design principles
play

Design Principles Chapter 14 Computer Security: Art and Science , 2 - PowerPoint PPT Presentation

Jul 19, 2023 •117 likes •280 views

Design Principles Chapter 14 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-1 Overview Simplicity, restriction Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation

  1. Design Principles Chapter 14 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-1

  2. Overview • Simplicity, restriction • Principles • Least Privilege • Fail-Safe Defaults • Economy of Mechanism • Complete Mediation • Open Design • Separation of Privilege • Least Common Mechanism • Least Astonishment Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-2

  3. Overview • Simplicity • Less to go wrong • Fewer possible inconsistencies • Easy to understand • Restriction • Minimize access • Inhibit communication Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-3

  4. Chapter 14: Design Principles • Overview • Principles • Least Privilege • Fail-Safe Defaults • Economy of Mechanism • Complete Mediation • Open Design • Separation of Privilege • Least Common Mechanism • Least Astonishment Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-4

  5. Least Privilege • A subject should be given only those privileges necessary to complete its task • Function, not identity, controls • Rights added as needed, discarded after use • Minimal protection domain Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-5

  6. Related: Least Authority • Principle of Least Authority (POLA) • Often considered the same as Principle of Least Privilege • Some make distinction: • Permissions control what subject can do to an object directly • Authority controls what influence a subject has over an object (directly or indirectly, through other subjects) Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-6

  7. Fail-Safe Defaults • Default action is to deny access • If action fails, system as secure as when action began Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-7

  8. Economy of Mechanism • Keep it as simple as possible • KISS Principle • Simpler means less can go wrong • And when errors occur, they are easier to understand and fix • Interfaces and interactions Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-8

  9. Complete Mediation • Check every access • Usually done once, on first action • UNIX: access checked on open, not checked thereafter • If permissions change after, may get unauthorized access Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-9

  10. Open Design • Security should not depend on secrecy of design or implementation • Popularly misunderstood to mean that source code should be public • � Security through obscurity � • Does not apply to information such as passwords or cryptographic keys Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-10

  11. Separation of Privilege • Require multiple conditions to grant privilege • Separation of duty • Defense in depth Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-11

  12. Least Common Mechanism • Mechanisms should not be shared • Information can flow along shared channels • Covert channels • Isolation • Virtual machines • Sandboxes Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-12

  13. Least Astonishment • Security mechanisms should be designed so users understand why the mechanism works the way it does, and using mechanism is simple • Hide complexity introduced by security mechanisms • Ease of installation, configuration, use • Human factors critical here Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-13

  14. Related: Psychological Acceptability • Security mechanisms should not add to difficulty of accessing resource • Idealistic, as most mechanisms add some difficulty • Even if only remembering a password • Principle of Least Astonishment accepts this • Asks whether the difficulty is unexpected or too much for relevant population of users Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-14

  15. Key Points • Principles of secure design underlie all security-related mechanisms • Require: • Good understanding of goal of mechanism and environment in which it is to be used • Careful analysis and design • Careful implementation Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets say basically the same thing Confinement, non-VM isolation Library operating systems Sandboxes Program modification Covert

584 views • 30 slides
Human-Computer Interaction 12. Design Principles (2) Last class Psychological design principles

Human-Computer Interaction 12. Design Principles (2) Last class Psychological design principles

Human-Computer Interaction 12. Design Principles (2) Last class Psychological design principles Recap: Psychological principles 1. User sees what they expect to see. 2. Users have difficulty focusing on more than one activity at a time. 3. It

843 views • 55 slides
UMBC A B M A L F T U M B C I O M Y O T R 1 (November 26, 2000 11:15 pm) I E

UMBC A B M A L F T U M B C I O M Y O T R 1 (November 26, 2000 11:15 pm) I E

Principles of VLSI Design Introduction CMPE 413/CMSC 711 Principles of VLSI Design Instructor: Professor Jim Plusquellic Text: Principles of CMOS VLSI Design: A Systems Perspective, by Neil H.E. Weste and Kamran Eshraghian. Supplementary

752 views • 21 slides
Principles of Software Construction: Objects, Design, and Concurrency API Design 2: principles

Principles of Software Construction: Objects, Design, and Concurrency API Design 2: principles

Principles of Software Construction: Objects, Design, and Concurrency API Design 2: principles Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 4c due Thursday, 10/29, 11:59pm EST Homework 5 coming soon Team sign-up

620 views • 47 slides
SunyoungKim,PhD Last class Psychological design principles Recap. Psychological

SunyoungKim,PhD Last class Psychological design principles Recap. Psychological

Human-Computer Interaction 17. Design Design Principles (2) SunyoungKim,PhD Last class Psychological design principles Recap. Psychological principles 1. User sees what they expect to see. 2. Users have difficulty focusing on more

963 views • 57 slides
Design principles for m-learning Outcome : To determine basic design principles for mobile

Design principles for m-learning Outcome : To determine basic design principles for mobile

Design principles for m-learning Outcome : To determine basic design principles for mobile learning and identify the key limitations to the design and development of mobile instruction. 1 Needs Assessment Before you start the design True

343 views • 10 slides
Human-Computer Interaction 12. Design Principles (3) Last class Normans design principles

Human-Computer Interaction 12. Design Principles (3) Last class Normans design principles

Human-Computer Interaction 12. Design Principles (3) Last class Normans design principles Recap. Usability Usability is a measure of the effectiveness, efficiency and satisfaction with which specified users can achieve specified goals in a

826 views • 68 slides
Design Principles The goals of good design Goals What kind of devices do we want to make?

Design Principles The goals of good design Goals What kind of devices do we want to make?

Design Principles The goals of good design Goals What kind of devices do we want to make? Useful vs. usable 2 CS 349 - Design Principles 3 CS 349 - Design Principles 4 CS 349 - Design Principles http://www.tvhistory.tv 5 CS 349 -

813 views • 62 slides
Design Principles for Security-conscious Systems 1 Overview Design principles from Saltzer

Design Principles for Security-conscious Systems 1 Overview Design principles from Saltzer

Design Principles for Security-conscious Systems 1 Overview Design principles from Saltzer & Schroeders 1975 paper A few case studies What did Saltzer-Schroeder overlook? (Personal opinions) 2 Saltzer and Schroeders

780 views • 45 slides
4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three

4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three

4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three Package Design Principles 4.4 Development Environment (Three more principles) 4.5 Summary OO Package Design Principles Stefan Kluth 1 4.1 Packages

392 views • 36 slides
UX Design Principles and Guidelines R.I.T S. Ludi/R. Kuehl p. 1 R I T Software Engineering

UX Design Principles and Guidelines R.I.T S. Ludi/R. Kuehl p. 1 R I T Software Engineering

UX Design Principles and Guidelines R.I.T S. Ludi/R. Kuehl p. 1 R I T Software Engineering Principles abstract design rules an interface should be easy to navigate Guidelines - advice on how to achieve principles

440 views • 30 slides
Outline Saltzer & Schroeders principles CSci 5271 More secure design principles

Outline Saltzer & Schroeders principles CSci 5271 More secure design principles

Outline Saltzer & Schroeders principles CSci 5271 More secure design principles Introduction to Computer Security Day 7: Defensive programming and design, part 1 Software engineering for security Stephen McCamant Announcements

355 views • 7 slides
Web Design Guidelines SWEN-444 Design Principles and Guidelines User Populations (Shared human

Web Design Guidelines SWEN-444 Design Principles and Guidelines User Populations (Shared human

Web Design Guidelines SWEN-444 Design Principles and Guidelines User Populations (Shared human ability and behavior) (Problem domains) Computing Paradigms (Platform guidelines and conventions) Foundation Design Principles (Empirical)

663 views • 21 slides
Cognitive Principles in Tutor & Cognitive Tutor Principles e-Learning Design

Cognitive Principles in Tutor & Cognitive Tutor Principles e-Learning Design

Lots of Lists of Principles 1 Cognitive Principles in Tutor & Cognitive Tutor Principles e-Learning Design Koedinger, K. R. & Corbett, A. T. (2006). Cognitive Tutors: Technology bringing learning science to the classroom.

325 views • 13 slides
Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological

488 views • 22 slides
Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological

787 views • 43 slides
EDA Design Automation Prof. Ulf Schlichtmann Abacus: Fast Legalization of Standard Cell

EDA Design Automation Prof. Ulf Schlichtmann Abacus: Fast Legalization of Standard Cell

Institute for Electronic EDA Design Automation Prof. Ulf Schlichtmann Abacus: Fast Legalization of Standard Cell Circuits with Minimal Movement Peter Spindler, Ulf Schlichtmann and Frank M. Johannes Technische Universitaet Muenchen ISPD,

784 views • 25 slides
On Computing Minimal Independent Support and Its Applications to Sampling and Counting Alexander

On Computing Minimal Independent Support and Its Applications to Sampling and Counting Alexander

On Computing Minimal Independent Support and Its Applications to Sampling and Counting Alexander Ivrii 1 , Sharad Malik 2 , Kuldeep S. Meel 3 , Moshe Y. Vardi 3 1 IBM Research Haifa 2 Princeton University 3 Rice University (Author names are

552 views • 25 slides
Post-Newtonian parametrization of the Minimal Theory of Massive Gravity Franois Larrouturou

Post-Newtonian parametrization of the Minimal Theory of Massive Gravity Franois Larrouturou

Post-Newtonian parametrization of the Minimal Theory of Massive Gravity Franois Larrouturou in collaboration with : S. Mukohyama, A. De Felice & M. Oliosi YITP ENS Paris The second workshop on gravity and cosmology by young

271 views • 23 slides
Soft Robotics: Designing Robotic Actuators Made from Flexible Materials Algorithmic Robotics and

Soft Robotics: Designing Robotic Actuators Made from Flexible Materials Algorithmic Robotics and

Soft Robotics: Designing Robotic Actuators Made from Flexible Materials Algorithmic Robotics and Motion Planning Course of Prof. Dan Halperin, Semester A 2020 Presented by Guy Korol Department of CS, Tel-Aviv University Based on the Paper:

746 views • 15 slides
Chapter 11 Marketing and the Arts Management & the Arts, 5e, (C) Wm. Byrnes, 2014 Chapter

Chapter 11 Marketing and the Arts Management & the Arts, 5e, (C) Wm. Byrnes, 2014 Chapter

Chapter 11 Marketing and the Arts Management & the Arts, 5e, (C) Wm. Byrnes, 2014 Chapter Overview Connecting an arts organization to people and helping people connect to an arts organization can be a very satisfying accomplishment.

299 views • 11 slides
CSE440: Introduction to HCI Methods for Design, Prototyping and Evaluating User Interaction

CSE440: Introduction to HCI Methods for Design, Prototyping and Evaluating User Interaction

CSE440: Introduction to HCI Methods for Design, Prototyping and Evaluating User Interaction Lecture 05: Nigini Oliveira Design Process and Design Manaswi Saha Diamond Liang He Jian Li Zheng Jeremy Viny What we will do today Design Process

760 views • 58 slides
KEMAL ZMECLER (08.03.2016) 1 PRESENTATION TOPIC OBJECT DETECTORS EMERGE IN DEEP SCENE CNNS

KEMAL ZMECLER (08.03.2016) 1 PRESENTATION TOPIC OBJECT DETECTORS EMERGE IN DEEP SCENE CNNS

KEMAL ZMECLER (08.03.2016) 1 PRESENTATION TOPIC OBJECT DETECTORS EMERGE IN DEEP SCENE CNNS Bolei Zhou, Aditya Khosla, Agata Lapedriza, Aude Oliva, Antonio Torralba International Conference on Learning Representations,2015. 2 OUTLINE

745 views • 41 slides
2. Early Writing Systems Cuneiform, early Linear Scripts Origins of the

2. Early Writing Systems Cuneiform, early Linear Scripts Origins of the

Clst 181SK Ancient Greece and the Origins of Western Culture 2. Early Writing Systems Cuneiform, early Linear Scripts Origins of the Greek Alphabet Alpha Beta Gamma Delta

809 views • 29 slides

More recommend