Security Architecture Design Principles

From Glitchdata
Jump to navigation Jump to search
  • Design Security Principle: Designed for Malice
    • Design system security to defend against deliberate malicious actions
  • Design for dependability
  • Design for failure
    • Preventive controls will at some point fail or prove inadequate. Detent and respond controls need to be in place to detect and contain the impact of failure.
  • Design for depth
    • Implement layers of diverse security controls so that any one control failure will not result in the complete loss of security. Build deference in-depth protection into the system
  • Designed for resilience
  • Design system security which is resilience in the face of deliberate attack.
  • Designed for openness
    • The security of a system or a security mechanism should not depend on the secrecy of its design or implementation./
  • Design for simplicity
    • Security mechanisms should be as simple as possible. This as known as economy of mechanism.
  • Design for acceptability
    • A security mechanism should note make the resource more difficult to access than if the security mechanisms were not present.