Thursday, September 13, 2012

10 Security Design Principle for your Computer

We have seen that security is guarding use’s data and programs against interface by entities external to a system like unauthorized person. Thus security designs provide need special emphasis.

security for computers


In general, security measures include control and monitoring of physical access to the computer premises as well as the internal, computer system security. External or physical security includes the standard techniques of fencing, surveillance, authentication, and attendance monitoring. Additional access restriction may be imposed in special areas, such as the computer center and storage areas for backup volumes Physical security may also include measures for disaster recovery. Which often amount of replication of critical data and equipment at geographically dispersed locations to minimize exposure to the consequences of disasters such as fire or flood .Seltzer and Schroeder (1975) have identified the following general design principles for protection mechanisms.
speed up a pc

1. Least privilege

 Every subject should use the least set of privileges necessary to complete its task. This principle limits the damage from Trojan horse attacks. It effectively advocates support for small protection domains and switching of domains when the access needs change.

2. Separation of privilege

When possible, access to objects should depend on satisfying more than one condition.

3.Least common mechanism

This approach advocates minimizing the amount of mechanism common to and depended upon by multiple users, Design implication, include the incorporation of techniques for separating users, such as logical separation via virtual machines and physical separation on different machines in distributed systems

4.Economy of mechanism

Keeping the design as simple as possible facilitates verification and correct implementations.

5.Complete mediation

Every access request for every object should be checked for authorization, the checking mechanism should be efficient because it has a profound influence on system performance.

6.Fall-safe default

Access rights should be acquired by explicit permission only, and the default should be back of access.

7.Open design

The design of the security mechanism should not be secret, and it should not depend on the ignorance of attackers, this implies the use o cryptographic system where the algorithms are known but the keys are secret.

8.User acceptability

The mechanism should provide case of use so that it is applied correctly and not circumvented by users.

9.User Friendlily

Computer System security mechanism include authentication, access control, flow control auditing and cryptography.

10. Other

To which the user is supposed to apply a secret transformation,such as squaring and incrementing the value.Failure to do so may be used to detect unauthorized users.

No comments:

Post a Comment