NIST Principles of Secure System DesignRate:


Table of Contents
NIST Principles of Secure System Design
Tags: Cybersecurity, Cyber Security, Principles

Designing secure systems in today's complex technological landscape requires more than just basic security rules. The National Institute of Standards and Technology (NIST) offers a modern set of principles that build upon the foundational work of Saltzer and Schroeder, while addressing the challenges of contemporary systems.

These principles guide the design, implementation, and management of secure architectures and controls in real-world environments.

1. Categorization of NIST Principles

The NIST principles are organized into three broad families;

1.1 Security Architecture and Design

These principles focus on the organization, structure, and interfaces of systems. They help define how security is embedded into the architecture from the ground up.

1.2 Security Capability and Intrinsic Behaviors

This category addresses what protections the system provides, including specific security controls and their functions.

1.3 Life Cycle Security

These principles cover process and management aspects, ensuring that security is maintained throughout the system's life cycle.

Together, these principles help system designers ensure a comprehensive approach to security, encompassing everything from foundational structures to operational practices.

2. Evolution from Saltzer and Schroeder

Several NIST principles map directly to the classic principles by Saltzer and Schroeder, including;

These traditional principles remain relevant and provide the basis for many modern security controls.

3. Modern Enhancements for Contemporary Systems

As computing systems have grown more complex, NIST introduces new principles that address these modern challenges;

3.1 Clear Abstraction, Modularity, and Layering

Encourages clean modular design to simplify system understanding and maintenance.

3.2 Partially Ordered Dependencies

Ensures system components interact in a defined and secure sequence.

3.3 Secure Evolvability

Promotes the ability to evolve a system secure over time, without introducing vulnerabilities.

3.4 Hierarchical Trust Structure

Recognizes that not all components require the same level of assurance. Components with lower assurance levels should not compromise those with higher assurance.

3.5 Inverse Modification Threshold

The most critical components must be the hardest to modify, ensuring protection from unauthorized tampering.

3.6 Hierarchical Protection

Less Critical components do not need protection from more critical ones, streamlining system protection layers.

4. Security in Interconnected Systems

In today's networked environments, NIST acknowledges the need for interconnected systems to maintain security;

5. Balancing Security and Usability

Recognizing the practical limitations in the real world, NIST introduces principles like;

These principles emphasize that security is not a goal in itself, but a supportive aspect of system functionality.

6. NIST Security Architecture Strategies

Beyond principles, NIST also outlines three key strategies for implementing secure system architectures:

  1. Reference Monitor Concept: An abstract control that can enforce all system security properties effectively. It's central to mandatory access control models.
  2. Defense in Depth: Multiple overlapping controls are used to ensure that if one fails, others remain effective.
  3. Isolation: Components are physically or logically separated to prevent interference and reduce information leakage.

7. Application and Adaptation

Both NIST and Saltzer & Schroeder stress that security principles are guidelines, not rigid rules. While they provide essential direction, they must be applied skillfully to specific contexts. If deviations are made from any principle, it is important to:

Only through thoughtful application can these principles lead to robust and resilient systems.

Author: Mikhail
Svetlya
Clap Icon11
Svetlya Jr. Formulator & Registered User
Amazing article, thanks for sharing. NIST are basic principles that every security design person should know.
Rachel
Clap Icon10
Rachel Jr. Formulator
Agree with you Svetlya. But I feel the work of Saltzer and Schroeder is much more simpler in terms of implementation.

You must be logged in to leave a comment. Login here


Thread Back to Threads Thread

You May Also Like

Road Trip from Hyderabad to Jammu and Kashmir
Tags: Road Trip, Hyderabad, Jammu and Kashmir, J&K, Travel

It has been a long time since I have been planning to go to Jammu and Kashmir, and it seems now the time has come when I should take on this expedition/road trip. In this thread, I am going to discuss my plan, and how I am going to execute it over the course of time and while on the journey as well. So, it will be more like a diary entry that I will be doing, which can also be used as a guidance if someone else is planning for a trip like this. Making Money Paradox
Tags: Making Money, Earning Money, Make Money Online

These days making money seems so difficult. There were good old days when we could just develop a website and after a few months, we could see money flowing into our accounts because of advertisements and affiliate links. What is a Computer Virus?
Tags: Virus, Computer Virus

A Computer Virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be infected with a computer virus, a metaphor derived from biological viruses. Mars
Tags: Planet, Astronomy, Mars

Mars is the fourth planet from the Sun in our Solar System. It is known as the 'Red Planet' because of its reddish color, which comes from iron-rich dust covering its surface.