CyBOK — The Cybersecurity Body of Knowledge

The purpose of the Distributed Systems Security chapter covers a broad range of topics from trusted computing to Trojan circuits. To classify these topics we follow the different hardware abstraction layers as introduced by the Y-chart of Gajski & Kuhn. We speak with CyBOK Hardware Security author Ingrid Verbauwhede for an introductory overview of the topic.

The purpose of the Privacy and Online Rights chapter is to introduce system designers to the concepts and technologies that are used to engineer systems that inherently protect users’ privacy. We aim to provide designers with the ability to identify privacy problems, to describe them from a technical perspective, and to select adequate technologies to eliminate, or at least, mitigate these problems. We speak with CyBOK Privacy and Online Rights Knowledge Area author Carmela Troncoso for an introductory overview of the topic.

The purpose of the Network Security chapter is to explain the challenges associated with securing a network under a variety of attacks for a number of networking technologies and widely used security protocols, along with emerging security challenges and solutions. This chapter aims to provide the necessary background in order to understand other knowledge areas. An understanding of basic networking protocol stack and TCP/IP suite is assumed. We speak with CyBOK Network Security Knowledge Area author Sanjay Jha for an introductory overview of the topic.

The purpose of the Operating Systems & Virtualisation Security chapter is to introduce the principles, primitives and practices for ensuring security at the operating system and hypervisor levels. We see that the challenges related to operating system security have evolved over the past few decades, even if the principles have stayed mostly the same. We speak with CyBOK Operating Systems & Virtualisation Security author Herbert Bos for an introductory overview of the topic.

The Human Factors chapter presents a foundational understanding of the role of human factors in cyber security. One key aspect of this is how to design security that is usable and acceptable to a range of human actors, for instance, end-users, administrators and developers. This knowledge area also introduces a broader organisational and societal perspective on security that has emerged over the past decade. We speak with CyBOK Human Factors co-author Awais Rashid for an introductory overview of the topic.

The Authentication, Authorisation & Accountability (AAA) chapter presents the general foundations of access control and some significant instantiations that have emerged as IT kept spreading into new application areas. It will survey modes of user authentication and the way they are currently deployed, authentication protocols for the web, noting how new use cases have led to a shift from authentication to authorisation protocols, and the formalisation of authentication properties as used in today’s protocol analysis tools. On accountability, the focus is on the management and protection of audit logs. We speak with CyBOK Authentication, Authorisation & Accountability (AAA) author Dieter Gollmann for an introductory overview of the topic.

The Risk Management and Governance chapter explains the fundamental principles of cyber risk assessment and management and their role in risk governance, expanding on these to cover the knowledge required to gain a working understanding of the topic and its sub-areas. We speak with CyBOK Risk Management and Governance author Pete Burnap for an introductory overview of the topic.

The Forensics chapter provides a technical overview of digital forensic techniques and capabilities, and to put them into a broader perspective with regard to other related areas in the cybersecurity domain. The discussion on legal aspects of digital forensics is limited only to general principles and best practices, as the specifics of the application of these principles tend to vary across jurisdictions. We speak with CyBOK Forensics author Vassil Roussev for an introductory overview of the topic.

Cyber-Physical Systems Security are engineered systems that are built from, and depend upon, the seamless integration of computation, and physical components. While automatic control systems like the steam governor have existed for several centuries, it is only in the past decades that the automation of physical infrastructures like the power grid, water systems, or chemical reactions have migrated from analogue controls to embedded computer-based control, often communicating through computer-based networks. We speak with CyBOK Cyber-Physical Systems Security author Alvaro Cardenas for an introductory overview of the topic.

The purpose of the Software Security chapter is to provide a structured overview of known categories of software implementation vulnerabilities, and of techniques that can be used to prevent or detect such vulnerabilities, or to mitigate their exploitation. We speak with CyBOK Software Security Knowledge Area author Frank Piessens for an introductory overview of the topic.