Validate Input & Output
• All user input and user output should be checked to ensure it is both appropriate and expected.
• Allow only explicitly defined characteristics and drop all other data.
Fail Securely
• When it fails, it fails closed.
• It should fail to a state that rejects all subsequent security requests.
• A good analogy is a firewall. If a firewall fails it should drop all subsequent packets
Keep It Simple
• If a security system is too complex for its user base, it will either not be used or users will try to find measures to bypass it.
• This message applies equally to tasks that an administrator must perform in order to secure an application.
• This message is also intended for security layer API's that application developers must use to build the system.
Use & Reuse Components
• Using and reusing trusted components makes sense both from a resource stance and from a security stance.
• When someone else has proven they got it right, take advantage of it.
Defence In Depth
• Relying on one component to perform its function 100% of the time is unrealistic.
• While we hope to build software and hardware that works as planned, predicting the unexpected is difficult. Good systems don't predict the unexpected, but plan for it.
Only as Secure as the Weakest Link
• Careful thought must be given to what one is securing.
• Attackers are lazy and will find the weakest point and attempt to exploit it.
Security By Obscurity Won't Work
• It's naive to think that hiding things from prying eyes doesn't buy some amount of time.
• This strategy doesn't work in the long term and has no guarantee of working in the short term.
Least Privilege
• Systems should be designed in such a way that they run with the least amount of system privilege they need to do their job.
Compartmentalization (Separation of Privileges)
• Compartmentalizing users, processes and data helps contain problems if they do occur.
• Compartmentalization is an important concept widely adopted in the information security realm.
• All user input and user output should be checked to ensure it is both appropriate and expected.
• Allow only explicitly defined characteristics and drop all other data.
Fail Securely
• When it fails, it fails closed.
• It should fail to a state that rejects all subsequent security requests.
• A good analogy is a firewall. If a firewall fails it should drop all subsequent packets
Keep It Simple
• If a security system is too complex for its user base, it will either not be used or users will try to find measures to bypass it.
• This message applies equally to tasks that an administrator must perform in order to secure an application.
• This message is also intended for security layer API's that application developers must use to build the system.
Use & Reuse Components
• Using and reusing trusted components makes sense both from a resource stance and from a security stance.
• When someone else has proven they got it right, take advantage of it.
Defence In Depth
• Relying on one component to perform its function 100% of the time is unrealistic.
• While we hope to build software and hardware that works as planned, predicting the unexpected is difficult. Good systems don't predict the unexpected, but plan for it.
Only as Secure as the Weakest Link
• Careful thought must be given to what one is securing.
• Attackers are lazy and will find the weakest point and attempt to exploit it.
Security By Obscurity Won't Work
• It's naive to think that hiding things from prying eyes doesn't buy some amount of time.
• This strategy doesn't work in the long term and has no guarantee of working in the short term.
Least Privilege
• Systems should be designed in such a way that they run with the least amount of system privilege they need to do their job.
Compartmentalization (Separation of Privileges)
• Compartmentalizing users, processes and data helps contain problems if they do occur.
• Compartmentalization is an important concept widely adopted in the information security realm.