This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles
Nov.-Dec. 2012 (vol. 10 no. 6)
pp. 20-25
Richard E. Smith, Cryptosmith
In 1975, Jerome Saltzer and Michael Schroeder published "The Protection of Information in Computer Systems," which outlined a series of design principles for secure systems. Some principles, like separation of privilege and least privilege, have become staples of information security practice. Other principles, like simplicity and complete mediation, have failed to thrive. Attempts to codify information security principles for general practice have also failed to thrive. With a few exceptions, modern textbooks either entirely omit lists of principles or present only the 1975 list. Although such lists might provide useful, if incomplete, guidelines for practitioners, their principal value might be in teaching students the fundamental concepts of information security.
Index Terms:
Information security,Standards,Cryptography,Design methodology,Privacy,Computer security,Schroeder,security,protection mechanisms,Saltzer
Citation:
Richard E. Smith, "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles," IEEE Security & Privacy, vol. 10, no. 6, pp. 20-25, Nov.-Dec. 2012, doi:10.1109/MSP.2012.85
Usage of this product signifies your acceptance of the Terms of Use.