Skip to content

Security Principles

From CS 161 Slides

  • Know your threat model
  • Security is economics
  • Don’t rely on security through obscurity
  • Least privilege. (Sandboxing is helpful here!)
  • Defense in depth
  • Consider human factors
  • Make your system easy to use in a secure way
  • Defense in depth
  • Design security in from the start
  • Ensure complete mediation
  • Division of trust
  • Make your TCB as small as possible
  • Detect if you can't prevent
  • Use fail-safe defaults
  • Protect at the lowest possible layer