Security design principles aim to minimize system vulnerabilities, safeguard data, and mitigate risks to ensure confidentiality, integrity, and availability.
The principle of least privilege ensures users or processes have only the permissions required to perform their tasks, reducing the risk of accidental or intentional misuse.
Separation of duties prevents a single individual or process from having enough access or control to compromise the system, thereby reducing risk.
Defense in depth employs multiple layers of security to protect against potential threats, ensuring that if one layer fails, others can provide protection.
Fail-safe defaults ensure that when a system fails, it does so in a way that restricts access, preventing unauthorized use during outages.
