Cybersecurity Principles (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the Cybersecurity Principles Knowledge Unit is to provide students with basic security design fundamentals that help create systems that are worthy of being trusted.


To complete this KU, students should be able to:

  1. Define the principles of cybersecurity.
  2. Describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies.
  3. Analyze common security failures and identify specific design principles that have been violated.
  4. Given a specific scenario, identify the design principles involved or needed.
  5. Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms.


  1. Principles (must cover all of the sub-topics)
    1. Separation (of domains/duties)
    2. Isolation
    3. Encapsulation
    4. Modularity
    5. Simplicity of design (Economy of Mechanism)
    6. Minimization of implementation (Least Common Mechanism)
    7. Open Design
    8. Complete Mediation
    9. Layering (Defense in depth)
    10. Least Privilege
    11. Fail Safe Defaults / Fail Secure
    12. Least Astonishment (Psychological Acceptability)
    13. Minimize Trust Surface (Reluctance to trust)
    14. Usability
    15. Trust relationships



Packet, risk, secure system, trust, trusted system, trustworthy, vulnerability

NICE Framework Categories[edit]

Specialization Areas[edit]

Because it is a Foundational KU, it is by default in all Specialization Areas.

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Reference: Design Principles Michael Gegick and Sean Barnum. Published: September 19, 2005 | Last revised: May 13, 2013


Reference ID[edit]