Ch.6 Flashcards
1
Q
What are the goals of software design(5)
A
- divide the software system into components
- determine the relationships between those components
- determine the internal communication mechanism among these components
- specify the components interfaces
- describe the components functionality
2
Q
Integrating security in software design requires the following considerations:(4)
A
- what software components need to be created
- how to integrate these components securely
- how sensitive data is going to be stored
- how to control information flows between the components
3
Q
What are design principles
A
Guidelines that enhance security by ensuing simplicity and restriction
4
Q
What is a violation to open design
A
Steganography
5
Q
What does abstraction contribute to cyber security
A
- removes clutter that can distract the user from using a resource correctly
- excess complexity may hide malicious behaviors
6
Q
Components of access control (4)
A
- access controls
- access
- subject
- object
7
Q
Access control models (4)
A
- discretionary access control: identity and role
- mandatory access control: comparing security labels and security clearance
- role based access control :
Roles that the user has and the rules stating what accesses are allowed to users in a role - attribute based access control:
User attributes, recourse to be accessed and current environment condition
8
Q
A