Lecture 6: Principles of Secure Design

Date: October 9, 2013
Homework due: Oct. 18 at 5:00pm

  1. Why secure design is important
  2. Underlying concepts
    1. Simplicity
    2. Restrictiveness
  3. Principles of secure design
    1. Principle of least privilege
    2. Principle of fail-safe defaults
    3. Principle of economy of mechanism
    4. Principle of complete mediation
    5. Principle of open design
    6. Principle of separation of privilege
    7. Principle of least common mechanism
    8. Principle of least astonishment
  4. Discussion topic

Discussion Topic

An attacker has changed the home page of the New York Times. The new version indicates disgust with one of the Times’ reporters. Throughout this puzzle, assume that no other damage was done.

  1. If their intent was to show that the New York Times needed better security on their web page, was this an appropriate technique? Why or why not?
  2. The attackers feel that the reporter wronged one of their friends. The Times ignored their letters and protests. So they decided on a more noticeable protest. Was this an appropriate form of protest? Why or why not?

You can also obtain a PDF version of this. Version of October 8, 2013 at 10:06PM