A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles

Richard E. Smith

doi:10.1109/MSP.2012.85

Security&Privacy
2012
Issue No. 6 - Nov.-Dec.
Abstract - A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Richard E. Smith

A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles

Nov.-Dec. 2012 (vol. 10 no. 6)

pp. 20-25

	ASCII Text	x
	Richard E. Smith, "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles," IEEE Security & Privacy, vol. 10, no. 6, pp. 20-25, Nov.-Dec., 2012.

	BibTex	x
	@article{ 10.1109/MSP.2012.85, author = {Richard E. Smith}, title = {A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles}, journal ={IEEE Security & Privacy}, volume = {10}, number = {6}, issn = {1540-7993}, year = {2012}, pages = {20-25}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2012.85}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security & Privacy TI - A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles IS - 6 SN - 1540-7993 SP20 EP25 EPD - 20-25 A1 - Richard E. Smith, PY - 2012 KW - Information security KW - Standards KW - Cryptography KW - Design methodology KW - Privacy KW - Computer security KW - Schroeder KW - security KW - protection mechanisms KW - Saltzer VL - 10 JA - IEEE Security & Privacy ER -

Richard E. Smith, Cryptosmith

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2012.85

In 1975, Jerome Saltzer and Michael Schroeder published "The Protection of Information in Computer Systems," which outlined a series of design principles for secure systems. Some principles, like separation of privilege and least privilege, have become staples of information security practice. Other principles, like simplicity and complete mediation, have failed to thrive. Attempts to codify information security principles for general practice have also failed to thrive. With a few exceptions, modern textbooks either entirely omit lists of principles or present only the 1975 list. Although such lists might provide useful, if incomplete, guidelines for practitioners, their principal value might be in teaching students the fundamental concepts of information security.

Index Terms:

Information security,Standards,Cryptography,Design methodology,Privacy,Computer security,Schroeder,security,protection mechanisms,Saltzer

Citation:

Richard E. Smith, "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles," IEEE Security & Privacy, vol. 10, no. 6, pp. 20-25, Nov.-Dec. 2012, doi:10.1109/MSP.2012.85

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.