In my previous posting I mentioned VCC – Variable Cyber Coordinates method of communication. In response to questions from readers the following is a an article on the subject in Wikipedia (April 25, 2014).
Variable Cyber Coordinates (VCC) is a method of network communications by which the cyber coordinates of the participating objects or entities are constantly changing. It provides an algorithmic foundation for the dynamic security of network devices against network-based cyber attacks.
Cyber coordinates are sets of statements that determine the position of an object in cyberspace. For instance, an IP address singularly determines the location of a computer within the Internet. Cyber coordinates enable computers connected to the Internet to “find” each other and to communicate, much in the same way that knowledge of geographic coordinates of a location on Earth enables guidance of an object to travel to that location. Essentially, any communications parameter can be viewed as a cyber coordinate. Other examples of cyber coordinates are computer Port numbers, MAC addresses, telephone numbers, file names, radio calls, etc.
With the VCC method of communications cyber coordinates of participating objects or entities are made variable. They are assigned temporary values, often random or pseudorandom. These temporary cyber coordinates are usually encrypted and distributed only to authorized devices. Authorized devices can communicate with each other using the currently valid set of cyber coordinates. Other devices on the network that are not privy to the currently valid set of cyber coordinates, cannot communicate with the authorized devices. However, a determined attacker with sufficient resources, effort and time can identify the currently valid cyber coordinates. To prevent this, the currently valid set of cyber coordinates is periodically changed. The process is repeated at predetermined or random intervals sufficiently frequent to prevent a potential attacker from finding the protected devices and launching a successful attack.
An example of a simplified explanation of the VCC method of communications is illustrated in Fig.1.
Fig.1
The black line denotes regular computer communications;
The red arrow denotes distribution of currently valid variable cyber coordinates.
In this example computer A is assigned an IP address xxx.xxx.xxx.123. Only computers B and C are authorized to communicate with computer A. Thus, computer A’s current IP address xxx.xxx.xxx.123 is sent to B and C only. Since computer D has not been sent A’s IP address, it would be difficult for it to determine A’s IP address. Thus no computer except B and C can communicate with A. The controller assigns cyber coordinates to protected computers and ensures their compatibility with the network administration’s policies and procedures.
To further strengthen computer A’s protection, A’s IP address is at some time changed to xxx.xxx.xxx.234. While not affecting A’s physical location, it moves it to another cyber space location. The new coordinates are sent to B and C, but to no other computer. Then even if computer D has made some progress in identifying A’s cyber coordinates, this progress is instantly obsolete with every new cycle of changing A’s cyber coordinates. Using the VCC methodology enables protected computers to evade cyber attacks even before they are launched.
Real VCC-based systems are much more complex than the example above and involve changes of multiple cyber coordinates for computers based in different networks.
The VCC method of communications was invented by Victor Sheymov and patented in 1999.
You mention that the VCC methodology protects computers by preventing cyber attacks before they are launched, and that such methodology was patented in 1999. Now, in 2014, there are news reports of cyber attacks on computers almost every day. Why is this still occurring? Do you have any idea as to why the VCC method has not been widely adopted? Have hackers been able to find a way to circumvent the protection offered by the VCC?
Hippo, thank you for the comment. There are two questions here.
One, the only actually functioning system based on the VCC technology that I am aware of is InvisiLAN by Invicta Networks. Its commercial prototype has been tested by numerous parties including the NSA, Northrop Grumman, PriceWaterHouseCoopers, and the CyberCore program at Tulsa University. None of the testers were able to hack the system.
The second question is a good one indeed. I have heard several rumors including that the US Government does not want a system that it cannot hack, but I was never able to figure out the true source of the resistance.