CYB 515- Principles of Cybersecurity Reference Guide
docx
keyboard_arrow_up
School
Grand Canyon University *
*We aren’t endorsed by this school
Course
515
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
5
Uploaded by JusticeFogTurtle567
Dorita Adams
Principles of Cybersecurity Reference
Guide February 27, 2024
Principles
Definition
Security Importance
Separation (ofdomains/duties)
Partitioning distinct systems
to block unauthorized entry and minimize the effects of a security compromise.
Limits potential vulnerabilities by segregating duties and functions, thereby increasing the difficulty for an attacker to exploit the whole system. (Imperva, n.d)
Isolation
Establishing divisions among various software applications to localize the effects of security breaches.
This approach is crucial because it hinders the propagation of an attack, guaranteeing that the compromise of one component does
not jeopardize the integrity of others. (Plankers, 2020)
Encapsulation
Encapsulating components so that their internal mechanisms are concealed, with access managed via clearly defined interfaces.
This facilitates secure and regulated interaction among system parts, deters unauthorized tampering, and safeguards the encapsulated components' integrity.
Modularity
Promotes the division of a system into smaller, independently interchangeable units.
Modularity is crucial as it enables simpler oversight and updates of individual elements without impacting the whole system. (Silverthread, July 14).
Simplicity of Design (economy
of mechanism)
A straightforward design diminishes the chance of security flaws and simplifies
comprehension and oversight.
The simplicity of the design contributes to enhanced security due to the reduced number of components to examine, thereby lowering the risk of mistakes or oversights. (pearson, 2003).
Minimization of implementation (least common
mechanism)
Reducing the reliance on shared resources among various users or elements.
By curtailing shared elements, the spread of a breach is confined, thereby boosting overall security. (Pearson, 2003).
Open Design
Open design fosters transparency and reliability by welcoming outside examination and confirmation.
It enables public oversight, enhancing the probability of detecting and rectifying security flaws. (Pearson, 2003).
Complete Mediation
Aids in averting the bypassing of security protocols.
It guarantees the uniform application of security measures, eliminating opportunities
for unauthorized entry. (Pearson, 2003).
Layering (defense in depth)
Applying various layers of security defenses to guard against diverse attack vectors.
This approach, characterized by redundancy
and robustness, complicates the process for attackers aiming to breach the entire system.
(Fortinet, n.d).
Least Privilege
Granting users only the essential access or permissions needed for their
tasks.
This strategy reduces the risk and impact of a security breach by limiting the number of potential targets. (Pearson, 2003).
Fail-Safe Defaults (open/secure)
In the case of errors or malfunctions, systems ought
to revert to a secure default condition.
This fail-safe measure blocks unauthorized access and reduces the likelihood of security
breaches when systems encounter failures. (Pearson, 2003).
Least Astonishment (psychological acceptability)
Concentrates on developing security features that resonate with users' anticipations and cognitive frameworks.
This is crucial for gaining user trust and ensuring compliance with security protocols, as systems that operate contrary to user expectations can encourage unsafe behaviors. (Pearson, 2003).
Minimize Trust Surface (reluctance to trust)
Pertains to the locations within a system where trust is conferred.
By decreasing the extent of the trust surface,
the chances for attackers to manipulate trust connections are diminished, and the potential consequences of a breached trust point are constrained. (NcyteCenter, n.d).
Usability
Guarantees that users are able to use security functions properly and efficiently.
This promotes adherence to secure practices
and prevents security protocols from being bypassed because of user irritation or misunderstanding. (NcyteCenter, n.d).
Trust Relationships
Establishing and maintaining trust relationships is crucial for security.
Trust must be cautiously granted where it's absolutely required, and the conditions of trust relationships need to be explicitly outlined to reduce the chances of misuse. (NcyteCenter, n.d).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
Dependency Analysis for Code Security.
https://www.silverthreadinc.com/post/the- importance-of-modularity-in-software-security-and-applying-dependency-analysis- for-code-security
Fortinet, (n.d). Defense in Depth.
https://www.fortinet.com/resources/cyberglossary/defense- in-depth
Imperva, (n.d). Separation of Duty
. https://www.imperva.com/learn/data-security/separation- of-duties/
NcyteCenter, (n,d). Cybersecurity Principles
. https://www.ncyte.net/faculty/cybersecurity- curriculum/college-curriculum/interactive-lessons/cybersecurity-principles
Pearson, (2003). InformIT: Design Principles for Security Mechanisms
. https://www.informit.com/articles/article.aspx?p=30487&seqNum=2#:~:text=The
%20principle%20of%20economy%20of%20mechanism%20states%20that,fewer
%20components%20and%20cases%20need%20to%20be%20tested.
Plankers, B. (2020). The Importance of Isolation for Security. https://blogs.vmware.com/vsphere/2020/07/importance-of-isolation-for-security.html
Sumo logic (n.d) What is Encapsulation
. https://www.sumologic.com/glossary/encapsulation/ Silverthread (July 14). The Importance of Modularity in Software Security and Applying