Design Principles and Guidelines for Security

Abstract

This report provides a distillation, synthesis and organization of key principles for the construction of secure computing systems, and supports the analysis with examples where needed for clarity. Our conclusions reflect a broad range of previous related work including the landmark study by Saltzer and Schroeder and several subsequent reports. We found that some of the early design principles required re-examination due to, for example, advances in performance and extensibility as well as the effects of various new technologies. We focus on a concise summary articulation of the principles as they apply to the development of the most elemental components of a basic security system. The results are organized into several major categories: structure, logic and function, system lifecycle, and lessons learned.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 21, 2007
Accession Number
ADA476035

Entities

People

  • Cynthia E. Irvine
  • Ganesha Bhaskara
  • Paul C. Clark
  • Terry V. Benzel
  • Thuy D. Nguyen
  • Timothy E. Levin

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Communication Channels
  • Complex Systems
  • Computer Access Control
  • Computer Networks
  • Computer Programming
  • Computer Science
  • Computers
  • Computing System Architectures
  • Construction
  • Cryptography
  • Cybersecurity
  • Information Science
  • Information Systems
  • Lessons Learned
  • Operating Systems
  • Security
  • Systems Engineering

Readers

  • Software Engineering.
  • Systems Analysis and Design