Design principles for secure systems
نویسندگان
چکیده
We try to buy good enough locks so that the "bad guys" can't break in too often. The terms "good enough," "break in" and "too often" are key. We also assume that the police and courts work, so "bad guys" are caught and punished. "Police" in this context is a generic term for any agency that might pursue offenders; it includes the corporate hierarchy or the legal system. Similarly, the "bad guys" could be anyone, anywhere, including system operators for the system being secured. By "often enough" we don't mean always but enough so that crime doesn't pay. In other words, the expected gain from committing a crime must be negative. Value is an important aspect of this characterization, because generally we do not protect things of little value.
منابع مشابه
Information Systems Principles for Developing Secure Information Systems
Even though there have been several Information Systems Security (ISS) methods put forward, especially the ISS design theory framework and six kernel theories with distinctive principles of Siponen and Iivari (2006), these methods very often lack security features referencing the actual users themselves. This study proposes that, when developing secure systems without design principles focused ...
متن کاملTeaching Security Engineering Principles
The design and construction of secure systems cannot be entirely captured in textbooks or class notes, but must be taught as an art which is learned through apprenticeship and practice. This paper describes a course in Secure Systems that uses the Flaw Hypothesis Methodology for penetration testing as a vehicle for motivating and teaching students fundamental principles of security
متن کاملTowards Secure Web
The Web is now the dominant platform for delivering interactive applications to hundreds of millions of users. Correspondingly, web browsers have become the de facto operating system for hosting these web-based applications (web apps). Unfortunately, web apps, browsers, and operating systems have all become popular targets for web-based attacks, intensifying the need for secure web browsing sys...
متن کاملTowards Secure Time-Triggered Systems
This paper presents the development of a novel joint safety and security architecture for dependable embedded time-triggered systems. While fault-tolerance properties of time-triggered protocols have been very well studied, research on security aspects for time-triggered systems have hardly been covered. Therefore, we explore system design principles which efficiently realize security mechanism...
متن کاملBeyond usability: Security Interactions as Risk Perceptions
Translucent security argues for the integration of the human element in the design of secure systems and secure components in a systematic manner. The following work details the theoretical arguments for translucent security and enumerates the principles behind the approach. After briefly listing the principles, the browser experience is critiqued for lack of translucence. Straight-forward chan...
متن کاملUser Interaction Design for Secure Systems
The security of any computer system that is configured and operated by human beings critically depends on the information conveyed by the user interface, the decisions of the computer users, and the interpretation of their actions. We establish some starting points for reasoning about security from a user-centred point of view, by modelling a system in terms of actors and actions and introducin...
متن کامل