The Community for Technology Leaders
Green Image
Issue No. 06 - Nov.-Dec. (2012 vol. 10)
ISSN: 1540-7993
pp: 20-25
Richard E. Smith , Cryptosmith
ABSTRACT
In 1975, Jerome Saltzer and Michael Schroeder published "The Protection of Information in Computer Systems," which outlined a series of design principles for secure systems. Some principles, like separation of privilege and least privilege, have become staples of information security practice. Other principles, like simplicity and complete mediation, have failed to thrive. Attempts to codify information security principles for general practice have also failed to thrive. With a few exceptions, modern textbooks either entirely omit lists of principles or present only the 1975 list. Although such lists might provide useful, if incomplete, guidelines for practitioners, their principal value might be in teaching students the fundamental concepts of information security.
INDEX TERMS
Information security, Standards, Cryptography, Design methodology, Privacy, Computer security, Schroeder, security, protection mechanisms, Saltzer
CITATION
Richard E. Smith, "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles", IEEE Security & Privacy, vol. 10, no. , pp. 20-25, Nov.-Dec. 2012, doi:10.1109/MSP.2012.85
98 ms
(Ver )