Please enable JavaScript.
Coggle requires JavaScript to display documents.
security fundamental design principle, user friendly, object contain data …
security fundamental design principle
least common mechanism
reduce the number of
unintended
communication paths and reduce the amount of hardware and software which user depend on
psychological
acceptability
more easy to use the mechanism more comfortable to use it
layering
multiple , overlapping protection approach , addressing to people , technologies and opritional of Info System
know as
defense in depth
ex : incident response
encapsulation
collection of producers and data objects in domain of it's own , internal structure of data object
complete mediation
every access must be checked against AC mechanism
separation of privilege
required to achieve access to restricted source
open design
security mechanism should be open rather be secret , so the algorithm can be reviewed by experts and user
economy of mechanism
keep the design security simple as possible , the more complex more likely exploitable flaws
fail-safe default
access design based on permission rather exclusion , default lack of access and protection under condition of permitted
least privilege
every process and user should operate
least set of privileges
to preform a task
Isolation
public access system should be isolated from critical resource
files and process of individual should isolate from one to another
user friendly
object contain data