From Cryptographic Security Architecture: Design and Verification

2.1 Security Features of the Architecture

Security-related functions that handle sensitive data pervade the architecture, which implies that security needs to be considered in every aspect of the design and must be designed in from the start (it's very difficult to bolt on security afterwards). The standard reference on the topic [1] recommends that a security architecture have the properties listed below, with annotations explaining the approach towards meeting them used in cryptlib:

  • Permission-based access: The default access/use permissions should be deny-all, with access or usage rights being made selectively available as required. Objects are only visible to the process that created them, although the default object-access setting makes it available to every thread in the process. This arises from the requirement for ease of use having to explicitly hand an object off to another thread within the process would significantly reduce the ease of use of the architecture. For this reason, the deny-all access is made configurable by the user, with the option of making an object available throughout the process or only to one thread when it is created. If the user specifies this behaviour when the object is created, then only the creating thread can see the object unless it explicitly hands off control to another thread.

  • Least privilege and isolation: Each object should operate with the least privileges possible to minimise damage due to inadvertent behaviour or malicious attack, and objects should be kept logically separate in order to reduce inadvertent or deliberate compromise of the...

Copyright Springer-Verlag New York, Inc. 2004 under license agreement with Books24x7

Products & Services
Thread Rolling Dies
Thread rolling dies are used to cold-form external threads or splines by pressing a hardened die into a rotating workpiece. Thread rolling produces stronger threads than those machined with a cutting tool and is generally less expensive.
Video Cameras
Video cameras record live-action scenes that are available for viewing via a stored or transmitted video feed. This allows the user to create a permanent and detailed chronicle of events. Video cameras record dozens of pictures (or frames) a second that when viewed in succession, clearly distinguish the translation of an object or person over time.
Smart Cameras
Smart cameras are stand-alone camera systems that contain an image sensor, integrated processor, and communication interface. They can be programmed for machine vision, security, and other imaging applications.
UV Cameras
UV cameras are augmented video cameras meant to capture ultraviolet radiation below the visible spectrum of light. This is most frequently accomplished by the use of a UV-pass filter, a quartz lens, a CCD image sensor, and specialty illumination techniques. This allows greater clarity of minute details.
CCD Cameras
CCD (couple-charged device) cameras are a type of image capture device that utilize an image sensor to register visible light as a recordable electronic signal to visually archive captured stills and video. Of the three types of digital cameras (the others being CMOS and CID), CCD cameras are the most developed and commonly used.

Topics of Interest

3.1 Kernel Message Processing The cryptlib kernel acts as a filtering mechanism for all messages that pass through it. applying a configurable set of filtering rules to each message. These rules are...

This glossary is intended to explain uncommon technical terms and acronyms in the context in which they are used in this book. It is not intended to serve as a general-purpose glossary, or as a...

I am a man of fixed and unbending principles, the first of which is to be flexible at all times. Everett Dirksen Overview Saltzer and Schroeder (Saltzer 1975) in 1975 created a list of principles...

Authorization and Least Privilege No security design would be complete without some authorization checks on the server. Least privilege means that a user has no more access than is absolutely...

Introduction Access control in computing is motivated by the need to divulge access to information and available computing resources and services to authorized entities only. An entity is a generic...