Compartments preventing compromise
As with a boat, your computer, and by extension your life, can be compartmentalized so that the failure of one part doesn't impact the rest.
Sketch 1 (1,500 characters)
For this sketch, I was inspired by an analogy drawn between a boat and a computer (I unfortunately don't recall the source), where the captain is the operating system, the cruise members are the software and the hull is the hardware. But this analogy only illustrated how a computer functions, and was not relevant to information security.
On a daily basis, I use virtualization to create isolated spaces, a concept that is common in information security (with application sandboxing ; containerization, etc.). It is an incredibly useful mechanism that is hard to explain to the layman. Large boats or cruise ships, with their compartments which can be isolated from each other in case of a leak, represents a good analogy.
To take this idea further, I would port this image into Inkscape to make a digital rendering, enhancing the concept with a more detailed illustration and further examples.
Sketch 2 (1,500 characters)
Onions have layers and each layer represents a protection. Why not use onions as a way to illustrate virtualization and application sandboxing? These two mechanisms are incredibly useful in information security and are derived from the same idea : if your application or operating system get compromised, at least your entire system or datacenter won't.
The next step would be to illustrate what is inside an onion. For this sketch, I was inspired by the Tor Project's logo.
In a similar vein, I thought about demonstrating this concept with a cake, which also has layers.
What have you learned through this sketching process? (1,000 characters)
Through this exercise, I have learned that there are not a lot of resources available to visually demonstrate information security as related to compartmentalisation. For instance, Wikipedia doesn't have many illustrations available on this important topic.
Tell us more about you. (1,000 characters)
I am an open source promoter and I have recently been selected to be a technical writer for the Qubes OS project. I have a background in political science, and I am always looking for means to bridge the gap between fields so that everyone can benefit from tools available in other domains.
Why are you participating in this Challenge? (750 characters)
I am participating in this challenge because I believe it is of critical importance to illustrate concepts related to cyber security in a way that the general public can understand. I want to shed some light on obscure concepts using sound analogies, so that people can feel empowered to make the right decision in their digital lives and not be afraid or discouraged to proceed. Whatever I do within this context will prove useful for Qubes OS. I am happy to contribute to project that promotes digital security.
I have a personal website, https://refre.ch, which includes links to past articles I wrote. Recently, I wrote about hardware and firmware security and created custom illustrations :
What is your experience with the field of cybersecurity?
I have minimal experience and/or knowledge in the cybersecurity field.
How did you hear about this OpenIDEO Challenge?
Asnières-sur-Seine, next to Paris (France)
Location: State / District