Re: Principle of Inclusion?

From: David Wagner (dawat_private)
Date: Tue Jun 26 2001 - 20:31:05 PDT

Next message: Roger Burton West: "Re: CDSA-biometrics"

Previous message: listsat_private: "Re: Principle of Inclusion?"
In reply to: aleph1at_private: "Principle of Inclusion?"
Next in thread: George Milliken: "RE: Principle of Inclusion?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>  We have all heard the old security principle of not filtering out
>known bad input but filtering in known good input, but I've never heard
>it "named" like we name the "principle of least privilege". Do you know
>of any such name?

It's an instance of what's known as "fail-safe defaults".
(restrictive policies are preferred over permissive policies)

See Saltzer and Schroeder's paper "The Protection of Information
in Computer Systems" for a list of several such principles.
http://web.mit.edu/Saltzer/www/publications/protection/index.html
This particular one appears in Section I.A.3.b.

Next message: Roger Burton West: "Re: CDSA-biometrics"
Previous message: listsat_private: "Re: Principle of Inclusion?"
In reply to: aleph1at_private: "Principle of Inclusion?"
Next in thread: George Milliken: "RE: Principle of Inclusion?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 28 2001 - 09:17:48 PDT