The Protection of Information in Computer Systems explained

The Protection of Information in Computer Systems is a 1975 seminal publication by Jerome Saltzer and Michael Schroeder about information security.^{[1] [2]} The paper emphasized that the primary concern of security measures should be the information on computers and not the computers itself.^[3]

It was published 10 years prior to Trusted Computer System Evaluation Criteria, commonly known as the Orange Book.^[4]

Design principles

The following design principles are laid out in the paper:

• Economy of mechanism: Keep the design as simple and small as possible.
• Fail-safe defaults: Base access decisions on permission rather than exclusion.
• Complete mediation: Every access to every object must be checked for authority.
• Open design: The design should not be secret.
• Separation of privilege: Where feasible, a protection mechanism that requires two keys to unlock it is more robust and flexible than one that allows access to the presenter of only a single key.
• Least privilege: Every program and every user of the system should operate using the least set of privileges necessary to complete the job.
• Least common mechanism: Minimize the amount of mechanism common to more than one user and depended on by all users.
• Psychological acceptability: It is essential that the human interface be designed for ease of use, so that users routinely and automatically apply the protection mechanisms correctly.
• Work factor: Compare the cost of circumventing the mechanism with the resources of a potential attacker.
• Compromise recording: It is sometimes suggested that mechanisms that reliably record that a compromise of information has occurred can be used in place of more elaborate mechanisms that completely prevent loss.

See also

• Common Criteria

External links

• The Protection of Information in Computer Systems. Symposium on Operating Systems Principles. April 17, 1975. Jerome. Saltzer. Michael. Schroeder.

Notes and References

1. Smith . Richard E. . November 2012 . A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles . . 10 . 6 . 20–25 . 10.1109/MSP.2012.85 . 1540-7993 . 13371996.
2. Web site: Seeley . Nicholas . Seminal Papers in Cybersecurity: A Review (Part 2 of 2) . 2024-11-11 . . en-us.
3. Samonas . Spyridon . Coss . David . 2014 . The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security . Journal of Information Systems Security . en . 10 . 3 . 21–45.
4. Book: Smith, Sean . The Craft of System Security . Marchesini . John . . 2007 . 9780132797542.