D Cheat Sheets

Your conscious mind should be used as a focusing tool, not a storage place.

—David Allen

Chapter 1

Classic Security Principles

Information Security (C-I-A)
Confidentiality Allow only authorized data access—don’t leak information
Integrity Maintain data accurately—don’t allow unauthorized modification or deletion
Availability Preserve the availability of data—don’t allow significant delays or unauthorized shutdowns
Gold Standard
Authentication High-assurance determination of the identity of a principal
Authorization Reliably only allowing an action by an authenticated principal
Auditing Maintaining a reliable record of actions by principals for inspection

Chapter 2

The Four Questions

  • What are we ...

Get Designing Secure Software now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.