Security Design
Introduction
When it comes to designing any security mechanism for a system, the security design principles are involved. The main aim of having such principles is the development of a safe system. The end product is getting a security system free from any form of flaws and the prevention of unwanted access to a system in question.
Economy of Mechanisms
This type of fundamental principle of security elaborates and explains measures concerning security that involves the implementation, especially in software and hardware, thus meaning it ought to be small and straightforward. In other words, the principle suggests that the design principles in place simple to expand the kind of protection that can be used in both software and hardwires. The economy of Mechanisms thus indicates that it’s easier to test and, as a result, be able to dig deeper into a more relatively smooth but minute structure.
Additionally, suppose the Economy of Mechanism is employed in a system. In that case, it gives the testers a better chance of exploiting the weaknesses found in a designed security mechanism, which is always helpful when the security mechanisms being designs are complicated and challenging. Fundamentally, the simpler a design is, the easier it will be when updating is necessary, as well as when the need arises of modifying the system in general.
Unfortunately, when the practice is involved economy of a mechanism is not the best security design to employ as this principle requires additional security features to be incorporated in both the hardware and the software. The addition of security features continues results in a much more complex security design eliminating the initial aim of having a simple and smaller design to work with.
Fail-safe Defaults
In this protocol, access to any system mechanism should be based on authorization instead of elimination despite the access being denied or permitted. This means that default wise the system’s mechanism must have a deficiency in terms of access; thus security mechanism’s primary goal is to identify the state where access involves such tools ought to be allowed. This is a clear indication that when a fail-safe default principle is employed in security designs, the default mechanism access to any system’s security cannot be allowed. However, for the access to be termed as acceptable, privileges attributed to the mechanism in question have to be availed.
This kind of principle’s primary goal is to prevent any unsanctioned access to a security system. This means that Fail-safe Defaults permits entry following the available permissions, mainly when errors occur during the security mechanism’s designing. In cases mistakes happen and affect the system of granting access, the system’s mechanism automatically fails as it Denys any form of entry.
Furthermore, occurrences of a slight mistake during the process of the security-related mechanism responsible for access grating, primarily based on an exclusion, the results are a failed mechanism and thus not the most secure situation.
The two are the basic security designs that indicate the security-related strategies that should be considered in designing all the security mechanisms that can be found in a system. Also, the principle used should be in a position to evaluate the total security of a system, thus avoiding errors that may be expedient by a user.
References
Levin, T. E., Irvine, C. E., Benzel, T. V., Bhaskara, G., Clark, P. C., & Nguyen, T. D. (2007). Design principles and guidelines for security (No. NPS-CS-07-014). NAVAL POSTGRADUATE SCHOOL MONTEREY CA CENTER FOR INFORMATION SYSTEMS SECURITY STUDIES AND RESEARCH.
Neha T. (2020, May 9). Fundamental security design principles. Binary Terms. Retrieved August 27, 2020, from https://binaryterms.com/fundamental-security-design-principles.html
Stawowski, M. (2007). The principles of network security design. ISSA Journal, 29-31.