head.daveops.net

Snippets for yer computer needs

Concepts

Concepts

@security

Confidentiality, Integrity, Availability

Understand the issues, risks Assess, plan, design/architect

Principle of Least Privilege

When designing a security policy, be it a firewall rule, or filesystem permissions, never give more than the necessary permissions to get the job done. Doing so reduces the attack surface, and weakens (though does not eliminate) the potency of compromise. It’s easier to loosen rules than to tighten them later.

Appropriateness

The appropriateness of a security architecture is that it meeds the confidentiality/integrity/availability needs of an organization. It balances security, risk mitigation, usability, and costs.

Non-repudiation

Where an action cannot be denied, proof of data integrity.

Business continuity

One of the chief goals of security is that business continuity is ensured. Beyond simple security practices, this is having systems in place that can tolerate failure so that business continues with little/no affect.

Hardening

A hardened system has these characteristics:

References