Security Principles (3) Flashcards
Ten Commandments of Security
- Economy of Mechanisms (EM)
- Fail-Safe Defaults
- Complete Mediation
- Open Design
- Separation of Privilege
- Least Privilege
- Least Common Mechanism
- Psychological Acceptability
- Work Factor
- Compromise Recording
- Economy of Mechanisms (EM)
This principle stresses simplicity in the DESIGN and IMPLEMENTATION of security measures
- Fail-Safe Defaults
This principle states that the default configuration of a system should have a conservative protection scheme.
- Complete Mediation
The idea behind this principle is that every access to a resource must be checked for compliance with a protection scheme.
- Open Design
According to this principle, the security architecture and design of a system should be made publicly available; versus security by obscurity, which tries to achieve security by keeping cryptographic algorithms secret and which has been historically used without success by several organizations
- Separation of Privilege
This principle dictates that multiple conditions should be required to achieve access to restricted resources or have a program perform some action
- Least Privilege
Each program and user of a computer system should operate with the bare minimum privileges necessary to function properly. (need-to-know)
- Least Common Mechanism
In systems with multiple users, mechanisms allowing resources to be shared by more than one user should be minimized.
- Psychological Acceptability
This principle states that user interfaces should be well designed and intuitive, and all security-related settings should adhere to what an ordinary user might expect
- Work Factor
According to this principle, the cost of circumventing a security mechanism should be compared with the resources of an attacker when designing a security scheme
- Compromise Recording
This principle states that sometimes it is more desirable to record the details of an intrusion than to adopt more sophisticated measures to prevent it.
