Category:Principle

Links

A. http://web.mit.edu/Saltzer/www/publications/protection/Basic.html (Saltzer and Schroeder)(see Section 3)

B. http://news.com.com/2008-1082-276319.html (McGraw)

C. OWASP Guide

• Fail safely
• Run with least privilege (least privilege)
• Avoid security by obscurity (open design)
• Use a positive security model (fail safe defaults)(minimize attack surface)
• Apply defense in depth (complete mediation)
• Keep security simple (verifiable)(economy of mechanism)
• Detect intrusions (compromise recording)
• Don’t trust infrastructure
• Don’t trust services
• Establish secure defaults (psychological acceptability)(secure defaults)

Some of the security mechanisms help when you’re implementing these principles. This is just a rough pass that needs some more work. It can’t be done with just a bullet list, you really need more like a paragraph on each of these.

• Fail safely
  • Error handling
  • Good logic
• Run with least privilege
  • Access control
• Avoid security by obscurity
  • Secure configuration files
• Use a positive security model
  • Input validation
  • Output encoding
  • Access control
• Apply defense in depth
  • Boundary validation
• Keep security simple
  • Centralized security mechanisms
• Detect intrusions(compromise recording)
  • Input validation
  • Authentication
  • Logging
  • Availability protection
• Don’t trust infrastructure
  • SSL
  • Encrypt sensitive data
  • Prevent injection
• Don’t trust services
  • SSL, Authentication, Access control, Input validation, error handling, logging, output validation
• Establish secure defaults (psychological acceptability)(secure defaults)
  • Notify users
  • Secure “out of the box”