1.2, 1.3 - IT Security Design principles and Facets of Trusworthiness

Question 1

Principle of Least privilege

Answer 1

A subject should only be given the privileges it needs to complete its tasks and no more

Question 2

Principle of Fail-safe defaults (related to Secure by Design)

Answer 2

Unless explicit access has been granted, Access should be denied by default and the system should roll back to the start start for safety, if it cant complete a task. (relates to TSF Safety facet)

Question 3

Principle of Economy of Mechanism

Answer 3

Security Mechanisms should be as simple as possible, this should mean fewer possibilities exist for error. related to TSF Reliable

Question 4

Principle of Complete Mediation

Answer 4

All accesses to objects must be checked to ensure that they are still allowed and Verify all pages and resources by default require authentication except those specifically intended to be public, This principle restricts the caching of information. Related to Reliable

Question 5

Principle of Open Design

Answer 5

The security of a mechanism should not depend on the secrecy of its design or implementation. Especially relevant to Cryptographic systems

Related to security

Question 6

Principle of Separation of Privilege

Answer 6

A system should ensure that multiple conditions are met before granting access to an object. Also relates to seperation of duty, For example no one person should be able to open a bank safety deposit box, One permisson might have the key to the room where the box is stored and another person might have the codes to the box.

Related to Security (Avoid making mistakes)

Question 7

Principle of Least Common Mechanism

Answer 7

Mechanisms to access resources should not be shared‏. Linked to Resilience, Resources not shared, could be linked to network segmentation

Sharing resources provides a channel along which information can be transmitted, and so such sharing should be minimized.

Question 8

Principle of Psychological Acceptability

Answer 8

security mechanisms should not make the resource more difficult to access than if the security mechanisms were not present. Examples: ssh, login mechanism

Question 9

Safety

Answer 9

The ability of the software to operate without harmful states

Question 10

Reliability

Answer 10

the ability of the system to deliver services as specified (without bugs) - Reliable is the outcome - linked to economy of mechanism - the simpler the system the easier it is to make reliable.

Question 11

Availability

Answer 11

The ability of the software to operate when required / The ability of the system to deliver services when requested

Question 12

Resilience

Answer 12

The ability of the software to recover from errors quickly and completely. - System auto scaling in repsond to load to remain available or having a failover system

Question 13

Security

Answer 13

The ability of the software to remain protected against threats

Question 14

Compare TSI and IT Security Design Principles

Answer 14

Security Availability Reliability Resilience Safety - Fail-safe Least privilege Psychological acceptability Separation of privilege Least common mechanism Economy of mechanism Complete mediation Open design Fail-safe

Question 15

What is a primary factor designing a secure system?

Answer 15

To understand what is being protected.

Question 16

What is a functional requirement?

Answer 16

A Functional Requirement (FR) is a description of the service that the software must offer. (In Microsoft word you expect to be able to type, change font size, etc)

Question 17

What is a non-functional requirement?

Answer 17

A Non-Functional Requirement (NFR) defines the quality attribute of a software system. Judged by Safety and Security, (On a banking website you expect security and for the attacker not to steal all your money.)

Question 18

TSF Facets of trustworthy software

Answer 18

There are 5 principles, Safety, Reliability, Availability, Security, Resilience

Question 19

A subject should only be given the privileges it needs to complete its tasks and no more

Answer 19

Principle of Least privilege

Question 20

Unless explicit access has been granted, Access should be denied by default and the system should roll back to the start start for safety, if it cant complete a task. (relates to TSF Safety facet)

Answer 20

Principle of Fail-safe defaults (related to Secure by Design)

Question 21

Security Mechanisms should be as simple as possible, this should mean fewer possibilities exist for error. related to TSF Reliable

Answer 21

Principle of Economy of Mechanism

Question 22

All accesses to objects must be checked to ensure that they are still allowed and Verify all pages and resources by default require authentication except those specifically intended to be public, This principle restricts the caching of information. Related to Reliable

Answer 22

Principle of Complete Mediation

Question 23

The security of a mechanism should not depend on the secrecy of its design or implementation. Especially relevant to Cryptographic systems

Related to security

Answer 23

Principle of Open Design

Question 24

A system should ensure that multiple conditions are met before granting access to an object. Also relates to seperation of duty, For example no one person should be able to open a bank safety deposit box, One permisson might have the key to the room where the box is stored and another person might have the codes to the box.

Related to Security (Avoid making mistakes)

Answer 24

Principle of Separation of Privilege

Question 25

Mechanisms to access resources should not be shared‏. Linked to Resilience, Resources not shared, could be linked to network segmentation

Sharing resources provides a channel along which information can be transmitted, and so such sharing should be minimized.

Answer 25

Principle of Least Common Mechanism

Question 26

security mechanisms should not make the resource more difficult to access than if the security mechanisms were not present. Examples: ssh, login mechanism

Answer 26

Principle of Psychological Acceptability

Question 27

The ability of the software to operate without harmful states

Answer 27

Safety

Question 28

the ability of the system to deliver services as specified (without bugs) - Reliable is the outcome - linked to economy of mechanism - the simpler the system the easier it is to make reliable.

Answer 28

Reliability

Question 29

The ability of the software to operate when required.

Answer 29

Availability

Question 30

The ability of the software to recover from errors quickly and completely. - System auto scaling in repsond to load to remain available or having a failover system

Answer 30

Resilience

Question 31

The ability of the software to remain protected against threats

Answer 31

Security

Question 32

Security Availability Reliability Resilience Safety - Fail-safe Least privilege Psychological acceptability Separation of privilege Least common mechanism Economy of mechanism Complete mediation Open design Fail-safe

Answer 32

Compare TSI and IT Security Design Principles

Question 33

To understand what is being protected.

Answer 33

What is a primary factor designing a secure system?

Question 34

A Functional Requirement (FR) is a description of the service that the software must offer. (In Microsoft word you expect to be able to type, change font size, etc)

Answer 34

What is a functional requirement?

Question 35

A Non-Functional Requirement (NFR) defines the quality attribute of a software system. Judged by Safety and Security, (On a banking website you expect security and for the attacker not to steal all your money.)

Answer 35

What is a non-functional requirement?

Question 36

There are 5 principles, Safety, Reliability, Availability, Security, Resilience

Answer 36

TSF Facets of trustworthy software