Definition
Security Design Principles
Fundamental architectural rules for designing secure systems, ensuring robustness and ease of verification.
Principles
Open Design
Security must not depend on secrecy (Security by Obscurity). Mechanisms should be public and verifiable.
Default Deny
Access denied by default; permissions must be explicitly granted.
Least Privilege
Every process and user operates with minimum permissions necessary for their task.
Economy of Mechanism
Keep security mechanisms as simple and small as possible to facilitate verification and testing.
Acceptability
Security measures must be user-friendly; overly burdensome controls will be bypassed.
Complete Mediation
Every access to every object must be checked for authorisation, including during exception handling.
Separation of Privilege
Require multiple pieces of evidence (e.g., two-factor authentication) before granting access.
Least Common Mechanism
Minimise shared security mechanisms among users to limit potential leakages.