Category:Principle

This category is for tagging articles related to application security principles.

What's an application security principle?
Application security principles are fundamental security rules that describe the right behaviors and/or designs an application can have to improve its security posture. Principles are general rules that are not tied to a specific application type and can be used in various software development life cycles.

Principles are important because they help us make security decisions in new situations with the same basic ideas. By considering each of these principles, we can derive security requirements, make architecture and implementation decisions, and identify possible weaknesses in systems.

The important thing to remember is that in order to be useful, principles must be evaluated, interpreted, and applied to address a specific problem. Although principles can serve as general guidelines, simply telling a software developer that their software must "fail safely" or that they should do "defense in depth" won't mean that much.

Some proven application security principles

 * Apply defense in depth (complete mediation)
 * Use a positive security model (fail safe defaults)(minimize attack surface)
 * Fail safely
 * Run with least privilege
 * Avoid security by obscurity (open design)
 * Keep security simple (verifiable)(economy of mechanism)
 * Detect intrusions (compromise recording)
 * Don’t trust infrastructure
 * Don’t trust services
 * Establish secure defaults (psychological acceptability)

Applying security principles
Consider the exercise of designing a simple web application that allows people to send email to a friend. By evaluating and interpreting each principle, we can arrive at many of the threats to this application and ultimately derive a set of protection requirements. We want to end up with a complete list of what is required to offer this service securely.

TBD: walk through this exercise