Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,

Published byDenis Brooks Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,"— Presentation transcript:

1 1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion, Dominance, Unity –There are principles for the design and implementation of security mechanisms Principles –Least Privilege –Fail-Safe Defaults –Economy of Mechanism –Complete Mediation –Open Design –Psychological Acceptability

2 2 Overview Simplicity –Less to go wrong –Fewer possible inconsistencies Policy conflict –Easy to understand –Fewer data check during transmission among components Assumptions of input/output data may lead to serious security problems Restriction –Minimize access –Inhibit communication Hiding not only the contents, but also the fact that the communication exists

3 3 Least Privilege A subject should be given only those privileges necessary to complete its task –Restrict the privilege grant –The function of the subject (what she/he need to do), instead of its identity (who she/he is), controls the assignment of rights –Rights added as needed, discarded after use –Minimal protection domain

4 4 Fail-Safe Defaults Restrict how privileges are initialized Default action is to deny access If action fails, system should be restored to the state before action began –Either none or all –No partial transaction allowed

5 5 Economy of Mechanism Simplify the design and implementation Keep it as simple as possible –KISS Principle (Keep it simple, si__y) Simpler means less can go wrong –And when errors occur, they are easier to understand and fix –Weaker assumptions need to be made Interfaces and interactions –Assumptions of input and output Suppose to be a small file, but who knows –Interactions with other entities Bugs in windows

6 6 Complete Mediation Restrict caching of information Check every access Usually done once, on first action –UNIX: access checked on open, not checked thereafter If permissions change, users may get unauthorized access Tradeoff with efficiency –DNS and web content

7 7 Open Design Security should not depend on secrecy of design or implementation –Popularly misunderstood to mean that source code should be public. Not necessarily –Secrecy can enhance the security, but if the design becomes exposed, the security of the mechanism cannot be affected –Does not apply to information such as passwords or cryptographic keys –People can figure out your system design CPU simulator; Trash digger; stealing;

8 8 Psychological Acceptability Security mechanisms should not add to difficulty of accessing resource –Hide complexity introduced by security mechanisms –Ease of installation, configuration, use –Human factors critical here Zero interaction authentication

9 9 Key Points Principles of secure design underlie all security-related mechanisms Require: –Good understanding of goal of mechanism and environment in which it is to be used –Careful analysis and design –Careful implementation

Download ppt "1 Chapter 12: Design Principles Overview –There are principles for many kinds of design Generally, a design should consider: Balance, Rhythm, Proportion,"

Similar presentations

Operating System Security

Operating System Security
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
VM: Chapter 5 Guiding Principles for Software Security.

VM: Chapter 5 Guiding Principles for Software Security.
1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.

1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.
Usable Security (Part 1 – Oct. 30/07) Dr. Kirstie Hawkey Content primarily from Teaching Usable Privacy and Security: A guide for instructors (http://cups.cs.cmu.edu/course-guide/)

Usable Security (Part 1 – Oct. 30/07) Dr. Kirstie Hawkey Content primarily from Teaching Usable Privacy and Security: A guide for instructors (
Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.

Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
April 6, 2004ECS 235Slide #1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe Defaults –Economy of Mechanism –Complete Mediation.

April 6, 2004ECS 235Slide #1 Chapter 13: Design Principles Overview Principles –Least Privilege –Fail-Safe Defaults –Economy of Mechanism –Complete Mediation.
Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.

Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.
Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.

CS-550 (M.Soneru): Protection and Security - 1 [SaS] 1 Protection and Security.
(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
1 cs691 chow C. Edward Chow Design Principles for Secure Mechanisms CS591 – Chapter 5.4 Trusted OS Design CS691 – Chapter 13 of Matt Bishop.

1 cs691 chow C. Edward Chow Design Principles for Secure Mechanisms CS591 – Chapter 5.4 Trusted OS Design CS691 – Chapter 13 of Matt Bishop.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
Lecture 10: Security Design Principles CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 10: Security Design Principles CS 436/636/736 Spring 2012 Nitesh Saxena.
11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.

11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.

Similar presentations

Ads by Google