Cybersecurity Glossary

Layered security, also referred to as defence in depth, is an approach to cybersecurity that involves implementing multiple layers of security controls and measures throughout an organisation's systems, networks, and applications. Each layer provides an additional line of defence, and if one layer is breached, other layers can still provide protection. Layered security includes a combination of technologies, processes, policies, and user awareness, such as firewalls, intrusion detection systems, access controls, encryption, and regular security updates. The goal is to create a comprehensive and robust security posture that mitigates the risk of various threats and vulnerabilities.

The principle of least common mechanism is a security design principle that states that the mechanisms shared by multiple users or components should be minimised to reduce the potential impact of a security breach. By minimizing the commonalities among users or components, the principle aims to limit the potential for unauthorised access or compromise. For example, in a multi-user system, each user should have their own unique account and privileges rather than sharing a common account. This principle helps prevent unauthorised access, privilege escalation, and the spread of security breaches.

Least privilege is a security principle that advocates granting users or entities the minimum level of privileges or access rights necessary to perform their authorized tasks or functions. Users should only be given the specific permissions and access required to fulfill their job responsibilities, and additional privileges should not be granted by default. By applying the principle of least privilege, organisations can limit the potential damage caused by compromised accounts or malicious actors, reduce the attack surface, and maintain tighter control over access to critical systems, data, and resources.

A logic bomb is a type of malicious code or software program that is designed to execute a specific malicious action when a certain condition or trigger event occurs. Logic bombs are typically embedded within legitimate programs and remain dormant until the predetermined condition is met, such as a specific date, time, or user action. Once triggered, the logic bomb may perform destructive actions, delete or modify data, or disrupt system operations. Logic bombs are often used as a form of sabotage or to cause financial or reputational harm.

A logic bomb trigger is the specific condition or event that activates a logic bomb, causing it to execute its intended malicious actions. The trigger can be based on various factors, such as a specific date and time, a certain user action, the presence or absence of certain files, or the occurrence of a specific system event. The trigger serves as the activation mechanism for the logic bomb, initiating the malicious activities programmed within the code.

A programming paradigm that uses mathematical logic to represent and solve problems. Logic programming languages, such as Prolog, facilitate the development of rule-based systems and reasoning engines.