Computer Security - Security By Design

Security By Design

One approach to computer security is to consider security as one of the base features.

Some of the techniques in this approach include:

  • The principle of least privilege, where each part of the system has only the privileges that are needed for its function. That way even if an attacker gains access to that part, they have only limited access to the whole system.
  • Automated theorem proving to prove the correctness of crucial software subsystems.
  • Code reviews and unit testing are approaches to make modules more secure where formal correctness proofs are not possible
  • Defense in depth", where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds.
  • Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.
  • Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
  • Full disclosure to ensure that when bugs are found the "window of vulnerability" is kept as short as possible.

Read more about this topic:  Computer Security

Other articles related to "security by design, security, design":

Security Architecture - Security By Design
... One way to think of computer security is to reflect security as one of the main features Some of the techniques in this approach include The principle of least privilege, where each part of the system has only the ... Defense in depth, where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds ... Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering) ...
Xpages - Security
... XPages applications and the document oriented database can be secured in multiple ways ... There is a so called ACL (access control list) which contains a list of users, groups and roles and their access rights ...
Computer Security
... Computer security is information security as applied to computers and networks. ...
President Of Ireland - Security and Transport
... Uachtaráin is protected by armed guards at all times and is encircled by security fencing ... times the President travels with an armed security detail which is provided by the SDU (Special Detective Unit - an elite wing of the Irish police force) ...

Famous quotes containing the words design and/or security:

    The reason American cars don’t sell anymore is that they have forgotten how to design the American Dream. What does it matter if you buy a car today or six months from now, because cars are not beautiful. That’s why the American auto industry is in trouble: no design, no desire.
    Karl Lagerfeld (b. 1938)

    When kindness has left people, even for a few moments, we become afraid of them as if their reason had left them. When it has left a place where we have always found it, it is like shipwreck; we drop from security into something malevolent and bottomless.
    Willa Cather (1876–1947)