Security By Design
One approach to computer security is to consider security as one of the base features.
Some of the techniques in this approach include:
- The principle of least privilege, where each part of the system has only the privileges that are needed for its function. That way even if an attacker gains access to that part, they have only limited access to the whole system.
- Automated theorem proving to prove the correctness of crucial software subsystems.
- Code reviews and unit testing are approaches to make modules more secure where formal correctness proofs are not possible
- Defense in depth", where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds.
- Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail-safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.
- Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
- Full disclosure to ensure that when bugs are found the "window of vulnerability" is kept as short as possible.
Read more about this topic: Computer Security
Famous quotes containing the words security and/or design:
“A well-regulated militia being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.”
—Second Amendment, U.S. Constitution (1791)
“If I knew for a certainty that a man was coming to my house with the conscious design of doing me good, I should run for my life ... for fear that I should get some of his good done to me,—some of its virus mingled with my blood.”
—Henry David Thoreau (1817–1862)