Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Principles.

Published byAsher Bates Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Principles."— Presentation transcript:

1 Security Principles

2 Simplicity Keep it simple.
Simplicity is desirable for all aspects of system design and development, for operation and maintenance as well as for security mechanisms. Simpler systems are less likely to contain flaws than complex ones. Moreover, simpler systems are easier to analyze and review, and it is thus easier to establish their trustworthiness. a small and simple design is essential

3 Open Design The security of a system should not depend on the secrecy of its protection mechanisms. Example 1.1. We do not design doors that only authorized persons know how to open and close. Instead, we design standardized doors with standardized locks (both with different protection levels) and rely on the protection of the associated key.

4 Compartmentalization
Organize resources into isolated groups of similar needs. Compartmentalization means organizing resources into groups (also called compartments or zones), each of which is isolated from the others, except perhaps for some limited and controlled means of exchanging information. The principle of compartmentalization is applied in different areas in computer science, for example, in programming, where functions and variables are grouped and put into separate modules or classes.

5

6 Minimum Exposure Minimize the attack surface a system presents to the adversary. 1. Reduce external interfaces to a minimum. 2. Limit the amount of information given away. 3. Minimize the window of opportunity for an adversary, for example, by limiting the time available for an attack.

7

8 Least Privilege Any component (and user) of a system should operate using the least set of privileges necessary to complete its job. The principle states that privileges should be reduced to the absolute minimum. As a consequence subjects should not be allowed to access objects other than those really needed to complete their jobs.

9

10 Minimum Trust and Maximum Trustworthiness
Minimize trust and maximize trustworthiness.

11 Secure, Fail-Safe Defaults
The system should start in and return to a secure state in the event of a failure.

12

13 Complete Mediation Access to any object must be monitored and controlled.

14

15 No Single Point of Failure
Build redundant security mechanisms whenever feasible.

16

17 Traceability Log security-relevant system events.
Example Many hard-copy forms in companies have an audit trail. Invoices in particular may require signatures, stamps and other information as they flow through the administrative processes. They are archived afterwards so that it is later possible to determine who checked an invoice or who cleared it.

18 Generating Secrets Maximize the entropy of secrets.

19 Usability Design usable security mechanisms. Example 1.19.
Most end users do not understand cryptographic mechanisms. They do not understand what a certificate is, its intended use and how to verify the authenticity of a server certificate. As a consequence, it is possible to impersonate a web server even in settings where server certificates are used.

20 Discussion

Download ppt "Security Principles."

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
Operating System Security

Operating System Security
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #12-1 Chapter 12: Design Principles Overview Principles –Least Privilege –Fail-Safe.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
VM: Chapter 5 Guiding Principles for Software Security.

VM: Chapter 5 Guiding Principles for Software Security.
Secure Design Principles  secure the weakest link  reduce the attack surface  practice defense in depth  minimize privilege  compartmentalize  fail.

Secure Design Principles  secure the weakest link  reduce the attack surface  practice defense in depth  minimize privilege  compartmentalize  fail.
Appendix B: Designing Policies for Managing Networks.

Appendix B: Designing Policies for Managing Networks.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.

Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.

1 Design Principles CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 13, 2004.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.

Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least.
(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏
Introduction To Windows NT ® Server And Internet Information Server.

Introduction To Windows NT ® Server And Internet Information Server.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
G22.3250-001 Robert Grimm New York University Protection and the Control of Information Sharing in Multics.

G Robert Grimm New York University Protection and the Control of Information Sharing in Multics.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Similar presentations

Ads by Google