Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Mobile security wikipedia , lookup
Trusted Computing wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Information privacy law wikipedia , lookup
Information security wikipedia , lookup
Computer security wikipedia , lookup
Cybersecurity First Principles Janica Edmonds Cybersecurity Introduction 2 Security Needs Confidentiality Integrity Availability 3 Security Threats A potential occurrence, malicious or otherwise, that might damage or compromise assets. • Interception – asset is diverted. • Interruption – asset is delayed • Modification – asset is altered. • Fabrication – asset is manufactured. 4 Security Assets Components of the system or network. • Hardware • Software • People • Data 5 Cybersecurity First Principles Domain separation Process Isolation Resource encapsulation Layering Modularization Least Privilege Information hiding Abstraction Simplicity Minimization 6 Domain Separation Separating areas where resources are located prevents accidents and loss of data, keeping information worlds from colliding. 7 Process Isolation A process occurs when a task is executed. Keeping processes separate prevents the failure of one process from negatively impacting another. 8 Resource Encapsulation Resources – hardware, system objects, or processes – must be separated and used as intended. 9 Layering Multiple layers of defense protect information. If one layer is defeated, the next one should catch it. 10 Modularization Able to be inserted or removed from a project; each module has its own function, interchangeable with other modules. 11 Least Privilege Limits what access people have to your resources and what they can do with them. 12 Information Hiding Any attempt to prevent people from being able to see information. 13 Abstraction Abstraction is a fancy word for summarizing or explaining in a way that can be easily understood. 14 Simplicity If something is less complicated, it is less likely to have problems and it is easier to troubleshoot and fix. 15 Minimization Minimization’s goal is to simplify and decrease the number of ways the software can be exploited. 16