Glossary and Iconography

Placeholder page

Glossary

Blockchain – A data storage structure that uses a series of data in blocks linked via hash values and/or signatures. Represented in the motion graphic as Blockchain.

¢entsi – ¢entsi (pronounced “centsi”) is a pseudo crypto-currency that can be used to measure the value of Continuing Professional Education (CPE) claims and generally maps at 1 ¢entsi per hour of CPE.

Certification Body – An organization that provides some sort of certification (e.g. technical) attached to an identity. Represented in the motion graphic as Certification Body.

Continuing Professional Education (CPE) – Continuing Professional Education (CPE) is defined as ANY activity related to common Information Security practitioner activities such as attending or giving conference talks, creating or consuming new information security content (such as blog postings, podcasts, videos, etc.), finding, fixing, and other helping deal with security vulnerabilities and incidents to name a few activities. A major aspect of OpenCPEs is letting the market (security practitioners, certification providers, employers, etc.) decide what CPE activities are, and how much they are worth.

Continuing Professional Education (CPE) Claim – A CPE Claim is any CPE activity that someone claims to have done, but is not yet registered in the OpenCPEs system (there is no validation record or update token for it). The next step would be to use the CyberCV Wallet to register it resulting in a “Registered Continuing Professional Education (CPE) Claim”.

Continuing Professional Education (CPE) Provider – A CPE Provider can be a traditional CPE Provider such as an online training session designed to provide CPE’s for the Information Security industry, or a less traditional CPE provider such as an information security related podcast, or an entity that is not even aware of CPE and is not intending to provide CPEs such as a project hosted on GitHub where someone assists them in fixing a security flaw. CPE Claims can be made using CPE Providers that are participating directly in the OpenCPEs system, or not participating at all.

Open Cybersecurity Ledger (OCL) Blockchain – The Open Cybersecurity Ledger (OCL) is a customized blockchain technology developed by CloudSecurityAlliance Labs that ensures privacy.

Permissioned Blockchain – A Blockchain that only allows a specific party or parties to write to it.

Permissionless Blockchain – A Blockchain that uses a consensus algorithm such as proof of stake, proof of work or other to decide who is allowed to write records to the Blockchain.

Public Blockchain – A Blockchain that has publicly readable data, it may be permissioned or permissionless.

Registered Continuing Professional Education (CPE) Claim – A registered CPE Claim is any CPE activity that someone claims to have done and has successfully registered with OpenCPEs (which will result in a validation record and update token being created).

Update Token – An update token is an electronic record associated with a Registered Continuing Professional Education (CPE) Claim that can be used by any party involved in the original Continuing Professional Education (CPE) Claim to update it, such as revoking it, bundling it with additional claims or simply updating the information within it. Represented in the motion graphic as Update Token.

Validation record – A validation record is a form of secure proof using digital hashing with a cryptographically secure nonce to creates a hash value that cannot be used to reveal the original data that was used to create the validation record. Represented in the motion graphic as part of the Blockchain.

Validation of claim – A claim combined with a piece of digital evidence (such as an image or a PDF) is validated with a trusted third party, if confirmed it is then processed, and a Secure Proof is created from it, and written to the Blockchain. The evidence has been validated as correct.

Witnessing of Claim – A piece of digital evidence (such as an image or a PDF) is processed, and a validation record is created from it, and written to the Open Cybersecurity Ledger Blockchain.

Witnessing of Claim with validation – A piece of digital evidence (such as an image or a PDF) is processed, and validated against the issuing entity, for example someone claiming to have a CCSK submits it, and the CCSK evidence is confirmed as valid or invalid, then a validation record is created from it, and written to the Open Cybersecurity Ledger Blockchain.

Iconography

Blockchain – Appears as an endless stream of checklists inside green squares.

Certification Body – Represents an organization that would endow certifications or endorse continuing education credits (CPEs).

Claim – Appears as a blue circle. When altered, appears as a yellow square or red star.

Henry (person) – Henry is our example Human Resources person.

Nonce – See Random Data.

Random Data – Appears as a die (the singular of dice).

Sally (person) – Sally is our example security practitioner person.

Signature – Appears as a lock.

Update Token – Appears as a circle containing an arrow with its head circularly meeting its own tail.

Motion Graphic Loop

  • A claim appears between Sally and the Certification Body
  • A die appears on the claim.
  • An update token appears between the claim and the Certification Body
  • The update token splits/duplicates
  • One of the update tokens attaches to the claim next to the die, the other moves closer to the certification body
  • A lock appears on the claim
  • A checklist appears next to the claim
  • The checklist joins the blockchain (where it becomes part of a green square)
  • The claim moves between Henry and Sally
  • The lock icon grows/is-highlighted
  • The blockchain starts to move backwards rapidly
  • It stops
  • One of the green checklists blocks rises out and is filled in
  • The checklist is cleared and the block rejoins the blockchain
  • The update token comes out of the claim
  • The blockchain rapidly “fast forwards” to the front and then begins rapidly moving backwards
  • The blockchain rapidly “fast forwards” and then resumes its normal motion
  • The update token rejoins the claim
  • The claim and the update token (by the Certification Body) fade away
  • The loop repeats itself