Fundamental Security Design Principles (Deprecated)

From CyberEdWiki
Jump to: navigation, search

This KU is proposed to be deleted in 2017[edit]

It has been incorporated into Cybersecurity Principles


The intent of this Knowledge Unit is to provide students with basic security design fundamentals that help create systems that are worthy of being trusted.


  1. Students will be able to list the first principles of security.
  2. Students will be able to describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies.
  3. Students will be able to analyze common security failures and identify specific design principles that have been violated.
  4. Given a specific scenario, students will be able to identify the needed design principles.
  5. Students will be able to describe why good human machine interfaces are important to system use.
  6. Students will understand the interaction between security and system usability and the importance for minimizing the affects of security mechanisms.


  • Describe and apply the cyber security principles including:
    1. Separation (of domains)
    2. Isolation
    3. Encapsulation
    4. Least Privilege
    5. Simplicity (of design)
    6. Minimization (of implementation)
    7. Fail Safe Defaults / Fail Secure
    8. Modularity
    9. Layering
    10. Least Astonishment
    11. Open Design
    12. Usability


Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Original Knowledge Unit

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]