16 lines
839 B
Markdown
16 lines
839 B
Markdown
# Security Considerdations When Designing a System
|
|
##### Least Privilege
|
|
##### Fail Safe Defaults
|
|
- Negate fail safe insecure defaults
|
|
##### Economy of Mechanisms ( Keep it Simple )
|
|
##### Complete Mediation
|
|
- Check access to each abject is allowed
|
|
- Note cache machanisms. After access is revoked, is access verified against stale cache data?
|
|
##### Open Design
|
|
- Security of the design should not depend on the secrecy of the design.
|
|
##### Seperation of Privilege
|
|
- Permissions based on more than one condition. Just because someone has a password, can they use it to accomplish a specific task?
|
|
##### Least Common Mechanism
|
|
- Do not create shared resources with sensitive data.
|
|
##### Psychological Acceptability
|
|
- The more secure a design is, the more likely users are to find ways to make life easier by creating insecure work arounds. |