolute Security.
In summary, one can state that the entire subject matter of Cybersecurity, relates to a deliberate attempt to establish clear, valid, plus quantifiable social accessibility targets—or metrics—for any Cybersecurity System whatsoever.
Whereby we in turn become able to know which specific features and events/processes to implement, allow, prevent and measure in a practical security system. Accordingly, we learn how to install valid security systems; and in order to produce effective countermeasures for any and all known/possible Cyberthreats.