Some Fundamental Cybersecurity Concepts

Kelce S. Wilson; Muge Ayse Kiy

doi:10.1109/access.2014.2305658

IEEE Access (Jan 2014)

Some Fundamental Cybersecurity Concepts

Kelce S. Wilson,
Muge Ayse Kiy

Affiliations

Kelce S. Wilson: Patent Litigation, BlackBerry, TX, USA
Muge Ayse Kiy: BlackBerry, Washington, DC, USA

DOI: https://doi.org/10.1109/access.2014.2305658
Journal volume & issue: Vol. 2
pp. 116 – 124

Abstract

Read online

The results of successful hacking attacks against commercially available cybersecurity protection tools that had been touted as secure are distilled into a set of concepts that are applicable to many protection planning scenarios. The concepts, which explain why trust in those systems was misplaced, provides a framework for both analyzing known exploits and also evaluating proposed protection systems for predicting likely potential vulnerabilities. The concepts are: 1) differentiating security threats into distinct classes; 2) a five layer model of computing systems; 3) a payload versus protection paradigm; and 4) the nine Ds of cybersecurity, which present practical defensive tactics in an easily remembered scheme. An eavesdropping risk, inherent in many smartphones and notebook computers, is described to motivate improved practices and demonstrate real-world application of the concepts to predicting new vulnerabilities. Additionally, the use of the nine Ds is demonstrated as analysis tool that permits ranking of the expected effectiveness of some potential countermeasures.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords