Security Principles Flashcards
Describe this security principle:
Know Your Threat Model
Know what you’re protecting and from whom
What does the Know Your Threat Model include?
- Assumptions
- Most critical relevant threats
- Specified actions and steps
When should the Know Your Threat Model be performed?
Before and after deployment
Describe this security principle:
Economy of Security Mechansim
Make it so that the reward is not worth the effort for the attacker
What is the trade off for the defender with the Economy of Security Mechanism?
Cost and level of security
Describe this security principle:
Open Design
Protect the key > secret design
What two principles go in hand with Open Design?
Kerckhoff’s Principle and Shannon’s Maxim
Describe
Kerckhoff’s Principle
The system should still be secure even if everything about it is public except for the key
Describe
Shannon’s Maxim
The enemy will know the system
Describe this security principle:
Fail-Safe Defaults
Have access based on explicit permission instead of exclusion
Why are conditional requirements not included in Fail-Safe Defaults?
Risky, limited scope, could produce false negative/positive results
Describe this security principle:
Least Privilege
Granting minimal access using compartmentalization and isolation
Define
Compartmentalization
Division into separate components so that each has their own data and resources
Define
Isolation
Separation for independent functions
Why are compartmentalization and isolation necessary in security defenses?
Contains the threats to 1 spot and minimized lateral movement between functions
Describe this security principle: Architecture Design
Name the two architectural designs
Monolithic and Component
Define
Monolithic Architecture Design
The system/entity is 1 tight unit with the same processes and runtime
Define
Component Architecture Design
Multiple separate entities
Pros of Monolithic Design
Simplier and easier to develop, increased performance (more efficient)
Cons of Monolithic Design
Not scalable, inflexible, difficult to maintain if the system is too large
Pros of Component Design
Modularity, easy maintanence, flexible, scalable
Cons of Component Design
Complex with significant overhead involved
When is it best to use either Monolithic or Component architecture designs?
Monolithic: smaller projects
Component: larger projects
Describe this security principle:
Complete Mediation
Every access to every resource is checked which is reinforced by the reference monitor
Criteria of a reference monitor
- Unbypassable
- Temper-proof
- Verifiable
Describe this security principle:
Separation of Privilege
Dsitribution of function across multiple entities
Describe this security principle:
Defense in Depth
Multiple security measures that uses 2 of:
* Something the user knows
* Something the user has
* Something the user is
Provide an example for each of the criterias of the Defense in Depth:
* Something the user knows
* Something the user has
* Something the user is
Something the user knows: a password, code
Something the user has: phone
Something the user is: face/fingerprint
When dealing with human factors, what is one solution to complex password requirements?
A password manager that will store complex passwords but the user only has to remember one password to access the manager
Define
Psychological acceptability
Is it reasonable, understandable, and acceptable?
What should you be resilient to when thinking about security principles?
Variations in human behavior
What should you not overly rely on when thinking about security principles?
Don’t overly rely on assumptions
What should you address when thinking about security?
The weakest link
List all of the Security Principles
- Know Your Threat Model
- Economy of Security Mechanism
- Open Design
- Fail-Safe Defaults
- Least Privilege
- Separation of Privilege
- Defense in Depth
- Complete Mediation
