Please enable JavaScript.
Coggle requires JavaScript to display documents.
First Principles of Cybersecurity - Coggle Diagram
First Principles of Cybersecurity
Domain Seperation
Domain
Supervisor Domain
The processor can directly access memory (RAM) or manipulate access
control tables in a primitive file system.
User Domain
The processor cannot access memory (RAM) that belong to other programs or the operating system.
Process Isolation
Process
A program running on a computer. Each process has a region of the memory, which it can only access.
Isolating the process address space from other address spaces prevents tampering or interface from/by other processes.
Resource Encapsulation
Resource
A resource can be the memory, disk drive, network bandwidth, battery power, or a monitor. It can also be system objects such as shared memory or a linked list data structure.
Encapsulation
Encapsulation finds its origin in object-oriented programming (OOP). In OOP, a class definition encapsulates all data and functions to operate the data. The goal is to allow access or manipulation of the class data in only the ways the designer intended.
Least Privilage
Privilege
A privilege is a right for the user to act on managed computer resources.
The principle that a security architecture should be designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function.
Layering
Layer
A layer is a separate level that must be conquered by an attacker to breach a system.
Defense Layering
Defense layering slows down an attacker. The attacker needs to conquer each layer before moving on to the next.
Abstraction
The concept that something complicated can be thought of an represented more simply.
Modularity
A design technique that separates the functionality of a program into independent, interchangeable components.
Inheritance
A situation in which a system or application receives protection from controls that are developed, implemented, assessed, authorized and monitored by entities other than those responsible for the system or application; entities either internal or external to the organization where the system or application resides.
Open Design
System security should not rely on the secrecy of your implementation.
Simplicity
Lack of complexity allows system designers and programmers to identify unwanted access paths.
Minimization
Minimization decreases the number of ways in which attackers can exploit a program or device.
Data Hiding
Only allows necessary aspects of a data structure or a record to be observed or accessed.