13 - Chapter 13: Design Principles Overview Principles...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #13-1 Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological Acceptability
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #13-2 Overview Simplicity Less to go wrong Fewer possible inconsistencies Easy to understand Restriction Minimize access Inhibit communication
Background image of page 2
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #13-3 Least Privilege A subject should be given only those privileges necessary to complete its task Function, not identity, controls Rights added as needed, discarded after use Minimal protection domain
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #13-4 Fail-Safe Defaults Default action is to deny access If action fails, system as secure as when action began
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 11

13 - Chapter 13: Design Principles Overview Principles...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online