lecture6

lecture6 - Lecture 6: Security Design Principles * CS...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Lecture 6: Security Design Principles * CS 392/6813: Computer Security Fall 2009 Nitesh Saxena * Adopted from a previous lecture by Nasir Memon 10/22/2009 Module 6 - Design Principles 2 Course Admin HW4 posted (due Nov 03) HW3 solution provided HW3 being graded Mid-Term Next Thursday (10/29 ) Closed-books/closed-notes In-class (6-8:25) Would cover lecture material until today Mid-Term study topics were posted Previous years sample will be posted soon 10/22/2009 Module 6 - Design Principles 3 Design Principles for Secure Systems Two basic themes: Simplicity KISS Makes design and interactions easy Easy to prove its safety Restriction Minimize the power of entities 10/22/2009 Module 6 - Design Principles 4 Principles of design 1. Principle of least privilege 2. Principle of fail-safe defaults 3. Principle of economy of mechanism 4. Principle of complete mediation 5. Principle of open design 6. Principle of separation of privilege 7. Principle of least common mechanism 8. Principle of psychological acceptability 10/22/2009 Module 6 - Design Principles 5 Principle of least privilege Entity should be given only those privilege needed to finish a task Temporary elevation of privilege should be relinquished immediately Granularity of privileges Append permission only for logging process. 10/22/2009 Module 6 - Design Principles 6 Principle of fail-safe defaults Unless a subject is given explicit access to an object, it should be denied access to the object. Default access to an object is none Access Control Lists (ACLs), firewall examples. Restricting privileges at the time of creation 10/22/2009 Module 6 - Design Principles 7 Principle of economy of mechanism Security mechanism should be as simple as possible. Fewer errors Testing and verification is easy Assumptions are less Interface to other modules Implicit assumptions of modules Finger example 10/22/2009 Module 6 - Design Principles 8 Principle of complete mediation All accesses to objects should be checked to ensure they are allowed. UNIX file descriptor DNS cache poisoning....
View Full Document

Page1 / 11

lecture6 - Lecture 6: Security Design Principles * CS...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online