(Secure) Software Design Principles

  • Economy of mechanism: Keep the design as simple and small as possible.
  • Fail-safe defaults: Base access decisions on permission rather than exclusion.
  • Complete mediation: Every access to every object must be checked for authority.
  • Open design: The design should not be secret, but rather depend on the possession of keys or passwords.
  • Separation of privilege: Where feasible, a protection mechanism should require two keys to unlock, rather than one.
  • Least privilege: Every program and every user of the system should operate using the least set of privileges necessary to complete the job.
  • Least common mechanism: Minimize mechanisms (or shared variables) common to more than one user and depended on by all users.
  • Psychological acceptability: It is essential that the human interface be designed for ease of use, so that users routinely and automatically apply the protection mechanisms correctly.

Whitman, Michael E. “Principles of Information Security


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s