The Protection of Information in Computer Systems

The Protection of Information in Computer Systems
The Protection of Information in Computer Systems
Created	1975
Author(s)	Jerome Saltzer ; Michael Schroeder ;
Subject	Information security

Last updated March 06, 2025

The Protection of Information in Computer Systems is a 1975 seminal publication by Jerome Saltzer and Michael Schroeder about information security.^[1]^[2] The paper emphasized that the primary concern of security measures should be the information on computers and not the computers itself.^[3]

Design principles

The following design principles are laid out in the paper:

Economy of mechanism: Keep the design as simple and small as possible.
Fail-safe defaults: Base access decisions on permission rather than exclusion.
Complete mediation: Every access to every object must be checked for authority.
Open design: The design should not be secret.
Separation of privilege: Where feasible, a protection mechanism that requires two keys to unlock it is more robust and flexible than one that allows access to the presenter of only a single key.
Least privilege: Every program and every user of the system should operate using the least set of privileges necessary to complete the job.
Least common mechanism: Minimize the amount of mechanism common to more than one user and depended on by all users.
Psychological acceptability: It is essential that the human interface be designed for ease of use, so that users routinely and automatically apply the protection mechanisms correctly.
Work factor: Compare the cost of circumventing the mechanism with the resources of a potential attacker.
Compromise recording: It is sometimes suggested that mechanisms that reliably record that a compromise of information has occurred can be used in place of more elaborate mechanisms that completely prevent loss.

References

↑ Smith, Richard E. (November 2012). "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles". IEEE Security & Privacy . 10 (6): 20–25. doi:10.1109/MSP.2012.85. ISSN 1540-7993. S2CID 13371996.
↑ Seeley, Nicholas. "Seminal Papers in Cybersecurity: A Review (Part 2 of 2)". Schweitzer Engineering Laboratories . Retrieved 2024-11-11.
↑ Samonas, Spyridon; Coss, David (2014). "The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security". Journal of Information Systems Security. 10 (3): 21–45.
↑ Smith, Sean; Marchesini, John (2007). The Craft of System Security. Pearson Education. ISBN 9780132797542.

External links

Saltzer, Jerome; Schroeder, Michael (April 17, 1975). "The Protection of Information in Computer Systems". Symposium on Operating Systems Principles .

This computer security article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Smith, Richard E. (November 2012). "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles". IEEE Security & Privacy . 10 (6): 20–25. doi:10.1109/MSP.2012.85. ISSN 1540-7993. S2CID 13371996.

[2] Seeley, Nicholas. "Seminal Papers in Cybersecurity: A Review (Part 2 of 2)". Schweitzer Engineering Laboratories . Retrieved 2024-11-11.

[3] Samonas, Spyridon; Coss, David (2014). "The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security". Journal of Information Systems Security. 10 (3): 21–45.

[4] Smith, Sean; Marchesini, John (2007). The Craft of System Security. Pearson Education. ISBN 9780132797542.

[1]

[2]

[3]

[4]

The Protection of Information in Computer Systems

Contents

Design principles

See also

References

External links