Cybersecurity

Cybersecurity First principles

Domain Separation

Domain is any collection of bits
Separation allows flexible policy enforcement

Process Isolation

Process is a program running on a computer
Isolation prevents tamper and interference

Resource Encapsulation

Computing resource: memory, disk, network bandwidth, etc
Encapsulation: Controlled access to resources

Least Privilege

Privilege: Right for the user to act on computer resources
Giving only necessary privileges creates accountability and prevents misuse

Layering

Layer: A level that an attacker has to clear to reach your data and programs
More layers slow down an attacker

Information Hiding

Only expose data necessary to carry out the users job
Log all access attempts

Abstraction

A simpler view of something complicated
Complexity can hide bugs and malicious behaviors

Simplicity

Easier to understand and analyze unwanted access paths
Configure the system correctly

Modularity

Compose independent and interchangeable components
Compartmentalization of function and failure

Minimization

Reduce the attack surface
Least functionality necessary

Appreciate

Credits:

Created with images by anyaberkut - "internet security and data protection concept, blockchain and cybersecurity" • 義美前田 - "チューリップ。ひたちなか　茨城　日本。４月中旬。" • Erwan Hesry - "untitled image" • geralt - "registration login keyboard" • ivanacoi - "domino hand stop" • Henry & Co. - "untitled image" • markito - "solar eclipse sun blackout" • MikesPhotos - "bmw car vehicle" • mhoppsy - "cell phone cellular phone cellular" • aitoff - "stormtrooper skateboard lego" • Neil Soni - "untitled image"