Application Of Science

Welcome to the Science Of Cybersecurity—where we establish the first founding principles of a new science of Information Security.

Some experts are adamant that Cybersecurity can never be established as a science. This is claimed to be so because—any and all social accessibility protections which are put in place will always have human opponents. That is, in this field alone, human antagonists exist—who work constantly to try and break any security measures present. Accordingly, Cybersecurity is not a science—but is more akin to a game, war or political struggle.

Whilst we do acknowledge the existence of vital social elements within the boundaries of the highly technical field of Cybersecurity; it is our belief that application of the scientific method—consisting of a combination of empirical observation and logical reasoning—must always play a significant and foundational role in any Cybersecurity scenario whatsoever. QED.

Our goal is to bring formalism to a field that doesn’t even have one—that is to bring unity, consistency and order—to the field of Information Security. Strangely absent is any kind of top-level theory, and missing are fundamental definitions and/or first-principles etc. Ergo, the system-designer’s job becomes one of—collecting partial formalism(s)—before somehow stitching them together. The net result is—partial truth(s) and/or sub-optimal approaches—or at least major difficulties.

Conversely, we seek to establish a foundational framework for the entire field of: Information Security; and by means of comprehensive, integrated and holistic perspective(s)—combined with use of the scientific method.

A Quest For Insightful Answers

How do data breaches, hacks, system exploits and computer intrusions happen—and why? What occurs when Cybersecurity really works effectively, and can we systemise it? Or will the clever hacker always break into any networked device, sweeping all defences aside?

On a quest for insightful answers in his ground-breaking book and associated website, Dr Alan Radley proceeds to completely deconstruct, rationally analyse, meticulously rebuild and then sanely reassess the entire field of Cybersecurity.

A rigorous scientific methodology is applied to networked system design, leading to a comprehensive new model—and accurate taxonomic tree—of all possible types and classes of cyber-attacks and associated countermeasures. The upshot is a wholly original, astute and fearlessly honest—yet practically oriented—treatise on Cybersecurity.

Outlined here for the first time is a logical explanation of the fundamental theory and principal axioms of Cybersecurity as developed from first principles, and in a format ideally suited to both—the engineering-minded professional—and the less technically-oriented.

Solid Foundation

Our new theory of Cybersecurity is grounded on a set of core principles, as depicted in the unique Cybersecurity System Access Gateways (CSAG) diagram.

The CSAG diagram teaches that in order for a Datum or Datum-Copy (existing on a networked computer system) to have its inner meaning ‘extracted’ by either a legitimate user or else an illegitimate intruder—then that same party must first traverse a PHYSICAL GATEWAY in order to see/touch the physical FORM of the copy held on a Media of Storage, Transfer or Access (i.e. obtain a physical copy). Next on said media the party traverses one or more VIRTUAL GATEWAYS to obtain the Datum’s raw format (i.e open a virtual copy).

Note that multiple physical and virtual gateways may be overlaid and/or interrelated—for example when an Access Node (a virtual gateway—or password entry system) is located on an Access Device (a physical gateway—or networked computer system).

Finally the party in question—must decode the Datum’s inner meaning or CONTENT by traversing one or more of 3 kinds of MEANING GATEWAYS: named as the Metrical, Selectional and Descriptive layers—which may be nested together, one on top of another, in a Russian-Doll fashion. Cybersecurity is then defined simply, and completely, as the continuous processes of protecting (i.e. locking, blocking and/or concealing) all necessary gateway types—that is defending the Datum’s meaning from unwarranted entry.

Cybersecurity_System_Access_Gateways_1

Cybersecurity System Access Gateways

Source: ‘The Science Of Cybersecurity’ (2017) – by Alan Radley

 

Your Trusted Source…

A secondary goal of this site is to gather together as much Cybersecurity information as possible—in the process providing comprehensive and pertinent knowledge in the form of theory, books, articles, metrics, solutions etc; plus links to expertise, products, organisations; and pointers to the latest threat-alert intelligence etc.

We are on the lookout for partners; and seek details of the very best Cybersecurity resources—so drop us a line!

Dr Alan Radley , Blackpool, UK.

 

Best Cyberthreat Maps – 2017

We have undertaken a review of live cyberthreat mapping visualisation tools (browser-based); and the results are shown below. Perhaps these kinds of maps are more fun than practically useful—but they do act as a salient reminder of  the increasing number and sophistication of cyberthreats now faced by us all.

Clicking on an image will bring up the associated visualisation…

 

map

Kaspersky Cyberthreat Real-Time Map

map2

CheckPoint’s Live Cyber Attack Map

map3

Norse Corp Malware Map