Security By Design
One approach to computer security is to consider security as one of the base features.
Some of the techniques in this approach include:
- The principle of least privilege, where each part of the system has only the privileges that are needed for its function. That way even if an attacker gains access to that part, they have only limited access to the whole system.
- Automated theorem proving to prove the correctness of crucial software subsystems.
- Code reviews and unit testing are approaches to make modules more secure where formal correctness proofs are not possible
- Defense in depth", where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds.
- Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.
- Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
- Full disclosure to ensure that when bugs are found the "window of vulnerability" is kept as short as possible.
Read more about this topic: Computer Security
Famous quotes containing the words security and/or design:
“Those words freedom and opportunity do not mean a license to climb upwards by pushing other people down. Any paternalistic system that tries to provide for security for everyone from above only calls for an impossible task and a regimentation utterly uncongenial to the spirit of our people.”
—Franklin D. Roosevelt (18821945)
“Joe ... you remember I said you wouldnt be cheated?... Nobody is really. Eventually all things work out. Theres a design in everything.”
—Sidney Buchman (19021975)