Technology Terminology

TSVOE™
A Patent-Pending technology owned by BCOS. 
A Trusted, Secure, and Verifiable Operating Environment™ 
(TSVOE™) is a unique capability that guarantees 
an organization can establish three core principles:
Trust, Security, and Verification.
Without all three of these features, any vendor's 
products are useless in cyberspace.
Recently, TSVOE™ has been revamped to include both
TSVMS™ and TSVSG™.

TSVMS™
A technology owned by BCOS. 
A Trusted, Secure, and Verifiable Memory State™ (TSVMS™) 
is a unique hardware capability that guarantees the 
state of memory within a computing system. Using 
TSVMS™ hardware controls, memory such as RAM 
can be set to read-only and left that way 
indefinitely. Other advantages exist as well.

TSVSG™
A technology owned by BCOS. 
A Trusted, Secure, and Verifiable Service Guard™ (TSVSG™) 
is a unique hardware-enforced software capability 
that enables BCOS technologies to detect even the 
most subtle changes to code execution in any service 
or process running within a properly implemented 
TSVOE™ device. Rogue and/or tampered 
services can be restored to a pristine state, often 
without a need to restart the current operating 
environment. This means 100% uptime for your 
critical services, restoration of proper execution 
in the background, and seamless service for your 
customers.

Trust
Trust is confidence that a particular entity 
is honest, professional, and reliable. Trust can be 
impacted by the methods an organization uses to 
develop their capabilities including how they 
source the manufacturing, assembly, and delivery 
of their products. For instance, an organization 
hosted in Country X, which is at war with Country Y,
may be less trustworthy than an organization hosted 
in Country Z. Therefore, Country X may have more 
trust in products manufactured in Country Z than in 
Country Y. Similar analogies exist for 
sub-components that are manufactured by outsourced 
operations.

Security
Security is the capacity for a device or entity 
to resist both internal (e.g., insider) and 
external (e.g. nation state threats.
Security is also determined by the level of 
sophistication the developing organization deploys 
to harden their devices from unforeseeable physical 
attacks, such as the use of anti-tamper 
technologies.

Verification
Verification is the ability to ascertain how 
well an organization or device is operating as 
compared to how it is advertised to operate. 
Verification can also refer to the process of 
evaluating a product (e.g., via an audit) to 
determine if operations or functionality 
exist that were unexpected.
Verification is closely tied to trust. 
The more products and services that have been 
successfully verified necessarily increases the 
level of trust the products or services have.

Adversary
A person, group, or organization that attempts 
or succeeds in carrying out an action against another 
person, group, or organization (usually a victim) 
that considers the action to be hostile.

Victim
A person, group, or organization that is or 
has been targeted by another person, group, or 
organization (usually by an adversary).

Malware
MALicious softWARE = MALWARE. A broad term 
referring to any software that has little or no 
legitimate function on a particular system. See: 
Virus, Worm, Spyware, Trojan, Rootkit.

Virus
Execution within a computing system, typically 
within software, that circumvents legitimate 
operations with the intent of stealing, destroying, 
modifying, moving, or otherwise invalidating the 
confidentiality, integrity, and/or availability of 
resources in the system.
Normally requires user action (e.g., "run this 
program to receive your $100 rebate", etc.) to 
propagate.

Worm
Execution within a computing system, typically 
within software, that circumvents legitimate 
operations with the intent of stealing, destroying, 
modifying, moving, or otherwise invalidating the 
confidentiality, integrity, and/or availability of 
resources in the computing system.
Normally requires no user action (e.g., an attacker 
infects the computing system with no legitimate
user action) to propagate.

Spyware
Software execution within a computing system 
that circumvents legitimate operations with the 
intent of stealing personal or corporate information.
See: keylogger.

Trojan
Execution within a computing system, typically 
within software, that circumvents legitimate user 
login permissions by opening a backdoor to the 
victim's computing system.
Traditionally loaded via an application that 
appears to have legitimate function (e.g., a
computer game, word processor, etc.).

Rootkit
Execution within a computing system, typically 
within software, that circumvents legitimate security 
features of the computing system enabling an 
unauthorized adversary to gain access
to the computing system.
Typically deploys stealth techniques and applies 
advanced capabilities to ensure continued root access 
to the victim's computing
system.

Keylogger
Software execution within a computing system 
that circumvents legitimate operations with the 
intent of stealing personal or corporate information.
Typically keyloggers steal usernames, passwords, 
credit card numbers, SSNs, etc.

Backdoor
Execution within a computing system, typically 
within software, that circumvents legitimate security 
features of the computing system enabling an 
unauthorized adversary to gain access
to the computing system.
Typically referenced when describing an adversary's 
method of covertly accessing a victim's computing
system via an unauthorized network port.

Root
Traditionally considered the highest level 
permissions available within a particular computing
system. In modern Microsoft Windows® systems,
this would be the SYSTEM account. In modern
xNIX (e.g., Linux, Unix, FreeBSD, etc.) systems,
this would be the root account.
The root account has permissions to create, change, 
and delete most (if not all) components within the 
computing system.
Typically the end state that an adversary 
attempts to achieve within a victim's
computing system.

Stealth
The process of hiding the actions of malware
operating on a victim's computing system.
Typically involves hooking various system 
functions and/or applications.

Advanced Capabilities
Any action that involves a specialized skill-set 
to carry out or enable the activity. Can include
such things as supply line interjection, 
corporate espionage, insider threat, nation state actor, 
etc.

Network Port
An identifier (usually a 2-byte number) used to 
identify which service has been designated the 
responsibility of servicing an inbound connection. When 
associated with a backdoor, a network port 
is usually the covert entry point for an adversary.

Hooking
The process malware uses to circumvent
normal operations of a computing system. Typically, 
hooking involves targeting specific features within the 
computing system such as operations before/after 
cryptography is used, before/after data is sent/received 
by a system, etc. These hooks enable an adversary
to inspect/modify/delete data as well as to bypass 
security mechanisms such as virus scanners.

Supply Line Interjection
The process of intervening in the normal delivery 
of products and adding/modifying/removing hardware or 
software components within the product with the goal of 
changing its normal behavior without either the 
supplier or victim detecting the activity.

Corporate Espionage
An action taken by one organization to hinder the 
processes, procedures, products, services, or other 
capabilities of another organization (e.g., victim).
Occasionally  deploys the use of insider threat 
to carry out the activity.

Insider Threat
The potential that any authorized individual within 
an organization at some point becomes hostile. Can be 
caused by various things including salary issues, 
supervisor/subordinate conflict, corporate espionage,
and many other factors. Considered by many in the 
IT security industry to be the most challenging threat 
because these users have legitimate authorized access 
to resources within the organization. Once these 
individuals become hostile, they can use their 
legitimate accesses to launch attacks against the 
organization.

Nation State Actor
A person working on behalf of a country or nation.
Typically, these individuals have relatively large 
quantities of resources (as opposed to a typical 
hacker) and are hired based on unique skill-sets 
such as the ability to discover vulnerabilities,
develop exploits, deploy advanced capabilities, etc.

Cryptography
The process of securely converting plaintext data 
into seemingly unintelligible data. There are two main 
varieties: symmetric and asymmetric.
Symmetric cryptography requires all legitimate parties 
to share a common cryptographic key or series of 
cryptographic keys.
Asymmetric cryptography requires all legitimate parties 
to exchange public key information and to generate 
symmetric keys that are transferred between the parties 
by encrypting the generated symmetric key with the other 
parties' public keys. The generated symmetric key is 
ultimately used to encrypt the data. This technique 
enables parties to communicate securely without 
previously establishing unique symmetric keys with 
every possible other party.

Virus Scanner
An application designed to detect malware.
This technology is quickly becoming obsolete as newer 
technologies such as BCOS Agent™ 
eliminate the potential for adversaries to 
establish persistent rootkits, backdoors, and 
advanced capabilities on a victim's 
computing system.

Outsource
Migrating the design, development, assembly, 
construction, delivery, or other responsibility of 
producing a product or service to an organization 
other than the one responsible for the product or 
service. For example, sub-contracting portions (or all) 
of a particular contract or agreement to external 
organizations.
Often confused with off shoring, which is the process of 
migrating a particular task from one country to another.
This off shoring does not necessarily mean outsourcing 
is taking place since the organization may have locations 
in multiple countries.

End-to-End
Refers to the entire network path from source 
to destination and includes all intervening nodes 
on the path. Requires a source (e.g., client, 
cell phone, etc.) and destination (e.g., 
server, etc.) and often includes infrastructure 
nodes such as routers, switches, firewalls, etc.

Vulnerability
Refers to the presence of a weakness in an 
application or system. In general, the weakness 
causes an unintended operation within the 
application or system that is affected. This 
unintended operation can vary in significance 
depending on the resulting action when the 
vulnerability is triggered. At the lower-end 
of the spectrum is something akin to a self 
denial-of-service whereby the client or 
operator temporarily loses access to the 
application or system. At the extreme-end of 
the spectrum is the potential for a remotely 
triggered exploit allowing an 
unauthenticated user to gain complete control 
over the application or system. Often these 
latter cases result in the unauthenticated 
user (often a hacker or nation state actor) 
to gain root within the system or 
device hosting the affected application.

Exploit
A traditionally software-based method to 
take advantage of a vulnerability in 
an application or system. Exploits usually 
involve a sophisticated payload and triggering 
mechanism to enable an adversary to 
gain root on the victim's system.