Cybersecurity Principles (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the Cybersecurity Principles Knowledge Unit is to provide students with basic security design fundamentals that help create systems that are worthy of being trusted.

Outcomes[edit]

After completing the KU, students will be able to:

  1. Utilize a thorough understanding of the fundamental principles underlying cybersecurity, how these principles interrelate and are typically employed to achieve assured solutions, the mechanisms that may be built from or due to these principles.
  2. Given a particular scenario, students will be able to identify which fundamental security design principles are in play, how they interrelate and methods in which they should be applied to develop systems worthy of trust.
  3. Students will understand how failures in fundamental security design principles can lead to system vulnerabilities that can be exploited or lead to increased risk.

Topics[edit]

  1. Security Concepts
    • Confidentiality, Integrity, Availability
    • Access
    • Identification, Authentication, Authorization, Non-Repudiation
    • Privacy
    • Critical infrastructures
    • Security Models (Bell-La Padula, Biba, Clark Wilson, Brewer Nash, Multi-level security)
  2. General Fundamental design principles including:
    • Simplicity of design (Economy of Mechanism)
    • Open Design
    • Design for Iteration
    • Least Astonishment (Psychological Acceptability)
  3. Security Design Principles including:
    • Minimize Secrets
    • Complete Mediation
    • Fail-safe Defaults / Fail Secure
    • Least Privilege
    • Economy of Mechanism
    • Minimize of implementation (Least Common Mechanism)
    • Isolation, Separation and Encapsulation (including separation of duties)
    • Minimize Trust Surface (Reluctance to trust)
    • Usability
  4. Methods for Reducing Complexity including:
    • Abstraction
    • Modularity
    • Layering (Defense in depth)
    • Hierarchy

Skills[edit]

Vocabulary[edit]

Packet, risk, secure system, trust, trusted system, trustworthy, vulnerability

NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

Because it is a Foundational KU, it is by default in all Specialization Areas.

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Reference: Design Principles Michael Gegick and Sean Barnum. Published: September 19, 2005 | Last revised: May 13, 2013

Contacts[edit]

Reference ID[edit]

CSP