Category:Principle

From OWASP
Revision as of 17:11, 10 April 2006 by Jeff Williams (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Links

A. http://web.mit.edu/Saltzer/www/publications/protection/Basic.html (Saltzer and Schroeder)(see Section 3)

B. http://news.com.com/2008-1082-276319.html (McGraw)

C. OWASP Guide


  • Fail safely
  • Run with least privilege (least privilege)
  • Avoid security by obscurity (open design)
  • Use a positive security model (fail safe defaults)(minimize attack surface)
  • Apply defense in depth (complete mediation)
  • Keep security simple (verifiable)(economy of mechanism)
  • Detect intrusions (compromise recording)
  • Don’t trust infrastructure
  • Don’t trust services
  • Establish secure defaults (psychological acceptability)(secure defaults)



Some of the security mechanisms help when you’re implementing these principles. This is just a rough pass that needs some more work. It can’t be done with just a bullet list, you really need more like a paragraph on each of these.


  • Fail safely
    • Error handling
    • Good logic
  • Run with least privilege
    • Access control
  • Avoid security by obscurity
    • Secure configuration files
  • Use a positive security model
    • Input validation
    • Output encoding
    • Access control
  • Apply defense in depth
    • Boundary validation
  • Keep security simple
    • Centralized security mechanisms
  • Detect intrusions(compromise recording)
    • Input validation
    • Authentication
    • Logging
    • Availability protection
  • Don’t trust infrastructure
    • SSL
    • Encrypt sensitive data
    • Prevent injection
  • Don’t trust services
    • SSL, Authentication, Access control, Input validation, error handling, logging, output validation
  • Establish secure defaults (psychological acceptability)(secure defaults)
    • Notify users
    • Secure “out of the box”