Implement and Manage Engineering Processes Using Secure Design Principles
In this section of this tutorial, we’ll take a look at engineering processes using secure design principles to help you understand the different aspects of engineering design principles.
Objects : Resources, which may be in the form of data, services or processes access by the subject are known as Object.
Subject : The subject is any user or process, which generates the request to access a resource.
In different access requests, the same resource can serve as Object and Subject.
CIA: stands for Confidentiality, Integrity and availability. Different techniques are enforced to ensure the confidentiality, integrity, and availability of data. Some of these technique follows:
- Process Isolation
- Software Confinement
- Bounds with limitations and restrictions
- Least Privileges Policy
Controls: The major component of designing a secure architecture. Access controls, is restrict unauthorized access, intrusion, and malicious activities. There are two different types of access controls:
- Mandatory Access Control (MAC)
- Discretionary Access Control (DAC)