NIST Principles of Secure System DesignRate:


Table of Contents
NIST Principles of Secure System Design
Tags: Cybersecurity, Cyber Security, Principles

Designing secure systems in today's complex technological landscape requires more than just basic security rules. The National Institute of Standards and Technology (NIST) offers a modern set of principles that build upon the foundational work of Saltzer and Schroeder, while addressing the challenges of contemporary systems.

These principles guide the design, implementation, and management of secure architectures and controls in real-world environments.

1. Categorization of NIST Principles

The NIST principles are organized into three broad families;

1.1 Security Architecture and Design

These principles focus on the organization, structure, and interfaces of systems. They help define how security is embedded into the architecture from the ground up.

1.2 Security Capability and Intrinsic Behaviors

This category addresses what protections the system provides, including specific security controls and their functions.

1.3 Life Cycle Security

These principles cover process and management aspects, ensuring that security is maintained throughout the system's life cycle.

Together, these principles help system designers ensure a comprehensive approach to security, encompassing everything from foundational structures to operational practices.

2. Evolution from Saltzer and Schroeder

Several NIST principles map directly to the classic principles by Saltzer and Schroeder, including;

These traditional principles remain relevant and provide the basis for many modern security controls.

3. Modern Enhancements for Contemporary Systems

As computing systems have grown more complex, NIST introduces new principles that address these modern challenges;

3.1 Clear Abstraction, Modularity, and Layering

Encourages clean modular design to simplify system understanding and maintenance.

3.2 Partially Ordered Dependencies

Ensures system components interact in a defined and secure sequence.

3.3 Secure Evolvability

Promotes the ability to evolve a system secure over time, without introducing vulnerabilities.

3.4 Hierarchical Trust Structure

Recognizes that not all components require the same level of assurance. Components with lower assurance levels should not compromise those with higher assurance.

3.5 Inverse Modification Threshold

The most critical components must be the hardest to modify, ensuring protection from unauthorized tampering.

3.6 Hierarchical Protection

Less Critical components do not need protection from more critical ones, streamlining system protection layers.

4. Security in Interconnected Systems

In today's networked environments, NIST acknowledges the need for interconnected systems to maintain security;

5. Balancing Security and Usability

Recognizing the practical limitations in the real world, NIST introduces principles like;

These principles emphasize that security is not a goal in itself, but a supportive aspect of system functionality.

6. NIST Security Architecture Strategies

Beyond principles, NIST also outlines three key strategies for implementing secure system architectures:

  1. Reference Monitor Concept: An abstract control that can enforce all system security properties effectively. It's central to mandatory access control models.
  2. Defense in Depth: Multiple overlapping controls are used to ensure that if one fails, others remain effective.
  3. Isolation: Components are physically or logically separated to prevent interference and reduce information leakage.

7. Application and Adaptation

Both NIST and Saltzer & Schroeder stress that security principles are guidelines, not rigid rules. While they provide essential direction, they must be applied skillfully to specific contexts. If deviations are made from any principle, it is important to:

Only through thoughtful application can these principles lead to robust and resilient systems.

Author: Mikhail
Svetlya
Clap Icon11
Svetlya Jr. Formulator & Registered User
Amazing article, thanks for sharing. NIST are basic principles that every security design person should know.
Rachel
Clap Icon7
Rachel Jr. Formulator
Agree with you Svetlya. But I feel the work of Saltzer and Schroeder is much more simpler in terms of implementation.

You must be logged in to leave a comment. Login here


Thread Back to Threads Thread

You May Also Like

Total Daily Energy Expenditure
Tags: TDEE, Health and Wellness

TDEE stands for Total Daily Energy Expenditure, and it is the total number of calories your body burns in a day. What is an Advance Fee Scam?
Tags: Scam, Email Scam, Nigerian Prince Scam

An advance-fee scam is a form of fraud and is one of the most common types of confidence tricks. The scam typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster claims will be used to obtain the large sum. How to deal with Road Rage?
Tags: Road Rage

These days cases of people harassing other drivers have become common. Most of the time this happens because of the driver ego, but road rages can turn fatal especially when you are traveling with your family that have kids and can also leave mental trauma to small kids for life. Who is a Black Hat Hacker?
Tags: Black Hat Hacker, Hacking

A black hat (black hat hacker or blackhat) is a computer hacker who violates law or ethical standards for nefarious purposes, such as cybercrime, cyberwarfare, or malice. These acts can range from piracy to identity theft.