Security Architecture Design Principles
Jump to navigation Jump to search
- Design Security Principle: Designed for Malice
- Design system security to defend against deliberate malicious actions
- Design for dependability
- Design for failure
- Preventive controls will at some point fail or prove inadequate. Detent and respond controls need to be in place to detect and contain the impact of failure.
- Design for depth
- Implement layers of diverse security controls so that any one control failure will not result in the complete loss of security. Build deference in-depth protection into the system
- Designed for resilience
- Design system security which is resilience in the face of deliberate attack.
- Designed for openness
- The security of a system or a security mechanism should not depend on the secrecy of its design or implementation./
- Design for simplicity
- Security mechanisms should be as simple as possible. This as known as economy of mechanism.
- Design for acceptability
- A security mechanism should note make the resource more difficult to access than if the security mechanisms were not present.