COMP424Computer SecurityDesign PrinciplesaJeff Wiegley, Ph.D.Computer [email protected]/29/2005aBy Matt Bishop, “Computer Security”1• The principle of least privilege states that a subject should be givenonly those privileges that it needs in order to complete its task.• The principle of fail-safe defaults states that, unless a subject isgiven explicit access to an object, it should be denied access to thatobject.• The principle of economy of mechanism states that securitymechanisms should be as simple as possible.• The principle of complete mediation requires that all accesses toobjects be checked to ensure that they are allowed.2• The principle of open design states that the security of a mechanismshould not depend on the secrecy of its design or implementation.• The principle of separation of privilege states that a system shouldnot grant permission based on a single condition.• The principle of least common mechanism states that mechanismsused to access resources should not be shared.• The principle of psychological acceptability states that securitymechanisms should not make the resource more difficult to accessthan if the security mechanisms were not
View Full Document