D Cheat Sheets

Your conscious mind should be used as a focusing tool, not a storage place.

—David Allen

Chapter 1

Classic Security Principles

Information Security (C-I-A)
Confidentiality Allow only authorized data access—don’t leak information
Integrity Maintain data accurately—don’t allow unauthorized modification or deletion
Availability Preserve the availability of data—don’t allow significant delays or unauthorized shutdowns
Gold Standard
Authentication High-assurance determination of the identity of a principal
Authorization Reliably only allowing an action by an authenticated principal
Auditing Maintaining a reliable record of actions by principals for inspection

Chapter 2

The Four Questions

  • What are we ...

Get Designing Secure Software now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.