Security Principles Variations of lists of security principles Security vulnerabilities often exploit violations of these principles ■ Good security solutions or countermeasures follow these principles Some overlap some tension between principles More generally,checklists are useful for security These principles can be applied at many levels,e.g.,in source code of an application,between applications on a machine at OS level,at network level,within an organization,between organizations Here we give 16 principles Main Source:software security principles by Gary McGraw and John Viega ■CSE825 2CSE825 2 Security Principles  Variations of lists of security principles  Security vulnerabilities often exploit violations of these principles  Good security solutions or countermeasures follow these principles  Some overlap & some tension between principles  More generally, checklists are useful for security  These principles can be applied at many levels, e.g., in source code of an application, between applications on a machine at OS level, at network level, within an organization, between organizations  Here we give 16 principles  Main Source: software security principles by Gary McGraw and John Viega