Explain the following basic security principles: fail-safe default, complete mediation, open design, separation of privilege, least privilege, isolation, defense in depth (layering)
`Hey,
Note: Brother if you have any queries related the answer please do comment. I would be very happy to resolve all your queries.
The principle of fail-safe defaults states that, unless a subject is given explicit access to an object, it should be denied access to that object. This principle requires that the default access to an object is none.
The principle of complete mediation requires that all accesses to objects be checked to ensure they are allowed. Whenever a subject attempts to read an object, the operating system should mediate the action. First, it determines if the subject can read the object. If so, it provides the resources for the read to occur
The principle of open design states that the security of a mechanism should not depend on the secrecy of its design or implementation. Designers and implementers of a program must not depend on secrecy of the details of their design and implementation to ensure security
The principle of separation of privilege states that a system should not grant permission based upon a single condition. This principle is equivalent to the separation of duty principle
The principle of least privilege (POLP), an important concept in computer security, is the practice of limiting access rights for users to the bare minimum permissions they need to perform their work.
Security isolation relates to the principles of least privilege and privilege separation. Security isolation is commonly used in two broad ways, depending on the threat model. First, it can be used to safely execute a program that is not trusted or not yet trusted.
Defense in depth defined. Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information. If one mechanism fails, another steps up immediately to thwart an attack.
Kindly revert for any queries
Thanks.
Explain the following basic security principles: fail-safe default, complete mediation, open design, separation of privilege, least...