Critical Terminology Foundations 2 - Cybersummit
Critical TerminologyFoundations 2Russia-U.S. Bilateralon Cybersecurity
CRITICAL TEMINOLOGY FOUNDATIONS 2Russia-U.S. Bilateral on CybersecurityCriticalTerminologyFoundations 22James B. Godwin III, Andrey Kulpin,Karl Frederick Rauscher and Valery YaschenkoChief Editors2
CRITICAL TEMINOLOGY FOUNDATIONS 2The Russia-U.S. Bilateral on Cybersecurity – Critical Terminology Foundations, Issue 2The principle editors of this document are:James B. Godwin III, Andrey Kulpin, Karl Frederick Rauscher and Valery YaschenkoCover artwork by Dragan StojanovskiISBN No. 978-0-9856824-4-6Copyright 2014 EastWest Institute and the Information Security Institute of Moscow State UniversityThe EastWest Institute seeks to make the world a safer place by addressing the seemingly intractableproblems that threaten regional and global stability. Founded in 1980, EWI is an international, nonpartisan organization with offices in New York, Brussels, Moscow and Washington. EWI’s track recordhas made it a global go-to place for building trust, influencing policies and delivering solutions.The EastWest Institute11 East 26th Street, 20th FloorNew York, NY 10010 .info4Information Security Institute was founded as a separate department of Moscow State University (MSU)in 2003. The Institute’s main aim is to coordinate the research activity on information security at MSU.For more information about the Information Security Institute, please contact:Information Security InstituteMoscow State UniversityMichurinskiy prospeky, 1Moscow, Russia, 1191927 495 932-8958iisi@iisi.msu.ruwww.iisi.msu.ru4
!ForewordISince our first report was issued, both countries and the world have witnessedan increasing need for new “rules of the road” for cyberspace. Ultimately, theessential building blocks for any international agreements are words thatconvey the same meaning to each party involved. The challenge of cyberspaceis unlike any other in history in the degree of its complexity, the speed of itsadvance and the number of key concepts that are often beyond the grasp ofnon-technically trained diplomats.Our institutions were fortunate to once again have at the helm for this study aworld-class team of science, technology, engineering and mathematics(STEM) professionals integrated with stakeholders with military, policy andlegal training. This report, based on work from our nations’ superb teams in aTrack 2 process, has yielded another 20 terms.CRITICAL TERMINOLOGY FOUNDATIONS 2n June 2013, Presidents Vladimir Putin and Barack Obama signed a historicagreement to begin cooperation on cybersecurity. The mutualunderstanding developed through previous work by our institutions todefine critical terminology for cyber conflict helped prepare the way forthat agreement. There is increasing international attention to the importanceof ongoing definitional work in cyber, including that of the 2012 United NationsGroup of Governmental Experts (GGE).We present this report as a small but important step in making the world asafer place for all of us.5!John Edwin MrozVladislav P. SherstyukPresident & CEOEastWest InstituteDirector, Information Security InstituteMoscow State University
CRITICAL TERMINOLOGY FOUNDATIONS 26To those pioneers of theRusso-American relationshipduring the last half century,who have avoided anunspeakable conflict.
!PrefaceWIn 2011, the EastWest Institute together with the Information Security Institute ofMoscow State University took an initiative and led a much needed discussion. As aresult, 20 terms were established through our initial bilateral negotiations andpublication in April 2011. Building on then-established collaborative relationship, thejoint team reinitiated the discussion in 2013, to further define critical terms. While theinitial negotiations were bilateral in nature, the overriding intent is for these efforts tobecome multilateral by expanding negotiations to other nations that seek to create aconsensus on what has clearly been an ill-defined and unstructured arena.The two teams have contributed greatly both in their individual compilations, bilateralnegotiations, collaborations, and, most importantly, in the ever growing trustingrelationship that has developed from our initial efforts in 2011. While this reportsuperficially represents 20 additional agreed terms, the robust, substantive andongoing nature of these negotiations is building on the foundation, required forrecurring bilateral discussions beyond the bounds of terminology to establishaccepted worldwide standards in the cyber and information domains.This set of terms was presented at the fourth World Cyberspace Cooperation Summitin Silicon Valley, USA, in November 2013, as an addendum to the original document.As these terms serve as a foundation and catalyst for multilateral efforts, we welcomeand encourage comments, opinions and suggestions that could improve them.Our intention is to make these efforts an ongoing and expanding universe of agreedterms without defining a scope or set of limitations. Join us in this journey!RADM (ret.) J.B. Godwin IIILeader, US ExpertsPresident, BriteWerx, Inc.& Senior FellowEastWest InstituteAndrey KulpinLeader, Russia ExpertsDirector, International CenterInformation Security InstituteMoscow State UniversityCRITICAL TERMINOLOGY FOUNDATIONS 2ith the increasing frequency of cyber incidents, unattributableaccusations within and outside of borders, and expanding use of networksto probe systems worldwide, there is an ever growing need to check theescalation of these intrusions and establish norms by which we canmultilaterally agree. Specifically, the fundamental tenets of a common set of languagecontinued to rise to the surface of any conversation as the worldwide rhetoric hascontinued to escalate in the cybersecurity domain.7
Contributors1Russian FederationVladimir Ivanov, EastWest InstituteSergey Komov, Information Security Institute*Andrey Kulpin, Information Security InstituteAlexey Salnikov, Information Security InstituteAnatoly Streltsov, Information Security InstituteCRITICAL TERMINOLOGY FOUNDATIONS 2Valery Yaschenko, Information Security InstituteUnited States of AmericaMerritt Baer, Merritt Rachel Baer, LLC, and EWI Senior Fellow **Charles (Chuck) Barry, National Defense UniversityJohn S. Edwards, Digicom, Inc.*J. B. (Gib) Godwin III, RADM (ret.), BriteWerx, Inc. and EWI Senior FellowStuart Goldman, Bell Labs Fellow (ret.) and EWI Senior FellowLuis Kun, National Defense University**Paul Nicholas, Microsoft Corporation*James Bret Michael, U.S. Naval Postgraduate School*Jack Oslund, George Washington University (ret.)8Karl Frederick Rauscher, former CTO, EastWest Institute and Bell Labs Fellow*Issue I contributors only**Issue II contributors onlySpecial appreciation is expressed here for Nadiya Kostyuk for her broad research and translation supportfor the !
!AcknowledgementsSpecial recognition and sincere appreciation is here expressedto Anatoly Safonov, Vladislav Sherstyuk, Andrey Krutskikh and John Edwin Mroz,for their foresight and encouragement of such Track 2 Russo-American cooperative efforts onthe most challenging global security problems;and finally, to our wider community of respective stakeholder confidants in Moscow,Washington, D.C. and around the world, whose appreciation for innovation in Track 2engagements ensures the work’s long-term value.CRITICAL TERMINOLOGY FOUNDATIONS 2to Vartan Sarkissian and Vladimir Ivanov,for their vision and persistence in opening the door for this opportunity;9
1 IntroductionThe time is way over due for clear, agreed-upon cyberspace terms and policies.Indeed, there is unacceptable chaos regarding the meaning of even the mostbasic terms—cyberspace, cyber war and cyber attack. Given the seriousnessof security breaches in cyberspace over the last several years, it is wellreasoned to believe that, at any time, the interpretation of one of these terms could bea watershed in determining whether or not a certain cyber action would result inintensified or violent escalation.CRITICAL TERMINOLOGY FOUNDATIONS 2Russia and the United States form the ideal partnership for an initiative to generatethe initial momentum toward a useful taxonomy. Among other factors, both countriesare respected for their competence in the field and managing the nuclear tensions ofthe modern age and interests that promote worldwide stability, prosperity and peace.10This document is a tangible step forward toward clarifying the taxonomy of cyberconflict. It is intended to serve as a catalyst for multilateral collaboration on thesubject matter.Objectives and ImportanceThree objectives were set for this bilateral engagement. The first objective was toopen genuine dialogue between subject matter experts and stakeholders from bothcountries. The second objective, built on the first, was to develop deeperunderstanding of each other’s perspectives. The third objective was to establishconsensus around initial definitions of critical terms for cyber and informationsecurity.2 This taxonomy is submitted for consideration, review and improvement, sothat the terms can be refined and used to help enable eventual formal agreementsbetween the two countries, and as a reference for other nation-states.3 The first twoobjectives were met, as is evidenced from the contents of this report. Time is neededto determine the achievement toward the third objective.4The motivation for embarking on a joint effort to define cybersecurity terminology isquite clear. Many experts and stakeholders around the world feel that the time forinternational agreements, or “rules of the road,” is long overdue.5 For the Americanson the team, this Track 2 initiative was seen as a fulfillment of new policy forcyberspace. The 2009 White House Cyberspace Policy Review outlined severalpriorities for the United States, naming international cooperation as its seventh Dallas,!May!2010.
!Thus, the goal was not to simply harmonize existing cybersecurity terms, but to buildconfidence, genuine understanding and momentum for creating more expansiveefforts in the arena of “rules of the road.” While these terms have no binding effect,they provide a platform where stakeholders from around the world can engage in abroader conversation on this important and timely issue. This first step is indeedsignificant because it is tangible progress that was born of the Russo-Americancollaboration.Discussion Disagreements: Information and CyberThere were two disagreements in the bilateral discussions. Specifically, the Russianview of information security emphasizes the holistic span of information, where cyberis one component along with others. The Russians see information as being eithernatural or artificial. The latter is cyber, seen as the technical representation ofinformation. Natural information, on the contrary, includes one’s thoughts andinformation from books and documents. Therefore, the Russians originally wanted tolead the discussion about information and not just its subset, such as cyber. Anotherhurdle was over the security of information. Specifically, the Russian word mostequivalent to the English “security” denotes “protection.” Their view of security ofinformation includes several dimensions: human, social, spiritual and technical (i.e.cyber). Moreover, this view considers the protection of population from terrorism andcensorship to be an essential aspect of “information security.”8The Americans were more interested in addressing data in the emerging electronicinfrastructures. They acknowledged that other information exists outside of the“cyber” arena, but understood that this was not where the focus should have been atthe time. In the bilateral effort, they wanted their focus to be more narrowly on theemerging cyberspace. Beyond this, there were other reasons why Americans wereinterested in focusing on “cybersecurity.” For one, Americans do not see informationprotection as something that should include censorship, or any attempt to control .un.org/ga/search/view doc.asp?symbol A/65/201.!!8! Critical! Information! Space! was! defined! as! the! aggregate! of! elements! of! information! space! that! are! identified! as! essential! nts.CRITICAL TERMINOLOGY FOUNDATIONS 2of a “Near Term Action Plan.” Specifically, the objective was laid out to “strengthenour international partnerships to create initiatives that address the full range ofactivities, policies, and opportunities associated with cybersecurity.”6 For theRussians on the team, this bilateral cooperation was seen as fulfilling United Nationsguidance to develop taxonomy. They cited the June 2010 Report of the UN Group ofGovernmental Experts on Developments in the Field of Information andTelecommunications in the Context of International Security, which recommended“further steps for the development of confidence-building and other measures toreduce the risk of misperception resulting from ICT disruptions: [ ] Findingpossibilities to elaborate common terms and definitions relevant to General Assemblyresolution 64/25.”711
population’s awareness. The reasoning behind this is the belief that the most awareand educated population is best able to defend against harmful information. Finally,the American team believed that a government would be acting inappropriately if itused psychological operations to influence its citizens’ views and perceptions.After acknowledging these differences in perspectives, an agreement was reached torestrict discussion to “cyber” as a subset of “information”; this agreement wasacknowledged by the combined team. More specifically, resolution came about whenboth sides agreed to move forward by (i) acknowledging the broader scope of“information,” (ii) recognizing that “cyber” was a subset of this larger scope, and (iii)focusing on “cyber” because it is the area that required the most attention.ScopeCRITICAL TERMINOLOGY FOUNDATIONS 2There are three parameters that best define the boundaries of this discussion: (i) theinitial parties—Russia and the U.S.9; (ii) the focus being “information andcybersecurity,” with the initial discussion limited to the latter; and (iii) the nature ofthe work is to draft definitions and propose taxonomy to seed multilateralconversations.FrameworksInformation and Communications Technology (ICT) and cyberspace are complicatedand could benefit from the use of appropriate frameworks. This must be done withcaution, however, as an inaccurate framework can actually make a situation morecomplicated by introducing confusion. The following two frameworks were utilized inthis discussion.Eight Ingredient FrameworkICT INFRASTRUCTUREFigure 1. Eight Ingredient (8i) Framework10The 8i Framework introduces the complete set (i.e. eight) of ingredients that areneeded for cyberspace.12The 8i Framework is a systematic and comprehensive framework that a) consists ofthe ingredients that make up communications infrastructure, b) includes all of theseingredients, c) specifies the 8 ingredients of environment, power, hardware, software,network, payload, ASPR (Agreements, Standards, Policy and Regulations; abbreviated9! This! work! was! conducted! by! experts! from! Russia! and! the! U.S.! Each! expert! is! a! citizen! of! their! respective! country! and! had! !2!collaborative!effort,!these!individuals!were! not! official! government! authorities.! The! leaders! of! both! expert! groups! provided! periodic! briefings! to! their! respective!stakeholders! in! Moscow! and! Washington,! D.C.! The! collective! experience! of! these! experts! exceeds! several! hundred! years! y'&'Reliability'(CQR)'International' Workshop,! Rancho! Bernardo,! CA,! USA,! 2001;! ! Karl! Rauscher,! Protecting' Communications' Infrastructure,! Bell! !Security,!Volume!9,!Issue!2,!2004.!
!as Policy) and human. This framework is used for understanding and masteringvulnerabilities, identifying disciplines, decomposing attributes, preparing for newtechnologies; and other studies that support network, security and emergencypreparedness.11Four Dispensations for the Laws of War in CyberspaceA Russia-U.S. Track 2 bilateral on Rendering the Geneva and Hague Conventions inCyberspace introduced a framework that recognized a weapon as being eitherenabled by ICT (i.e. cyber) or not, as well as critical infrastructure assets as being ICTor not. While not the conventional use of cyber, it was more consistent in its treatmentof the ICT presence. This consistency is important in Legacy'Networked'Cri*cal'Infrastructure'Figure 2. Four Dispensations for the Laws of War in Cyberspace12CRITICAL TERMINOLOGY FOUNDATIONS !! Karl! Rauscher! and! Andrey! Korotkov,! RussiaOU.S.' Bilateral' on' Critical' Infrastructure' Protection:' Working' Towards' Rules' Institute,!2011.!12
2 Consensus DefinitionsThis section presents 40 terms for which the Russian and American expertswere able to come to an agreement. The most basic arrangement of theseterms is oriented around three areas: The Theater, The Modes of Aggravationand The Art.CRITICAL TERMINOLOGY FOUNDATIONS 2The Theater14 Cyberspace Cyber Infrastructure Cyber Services Critical Cyberspace Critical Cyber Infrastructure Critical Cyber ServicesNew Terms Information Space Cyber Entity Cyber Asset Cyber Forces Cyber WarriorThe Modes of Aggravation Cyber Crime Cyber Terrorism Cyber Conflict Cyber War CybersecurityNew Terms Information Operation Information War Information Conflict Cyber Penetration Cyber Threat Cyber Exfiltration Cyber Espionage Cyber Operation
! Cyber Warfare Cyber Attack Cyber Counter-Attack Cyber Defensive Countermeasure Cyber Defense Cyber Defensive Capability Cyber Offensive Capability Cyber Exploitation Cyber DeterrentNew Terms Information Superiority Information Operation Information Operations Dominance Information Security Cyber Weapon Cyber Vulnerability Cyber IntelligenceCRITICAL TERMINOLOGY FOUNDATIONS 2The Art15
2.1 The TheaterCRITICAL TERMINOLOGY FOUNDATIONS 2This section presents consensus definitions for 11 terms, namely: cyberspace, cyberinfrastructure, cyber services, critical cyberspace, critical cyber infrastructure, critic
Information Security Institute was founded as a separate department of Moscow State University (MSU) in 2003. The Institute’s main aim is to coordinate the research activity on information security at MSU. For more information about the Information Security Institute, please contact: Inform
Contents 1 General Teaching Ideas Related to Medical Terminology PW-7 2 Teaching Word Structure and Word Parts PW-12 3 Teaching the Terminology of the Whole Body PW-15 4 Teaching the Terminology of Gastroenterology/ Gastrointestinal System PW-16 5 Teaching the Terminology of Pulmonology/ Respiratory Syst
Medical Terminology Course: Medical Terminology Course Description: Communication in the ever expanding health care industry is a language unto itself. Medical Terminology consists of learning medically precise pronunciations, word clues, and terminology specific to human anatomy, physiology, disease, diagnosis and treatment.
Terminology Guidelines for the Protection of Children from Sexual Exploitation and Sexual Abuse1 Introduction 1 Roadmap to the Terminology Guidelines 2 Terminology Guidelines 4 A. Child 5 A.1. Definitions in legally binding instruments 5 A.2. Terminology considerations 5 A.3. Related terms 6 A.3.i Age of majority 6
In contrast, pile-supported foundations transmit design loads into the adjacent soil mass through pile friction, end bearing, or both. This chapter addresses footing foundations. Pile foundations are covered in Chapter 5, Pile Foundations-General. Each individual footing foundation must be sized so that the maximum soil-bearing pressure does not exceed the allowable soil bearing capacity of .
It is an honour for Assifero to present this guide to community foundations in Italy. The community philanthropy movement is growing rapidly all over the world. In Italy, the establishment of community foundations began in 1999 with foundations in Lecco and Como. There are now 37 registered Italian community foundations (based on the atlas of
2.1!6th Terminology Summit (11 and 12 October, Oslo) !. 3 2.2!International Terminology . which will be held in the autumn 2014. 2.3 Terminology and Translation in the European Union (8 November, . - Translation and Terminology - Legal Matters Among the members of the platform a
Animal terminology is used by people who deal with animals. And medical terminology is used extensively in all of medicine, including animal clinics and hospitals. You will be learning medical terminology in another lesson. This lesson introduces you to animal terminology. You are alrea
THE GUIDE SPRING BREAK CAMPS 2O2O MARCH 16–27 AGES 5–13. 2 2020 Spring Break Camp Guide WELCOME Build Your COCA Camp Day 2 March 16–20 Camps 3–4 March 23–27 Camps 5–6 Camp Basics 7 Registration Form 8–9 Registration Guidelines/Policies 10 Summer’s coming early this year! Join us over Spring Break for unique and fun arts learning experiences. You’ll find favorites from .
