design principles
play

Design Principles Chapter 14 Computer Security: Art and Science , 2 - PowerPoint PPT Presentation

Jul 19, 2023 •117 likes •280 views

Design Principles Chapter 14 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-1 Overview Simplicity, restriction Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation

  1. Design Principles Chapter 14 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-1

  2. Overview • Simplicity, restriction • Principles • Least Privilege • Fail-Safe Defaults • Economy of Mechanism • Complete Mediation • Open Design • Separation of Privilege • Least Common Mechanism • Least Astonishment Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-2

  3. Overview • Simplicity • Less to go wrong • Fewer possible inconsistencies • Easy to understand • Restriction • Minimize access • Inhibit communication Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-3

  4. Chapter 14: Design Principles • Overview • Principles • Least Privilege • Fail-Safe Defaults • Economy of Mechanism • Complete Mediation • Open Design • Separation of Privilege • Least Common Mechanism • Least Astonishment Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-4

  5. Least Privilege • A subject should be given only those privileges necessary to complete its task • Function, not identity, controls • Rights added as needed, discarded after use • Minimal protection domain Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-5

  6. Related: Least Authority • Principle of Least Authority (POLA) • Often considered the same as Principle of Least Privilege • Some make distinction: • Permissions control what subject can do to an object directly • Authority controls what influence a subject has over an object (directly or indirectly, through other subjects) Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-6

  7. Fail-Safe Defaults • Default action is to deny access • If action fails, system as secure as when action began Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-7

  8. Economy of Mechanism • Keep it as simple as possible • KISS Principle • Simpler means less can go wrong • And when errors occur, they are easier to understand and fix • Interfaces and interactions Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-8

  9. Complete Mediation • Check every access • Usually done once, on first action • UNIX: access checked on open, not checked thereafter • If permissions change after, may get unauthorized access Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-9

  10. Open Design • Security should not depend on secrecy of design or implementation • Popularly misunderstood to mean that source code should be public • � Security through obscurity � • Does not apply to information such as passwords or cryptographic keys Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-10

  11. Separation of Privilege • Require multiple conditions to grant privilege • Separation of duty • Defense in depth Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-11

  12. Least Common Mechanism • Mechanisms should not be shared • Information can flow along shared channels • Covert channels • Isolation • Virtual machines • Sandboxes Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-12

  13. Least Astonishment • Security mechanisms should be designed so users understand why the mechanism works the way it does, and using mechanism is simple • Hide complexity introduced by security mechanisms • Ease of installation, configuration, use • Human factors critical here Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-13

  14. Related: Psychological Acceptability • Security mechanisms should not add to difficulty of accessing resource • Idealistic, as most mechanisms add some difficulty • Even if only remembering a password • Principle of Least Astonishment accepts this • Asks whether the difficulty is unexpected or too much for relevant population of users Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-14

  15. Key Points • Principles of secure design underlie all security-related mechanisms • Require: • Good understanding of goal of mechanism and environment in which it is to be used • Careful analysis and design • Careful implementation Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 14-15

Recommend

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets say basically the same thing Confinement, non-VM isolation Library operating systems Sandboxes Program modification Covert

584 views • 30 slides
Human-Computer Interaction 12. Design Principles (2) Last class Psychological design principles

Human-Computer Interaction 12. Design Principles (2) Last class Psychological design principles

Human-Computer Interaction 12. Design Principles (2) Last class Psychological design principles Recap: Psychological principles 1. User sees what they expect to see. 2. Users have difficulty focusing on more than one activity at a time. 3. It

843 views • 55 slides
UMBC A B M A L F T U M B C I O M Y O T R 1 (November 26, 2000 11:15 pm) I E

UMBC A B M A L F T U M B C I O M Y O T R 1 (November 26, 2000 11:15 pm) I E

Principles of VLSI Design Introduction CMPE 413/CMSC 711 Principles of VLSI Design Instructor: Professor Jim Plusquellic Text: Principles of CMOS VLSI Design: A Systems Perspective, by Neil H.E. Weste and Kamran Eshraghian. Supplementary

752 views • 21 slides
Principles of Software Construction: Objects, Design, and Concurrency API Design 2: principles

Principles of Software Construction: Objects, Design, and Concurrency API Design 2: principles

Principles of Software Construction: Objects, Design, and Concurrency API Design 2: principles Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 4c due Thursday, 10/29, 11:59pm EST Homework 5 coming soon Team sign-up

620 views • 47 slides
SunyoungKim,PhD Last class Psychological design principles Recap. Psychological

SunyoungKim,PhD Last class Psychological design principles Recap. Psychological

Human-Computer Interaction 17. Design Design Principles (2) SunyoungKim,PhD Last class Psychological design principles Recap. Psychological principles 1. User sees what they expect to see. 2. Users have difficulty focusing on more

963 views • 57 slides
Design principles for m-learning Outcome : To determine basic design principles for mobile

Design principles for m-learning Outcome : To determine basic design principles for mobile

Design principles for m-learning Outcome : To determine basic design principles for mobile learning and identify the key limitations to the design and development of mobile instruction. 1 Needs Assessment Before you start the design True

343 views • 10 slides
Human-Computer Interaction 12. Design Principles (3) Last class Normans design principles

Human-Computer Interaction 12. Design Principles (3) Last class Normans design principles

Human-Computer Interaction 12. Design Principles (3) Last class Normans design principles Recap. Usability Usability is a measure of the effectiveness, efficiency and satisfaction with which specified users can achieve specified goals in a

826 views • 68 slides
Design Principles The goals of good design Goals What kind of devices do we want to make?

Design Principles The goals of good design Goals What kind of devices do we want to make?

Design Principles The goals of good design Goals What kind of devices do we want to make? Useful vs. usable 2 CS 349 - Design Principles 3 CS 349 - Design Principles 4 CS 349 - Design Principles http://www.tvhistory.tv 5 CS 349 -

813 views • 62 slides
Design Principles for Security-conscious Systems 1 Overview Design principles from Saltzer

Design Principles for Security-conscious Systems 1 Overview Design principles from Saltzer

Design Principles for Security-conscious Systems 1 Overview Design principles from Saltzer & Schroeders 1975 paper A few case studies What did Saltzer-Schroeder overlook? (Personal opinions) 2 Saltzer and Schroeders

780 views • 45 slides
4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three

4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three

4 OO Package Design Principles 4.1 Packages Introduction 4.2 Packages in UML 4.3 Three Package Design Principles 4.4 Development Environment (Three more principles) 4.5 Summary OO Package Design Principles Stefan Kluth 1 4.1 Packages

392 views • 36 slides
UX Design Principles and Guidelines R.I.T S. Ludi/R. Kuehl p. 1 R I T Software Engineering

UX Design Principles and Guidelines R.I.T S. Ludi/R. Kuehl p. 1 R I T Software Engineering

UX Design Principles and Guidelines R.I.T S. Ludi/R. Kuehl p. 1 R I T Software Engineering Principles abstract design rules an interface should be easy to navigate Guidelines - advice on how to achieve principles

440 views • 30 slides
Outline Saltzer & Schroeders principles CSci 5271 More secure design principles

Outline Saltzer & Schroeders principles CSci 5271 More secure design principles

Outline Saltzer & Schroeders principles CSci 5271 More secure design principles Introduction to Computer Security Day 7: Defensive programming and design, part 1 Software engineering for security Stephen McCamant Announcements

355 views • 7 slides
Web Design Guidelines SWEN-444 Design Principles and Guidelines User Populations (Shared human

Web Design Guidelines SWEN-444 Design Principles and Guidelines User Populations (Shared human

Web Design Guidelines SWEN-444 Design Principles and Guidelines User Populations (Shared human ability and behavior) (Problem domains) Computing Paradigms (Platform guidelines and conventions) Foundation Design Principles (Empirical)

663 views • 21 slides
Cognitive Principles in Tutor & Cognitive Tutor Principles e-Learning Design

Cognitive Principles in Tutor & Cognitive Tutor Principles e-Learning Design

Lots of Lists of Principles 1 Cognitive Principles in Tutor & Cognitive Tutor Principles e-Learning Design Koedinger, K. R. & Corbett, A. T. (2006). Cognitive Tutors: Technology bringing learning science to the classroom.

325 views • 13 slides
Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological

488 views • 22 slides
Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe

Chapter 13: Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological

787 views • 43 slides
SunyoungKim,PhD Last class 1. Prototype 2. Flowchart 3. Wizard of Oz Todays agenda

SunyoungKim,PhD Last class 1. Prototype 2. Flowchart 3. Wizard of Oz Todays agenda

Human-Computer Interaction 16. Design Part 3. Design: Design Principles (1) SunyoungKim,PhD Last class 1. Prototype 2. Flowchart 3. Wizard of Oz Todays agenda UI design principles: Psychological principles User-centered design

719 views • 60 slides
Design Engineering Overview What is software design? How to do it? Principles,

Design Engineering Overview What is software design? How to do it? Principles,

2/8/17 Design Engineering Overview What is software design? How to do it? Principles, concepts, and practices High-level design Low-level design N. Meng, B. Ryder 2 1 2/8/17 Design

394 views • 28 slides
SunyoungKim,PhD Last class Normans design principles Recap. Usability Usability is a

SunyoungKim,PhD Last class Normans design principles Recap. Usability Usability is a

Human-Computer Interaction 18. Design Mobile Design Principles SunyoungKim,PhD Last class Normans design principles Recap. Usability Usability is a measure of the effectiveness, efficiency and satisfaction with which specified

921 views • 75 slides
Visual Design Simplicity, Gestalt Principles, Organization/Structure Many examples are from

Visual Design Simplicity, Gestalt Principles, Organization/Structure Many examples are from

Visual Design Simplicity, Gestalt Principles, Organization/Structure Many examples are from Universal Principles of Design , Lidwell, Holden, and Butler 1 CS 349 - Visual Design Why discuss visual design? You need to present the elements of

956 views • 48 slides
of HTML5 the design of HTML5 the design of HTML5 design principles We hold these Truths to be

of HTML5 the design of HTML5 the design of HTML5 design principles We hold these Truths to be

the design of HTML5 the design of HTML5 the design of HTML5 design principles We hold these Truths to be self-evident, that all Men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these

821 views • 53 slides
Design principles: laughing in the face of change Perdita Stevens School of Informatics

Design principles: laughing in the face of change Perdita Stevens School of Informatics

Design principles: laughing in the face of change Perdita Stevens School of Informatics University of Edinburgh Plan What are we trying to achieve? Review: Design principles you know from Inf2C-SE Going further: SOLID design

494 views • 32 slides
Design principles Usability Evaluation The design of everyday things (Norman, 1990) The

Design principles Usability Evaluation The design of everyday things (Norman, 1990) The

Design principles Usability Evaluation The design of everyday things (Norman, 1990) The ordinary objects reflect the problems of user interface design Door handles Washing machines Telephones etc. Introduces the notion of

927 views • 79 slides
UX It is useful to identify such needs in personal informatics, but how do we design, create,

UX It is useful to identify such needs in personal informatics, but how do we design, create,

Design Principles UX It is useful to identify such needs in personal informatics, but how do we design, create, test, then implement systems to ensure success? This is the domain of... H.C.I. user-experience design principles cogs 105,

476 views • 8 slides

More recommend