Given below is a comprehensive dictionary of Cybersecurity terms, concepts and word definitions for SCF 1.0; which is to be used in conjunction with the associated list of all the principal Axioms of Cybersecurity.
N.B. This list contains over 60 new Cybersecurity: terms, definitions, concepts and principles (listed in lower case)—coined initially in the book: “The Science Of Cybersecurity – A Treatise on Communications Security ‘ —whereby industry standard terms are capitalised.
Absolute Security [TARGET]—for a point-to-point communication system—is the replication of a single instance (or primary-copy) of a datum—from one socially restricted access-node to another. In other words, it is the single-copy-send of a datum from one party to another; whereby no—socially accessible—nth-party copies exist whatsoever (hopefully persistently).
Absolute Security [METHOD(S)]—are continually working security: systems, rules, actors, networks, programs, defences and human/automatic operational procedures etc; that protect: An Absolute Security TARGET.
Access—Ability of an actor (or human) to see, know and/or change an item.
ACCESS CONTROL—Restricting access to resources to privileged entities.
Access-Device—Physical access device that enables a human to gain entry into a primary/secondary/tertiary network (i.e. a personal computer).
Access-Node—Virtual access gateway (login-node/ point-of-entry) for a primary/secondary/tertiary network.
ACCESS-MANAGEMENT—Protective methods for specific network access-node(s)—may involve management of User Identity, Secret Passwords etc—and the creation of protective techniques and armoured access-gateways for the system.
Access-Media—is a hardware/software system that enables an actor to see, know and/or change a copy’s form and/or content.
Access-Gateway—consists of one or more access-nodes and/or exposed attack-surface(s)—for a primary, secondary or tertiary copy. The gateway is comprised of a group of hardware/software elements that together form an ‘entrance aperture’ for actor pathway(s). The gateway may be—open or shut—protected or unprotected—at any particular place/ time—and for specific actor(s)/attack-vector(s)—and by means of access/locking mechanism(s).
Actor-Coherence (Defence)—is when all of the actors, entities and processes—present in a primary-network’s data-processing stack—are impelled to act together in order to protect the private datum-copy’s form and/or content from unwarranted social access (hopefully for all places/times).
Actor-Integrity—Unity of (data-processing) action (for all actors on the data-processing stack).
Actor Unity-of-Purpose—Unity of purpose and/or design (for all actors on the data-processing stack).
ALGORITHM—A series of instructions whereby a mathematical formula is applied to the numeric representation of a message in order to encrypt or decrypt it.
ATTACK-SURFACE—is an exposed facet/system entry-point for a datum-copy, existing on a primary-network’s data-processing stack, and which (potentially) facilitates unwarranted social access to a private datum-copy’s content and/or form.
ATTACK-VECTOR—is a specific data-processing path, existing on a primary-network’s data-processing stack—which (potentially) provides unwarranted social access to a private datum-copy’s content and/or form.
AUTHENTICATION—The process of verifying the sender or receiver as well as the contents of a communication. Conveyance, to another entity, of official sanction to do or be something.
BACK-DOOR—is an access-gateway provided by a primary-network vendor—that (possibly) enables one or more actors to bypass network security system(s) and obtain unauthorised access to private datum(s).
BEHOLDER’S SHARE—Art historian Sir Earnest Gombrich (1909-2001) first defined the “beholder’s share”—which states that our perceptual experience—depends on the active interpretation of sensory input. Perception becomes a generative act, one in which biological and sociocultural influences conspire to shape the brain’s ‘best guess’ of the causes (and meaning) of its sensory signals—or in our terms the meaning of the symbolic message being communicated. In the context of security systems—the Beholder’s Share refers to methods for protecting meaning gateway(s) by means of secret/private modal contexts/interpretation(s) for communicated datum(s).
BINARY—having two components or possible states, usually represented by ones and zeros in varies patterns.
BIT—the smallest unit of information in a computer. Equivalent to a single zero or one.The word bit is a contraction of binary-digit.
CENTRAL-SERVER (Network)—Refers to cloud-server networks; such as email, Dropbox, Facebook, Twitter etc; in which all of the communicated data is relayed by—and stored on— centralised storage facilities.
CERTIFICATION—Endorsement of information by a trusted entity. CASTLE-DEFENCE—See Depth-Defence definition. CLOUD—See Central-Server definition.
CODE—(French, Latin: ‘tree-trunk, ‘writing tablet’)—A method of concealment that may use words, numbers or syllables to replace original words/ phrases of a message. Codes substitute whole words whereas ciphers transpose or substitute letters or digi-graphs. Also a disguised way of evoking meaning (non-symbolic obfuscation).
CODEBOOK—Either a collection of code terms or a book used to encode and decode messages.
CODE-NAMES—Name concealments for a person or object/item/datum etc.
Code-numbers—Numbers that function like codewords when they replace the words of a plaintext message.
CODE-TEXT—The result of encoding a given communication (the plaintext). Similar to cipher-text, code-text differs mainly in that a code, rather than a cipher, conceals the text.
Coding—is defined as the generation of descriptive and/or selectional layers for a representation.
Copy—Shorthand for Datum-Copy.
Content (Datum-Copy)—refers to the meaning content of a communicated datum. A representation (or datum) may have metrical, descriptive and selectional aspects—which work together to convey meaning.
COMMUNICATION (Human)—Transfer of discrete package(s) of meaning—messages—between people; or the one-to-one replication of datum(s) between minds + nominal meta-data (perhaps).
COUNTERMEASURE—Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. Intrusion Prevention Systems (IPS) commonly employ countermeasures to prevent intruders form gaining further access to a computer network. Other counter measures are patches, access control lists and malware filters.
CRYPTOGRAPHY—is defined as a secret manner of writing, either by arbitrary characters in other than the ordinary sense, or by methods intelligible only to those possessing a (private) key.
CYBER—Relating to or characteristic of the culture of computers, information technology, and virtual reality: the cyber age.
CYBER-ATTACK—An attempt by an unauthorised actor (person or computing agent)—to penetrate a digital system’s security and gain unwarranted access to private/secret datum(s) contained therein.
CYBER-SECURITY—The state of being protected against criminal or unauthorised use of electronic data, or the measures taken to achieve this. Whereby all illegitimate actor(s) (i.e. unwarranted human plus machine actor(s), and their aid(s)/helper(s)) are prevented from Accessing (ie. Finding, Contacting and Knowing) a private/secret datum’s Form and/or Content. Protection involves use of security protocols/mechanisms for Locking, Blocking and Concealing all system access gateways. In summary, Cybersecurity is the protection of social accessibility status for an item of meaning—or a Datum—and as such refers to the protection of secrecy, privacy or openness of meaning; or the safe transfer/storage/access of single/multiple Datum(s) between/for human(s).
CYBER-THREAT—-the possibility of a malicious attempt to damage or disrupt a computer network or system. Example usage: “the FBI has opened an investigation to address the potential cyberthreat”.
CYPHER—a secret or disguised way of writing (symbolic obfuscation).Also a method of concealment in which the primary unit is the letter.
CIPHER ALPHABET—An alphabet composed of substitutes for the normal alphabet or the particular alphabet in which the cipher is written.
CLEAR TEXT—A communication sent without encoding or encryption. Such messages are also called in clear; or sometimes in plain language.
CRYPTOGRAM—An encoded or enciphered message.
Cypher-Matching—Security protocol for defending a network communication instance—whereby (prior to sending any private information/datum(s)) the sender access-node asks the receiver access-node to decrypt and answer a specific (secret) question—and in order to establish the identity of the receiver with a reasonable degree of confidence (developed/invented by Alan Radley).
CYPHER-TEXT—In cryptography, cypher-text is the result of encryption performed on plaintext using an algorithm, called a cipher.The new enciphered communication is the cipher-text.
DATA INTEGRITY—Ensuring information has not been altered by unauthorized or unknown means.
Data-Processing Stack—the sum total of all the actors, entities and processes etc; existing on—and/or potentially influencing—a primary- network’s communication ‘pipeline’.
Datum—any idea or thing is a pattern of meaning, an abbreviated description, definition or set of ‘facts’ concerning the thing in question; typically prescribing an event, object, feeling, etc.; in token of, as a sign, symbol, or evidence of something.
DEFENCE-IN-DEPTH—an approach to comprehensive information security—whereby network privacy is protected by means of nested protective layers—and the same—which may include stealth defences for closing/blocking/camouflaging access-gateways, plus multiple layers of encryption/coding and layered symbolic, meaning and selectional gateways etc.
Descriptive Content—refers to matching each symbol in a representation to its specific meaning—and according to the common descriptive language employed.
Descriptive Attack-Surface—Relates to Descriptive Content— whereby notably the sender and receiver may be using an obscure coding language whereby the symbol-to-meaning relationship is protected (i.e. red means big etc).
Datum-Copy—is a particular instantiation of a datum’s pattern— that exists inside or (potentially) outside of a point-to-point communication system. Creation of a datum-copy involves instantiation of form in place and time (i.e. illustration of content in the real and/or virtual worlds). A datum-copy is a particular instantiation of a datum’s pattern—that exists inside or (potentially) outside of a point-to- point communication system.
Datum Meaning—refers to the de-coded meaning content present in a datum’s content; or to the specific ideas/concepts that are to be conveyed.
DIGI-GRAPH (Greek: di, ‘twice’ + graphic, ‘to write’)—An encipherment in which the plain-text is written using letter pairs.
DISTRIBUTED TRANSPORT—refers to the process of distributed transport for digital packets—whereby in terms of a single point-to-point communication instance—data-packets are routed along different network paths—and hence through different servers (normally reflection servers).
ENCRYPTION (Symbolic)—Symbolic Encryption is the process of encrypting symbolic messages—or obfuscating datums consisting of patterns of symbols. Whereby information is encoded in such a way that only authorised parties can read it— typically by replacing/jumbling symbols according to a mathematical procedure which obscures the original symbolic pattern. In an encryption scheme, the intended communication of information, referred to as plaintext (i.e “Alan is tall”), is encrypted using a special algorithm, generating cipher-text that can only be read if decrypted (i.e.“Bmbo jl umm”).
ENTITY AUTHENTICATION / IDENTIFICATION—Corroboration of the identity of an entity (e.g a person, a computer terminal etc).
ENVIRONMENTAL SPYING—spying on the primary-network through leaking emanations, including radio or electrical signals and vibration(s) etc.
EXPLOIT (SECURITY SYSTEM)—An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability (via an Access Gateway) in order to cause unintended or unanticipated behaviour to occur on a computer system’s software, hardware, or something electronic.
Form (Datum-Copy)—A copy has two primary aspects: firstly form (the encapsulating media of storage/communication/delivery/access) and secondly—content (see definition).
FRONT-DOOR—is an open access-gateway that may be accessed by legitimate users; or else ‘hacked’ /broken-into by illegitimate users; ergo a front-door enables actors to bypass network security system(s) and obtain access to private datum(s).
GEOMETRIC PATTERNS—Configurations used to align, transpose or substitute alphabet letters with other letters, numerals or special forms such as those of symbol cryptography.
HACKING—In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment, or to evaluate those weaknesses to assist in removing them.
IDENTITY MANAGEMENT—describes the management of individual identities (matching unique and specific human(s))—and their authentication and authorisation—plus privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks.
Illegitimate Secondary Copy—is a secondary-copy that is/has-been created by an unwarranted party (or actor)— effectively a system hacker—the same being one who does not have permission to do the same, and/or to access the contained private datum(s).
INTERNET-PROTOCOL (IP)—is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Each access device on the Internet is assigned a semi-unique (but possibly temporary) IP address for the purposes of identification during local and remote communication(s).
Invitation-Only Network—A special type of network design in which members are required to invite each other onto respective private networks—whereby whilst the system may exist on an open network—communications on the invitation network cannot be made with non-members.
JARGON CODES—Open methods of linguistic concealment. A type of open code, the jargon code is not hidden by symbols or transposed letters. Rather, an innocent word or words replaces another term in a sentence constructed in an innocuous fashion.
KeyMail—Multi-encrypted P2P electronic mail protocol (developed by Alan Radley) that provides Absolute Security (ref. target and methods).
Legitimate Secondary Copy—is a secondary-copy that is/has-been created by a warranted party (or actor)—often the network system itself (e.g central-server copies) the same being one who has permission to do the same.
Local-Actor—A local-actor is a data processing unit—existing on a local access-device—comprised of either hardware and/or software elements—which (potentially) acts on a datum-copy’s form and/or content within the primary-network’s data-processing stack.
MAC ADDRESS—A unique identifier for a computer and/or other networked device (typically for use on an open-network such as the Internet).
MALWARE—is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software.
Meaning Gateway—an access-gateway that protects who (i.e. which human and/or automatic actor) can decode the meaning of a datum-copy’s inner datum(s). May consist of metrical (symbolic), descriptive, and selectional layers.
Memory Node—A computer node that acts as a storage medium for a Datum-Copy.
MESSAGE AUTHENTICATION—Corroborating the source of the information; also know as data origin authentication.
MESSAGE—The information pattern/ datum-content to be transferred.
Metrical Content—For any representation, notably, the metrical aspect—or pattern of atomic facts/ symbols—is always present— and works together with a descriptive aspect—to convey meaning.
Metrical Attack-Surface—Consists of a pattern of atomic facts/symbols used to convey meaning.
NSA—National Security Agency (USA).
Network-Actor—A network-actor is a data processing unit— existing on a remote networked-device—comprised of either hardware and/or software elements—which (potentially) acts on a datum-copy’s form and/or content within the primary-network’s data-processing stack.
NULL—A meaningless letter, symbol or number inserted into a code list or cypher alphabet. Nulls are used to complicate decryption efforts of unintended 3rd-parties; by disrupting sentence patterns, word lengths and the frequency of syllable groups.
ONE-TIME-PAD—In cryptography the one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random secret key (also referred to as a one-time pad). Then, each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the pad using modular addition. If the key is truly random, is at least as long as the plaintext, is never reused in whole or in part, and is kept completely secret, then the resulting cipher-text will be impossible to decrypt or break. However, practical problems have (often) prevented one-time pads from being widely used.The “pad” part of the name comes from early implementations where the key material was distributed as a pad of paper, so that the top sheet could be easily torn off and destroyed after use.
OPEN CODE—A code concealed in an apparently innocent message. Open codes are a branch of linguistically masked communications which includes null cyphers, geometric methods and jargon codes.
Open-Datum—is one that anyone may access—but open-thoughts are not a subject of this book (see Self-as-Computer).
Open-Network—refers to a network (such as the Internet) in which any number of access-nodes/devices may be connected and/or inter-communicate with few top-level rules—but only lower-level protocols. Traffic flows across an open network without any restrictions/controls.
PATTERN OBFUSCATION—refers to special encryption/coding/scrambling methods—employed to prevent spies from deducing information from patterns present in the copy.
PEER-TO-PEER or P2P NETWORK—such as Napster, BitCoin, BitTorrent etc; the same forming a distributed network of peer-to-peer nodes that render the communicated information directly available to network participants—without the need for centralised co-ordination. A key advantage of P2P is that ‘participating users establish a virtual network, entirely independent from the physical network, without having to obey any administrative authorities or restrictions.’
Partial Security—defined as a network which may possibly produce—or cause to come into existence—any unprotected—or nth-party accessible—primary/ secondary/tertiary datum-copies.
PERFECT SECURITY—is the notion that, given an encrypted message (or cipher-text) from a perfectly secure encryption system (or cipher), absolutely nothing will be revealed about the unencrypted message (or plaintext) by the cipher-text.
PERFECT FORWARD SECURITY—is a feature of specific key agreement protocols that gives assurances your session keys will not be compromised even if the private key of the server is compromised.
Physical Gateway—refers to access-gateways related to the copy’s physical representation—for example any gateways existing on media of storage, access and/or transport.
Physical Representation (Datum-Copy)—refers to an electronic/magnetic/optical ‘container’ for a datum-copy.
Primary-Copy—is a place-holder for a private datum of meaning—existing within the boundaries of a point-to-point communication system; whose content and form are restricted in terms of social access (i.e who can see, know & change the same); whereby the datum is (ideally) communicated via single-copy-send from the source point to any (and all) designated receiver point(s).
Primary-Network—is a provided point-to-point communication system; whereby a private access-node (the source point) exists on a networked access-device; which stores a primary-copy of a private-datum; prior to the single-copy-send of the same to a socially restricted access-node (the destination-point). A primary-network may create legitimate secondary-copies of the primary-copy.
PRIVACY—is defined as social restriction of an item (ie. an idea/thought/datum-copy etc) to two or more parties alone— whereby access to any related copies are protected/restricted for any and all other unwarranted persons/actors.
Private Communication—can be defined as protection of privacy of meaning; or the safe transfer of single/multiple datum(s) between humans.
Private-Datum—A private-thought/datum is distributed/available to a limited number of people; and hence some form of social sharing plus protection is implied; and in order to prevent it from morphing into an open-thought/datum.
Private-Thoughts—Thoughts which are shared amongst a restricted group of people.
Private-by-Guarantee—Maintenance of privacy for an item for an extended period of time—whereby there is no possibility of the item morphing into an open one—in terms of social access.
PUBLIC KEY ENCRYPTION—the (public) encryption key is published for anyone to use and encrypt messages. However, only the receiving party has access to the (private) decryption key that allows messages to be read.
Reflection (packet routing) Server—A server (existing on a communication network) which merely ‘reflect’s or directs packets from one location to another—and does not store any of these packets on the same server for extended periods of time.
SCRAMBLING (Data)—Jumbling and/or changing the order of a datum(s) symbols according to an (ostensibly) unreadable scheme and/or algorithm.
SCRAMBLING (Channel)—Jumbling and /or changing the order of a communication’s data packets according to an (ostensibly) unreadable scheme and/or algorithm.
Secondary-Copy—is a replication of a primary-copy—existing within (or outside) the boundaries of a point-to-point communication system—that may be legitimately produced by the communication process itself; and/or be illegitimately created as a result of the unwarranted activities of a hacker.
Secondary-Network—is a privileged-access network intimately connected to the primary-network’s communication pipeline; whereby copies of communicated private-datum(s) may exist on an nth-party organisational network and/or various local and/or central replication (backup) network(s). A secondary-network may contain legitimate replicated secondary-copies of primary-copies and/or other secondary-copies.
SECRET-KEY—In cryptography, a private or secret key is an encryption/decryption key known only to the party or parties that exchange secret messages. In traditional secret key cryptography, a key would be shared by the communicators so that each could encrypt and decrypt messages.
SECRET-KEY MANAGEMENT—Protective methods for a specific secret-key—in order to protect the key from unwarranted social access.
Secret-Datum—(analogous to a secret- thought)—which has not yet left the source point (or sender’s mind); and which is assumed to be unique in that nobody else can know (or discover) the precise form or content of the datum at the source point.
SECURITY—Accordingly, security—for a person-to-person communication system—can be defined as protection of secrecy, privacy or openness of meaning; or the safe transfer of single/multiple datum(s) between humans.
SECURITY BUG—A security bug or security defect is a software bug that can be exploited to gain unauthorized access or privileges on a computer system. Security bugs introduce security vulnerabilities by compromising one or more of:
- Authentication of users and other entities
- Authorisation of access-rights and privileges
- Data Confidentiality (Privacy, Secrecy)
- Data Integrity
Security bugs need not be identified nor exploited to qualify as such.
Selectional Content—refers to modal context(s) with respect to a representation—or modal constructive aspect(s) of the same.
Selectional Attack Surface—refers to a protective layer for any selectional (modal) context(s) present—and hence to the (potential) opening-up of any constructive aspect(s) for the representation.
Self-Computer—Merging of human(s) with computers, machines, systems and technology.
SEMAGRAM—A form of steganography, wherein encryptions are made of arrangements of objects, images, or symbols rather than by letters or numbers.
SHANNON’S MAXIM—(i.e. Kerckhoff’s principle); assume that: ‘the enemy knows the system’.Avoid relying on security through obscurity and/or security through minority—in terms of assuming that the secrecy/uncommonness of system design provides unimpeachable protection.
SIGNATURE—A means to bind information to an entity.
Social Access—refers to humans gaining access to a datum-copy’s form and or content.
Stealth Network—refers to any network that employs stealth techniques and/or defensive mechanisms—to protect-against/repeal—any unwarranted hackers/attacks; and in terms of excluding/disguising/blocking entry-point(s) for the primary-network’s data-processing stack.
Single-Copy-Send—communication of a datum (+ meta-data) with guaranteed social security.
Socially Secure Communication—communication that protects socially restricted access (secrecy or privacy) for the replicated meaning—datum(s) + nominal meta-data (perhaps).
SPYING—refers to secret/unwarranted access to private items/ideas/datum(s) / concepts etc.
STEGANOGRAPHY—(Greek: steganos, ‘covered’ + graphein, ‘writing’)—A primary form of communications security that conceals the physical presence of a secret message, which may or may not be additionally protected by a code or cipher.
Storage Media—is a bundle of hardware/software technologies that work together to form a memory system—and in order to persist a datum-copy’s form and content.
SYMMETRIC KEY ENCRYPTION—the encryption and decryption keys are the same. Communicating parties must have the same key before they can achieve secure communication.
Tertiary-Copy—is a replication of a primary or secondary copy— which is generated post-communication by extracting datum(s) from a large body of communication data (e.g. a transatlantic data pipe).
Tertiary-Network—is not directly connected to the primary-network—but nevertheless may still (belatedly) access data traffic flowing across primary and/or secondary-networks— resulting in illegitimate tertiary-copies of primary/secondary-copies.
Transfer Media—is a bundle of hardware/software technologies that work together to form a delivery system—and in order to send a datum-copy from a source-point to a destination-point.
TRANSMISSIONS SECURITY—An electronic form of communication security similar to steganography. Transmission security tries to hide the existence of secret messages in electrical exchanges, whether or not they are encrypted.
TROJAN HORSE—unsafe-actors misrepresenting as safe-actors.
UNBREAKABLE CIPHERS—include one-time methods and unconditionally secure crypto-systems.
Unsafe-Actor—An actor on the data-processing stack that is invisible/unknown/questionable in terms of purpose and/or integrity—and hence may (potentially) have undermined effects and/or progress unknown programming path(s).
USER-IDENTITY (ID)—individual identity for an actor on a network (perhaps matching unique/specific human(s)).
VALIDATION—A means to provide timeliness of authorisation to use or manipulate information or resources.
Virtual Representation (Datum-Copy)—refers to what is stored on an electronic/magnetic/optical ‘container’ for a datum-copy (information).
Virtual Gateway—refers to blocking mechanisms/hurdles with respect to the opening-up of a virtual representation of a datum-copy.
VIRUS (computer)—is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other programs, data files etc , and when this replication succeeds, the affected areas are then said to be ‘infected’. A virus may or may not have harmful effects—and result in loss of privacy for private datum(s) etc.
VULNERABILITY—In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
END OF LISTING OF SCF VERSION 1.0 – CYBERSECURITY LEXICON