principles

principles - Design Principles for Protection Mechanisms...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
1 1 1 Security Principles CS177 2011 Security Principles Security is a system requirement just like performance, capability, cost, etc. Therefore, it may be necessary to trade off certain security requirements to gain others 2 Security Principles CS177 2011 Design Principles for Protection Mechanisms • Least privilege • Economy of mechanism • Complete mediation • Open design • Separation of privilege • Least common mechanism • Psychological acceptability • Fail-safe defaults Saltzer and Schroeder 1975 3 Security Principles CS177 2011 Least Privilege • Should only have the rights necessary to complete your task. • Default should be lack of access • If access needed temporarily, then it should be rescinded right after use 4 Security Principles CS177 2011 Economy of Mechanism • Sufficiently small and simple as to be verified and implemented – e.g., security kernel • Simpler means less can go wrong – And when errors occur, they are easier to understand and fix 5 Security Principles CS177 2011 Economy of Mechanism (2) • Complex mechanisms may not be correctly: – Understood – Modeled – Configured – Implemented – Used • Keep it as simple as possible – KISS Principle 6 Security Principles CS177 2011 Complete Mediation • Every access to every object must be checked • Must be efficient • In addition to normal runtime, must be done at: – initialization – shutdown – restart
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 2 7 Security Principles CS177 2011 Open Design • Don’t depend on secrecy of the design • “Security through obscurity” is a bad idea • Should be open for scrutiny by the community • Better to have a friend/colleague find an
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 5

principles - Design Principles for Protection Mechanisms...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online