aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--synopsis.tex36
1 files changed, 26 insertions, 10 deletions
diff --git a/synopsis.tex b/synopsis.tex
index 24e43d9..e9ee48e 100644
--- a/synopsis.tex
+++ b/synopsis.tex
@@ -472,16 +472,32 @@ future. This idea known as security by design is based on several security
principles:
\begin{itemize}
- \item{Minimize attack surface area}
- \item{Establish secure defaults}
- \item{Principle of Least privilege}
- \item{Principle of Defense in depth}
- \item{Fail securely}
- \item{Don't trust services}
- \item{Separation of duties}
- \item{Avoid security by obscurity}
- \item{Keep security simple}
- \item{Fix security issues correctly}
+ \item \textbf{Minimize attack surface area}
+ The more features an application has, the higher the risk of it
+ being vulnerable to exploits, because the attack surface area is
+ bigger. It is encouraged to add only necessary functions and
+ make them simple.
+ \item \textbf{Establish secure defaults}
+ It means making security measures on by default, but allowing to
+ disable them, if a user wishes to.
+ \item \textbf{Principle of Least privilege}
+ Every entity in the application should have just as many
+ privileges and resources as they need to perform their actions,
+ and no more than that.
+ \item \textbf{Principle of Defense in depth}
+ The defense should be created by layered security mechanisms, so
+ if one of them becomes broken, the other ones may still prevent
+ the attack.
+ \item \textbf{Fail securely}
+ If a security mechanism fails and throws exceptions, it should
+ still serve its purpose and block the request that caused the
+ error.
+ \item \textbf{Don't trust services}
+ When an application is using third party services
+ \item \textbf{Separation of duties}
+ \item \textbf{Avoid security by obscurity}
+ \item \textbf{Keep security simple}
+ \item \textbf{Fix security issues correctly}
\end{itemize}
Microsoft created software development process which follows these principles,