Security Analysis Table
Fundamental Security Design Principles
Describe how the FSDPs relate to PKI (2–3
sentences)
Describe how the FSDPs relate to the CIA
triad (2–3 sentences)
Isolation
In relation to PKI and isolation the
example, I have the uses of a token for
the authentication process. This token is
what the grants the user access of the
protected areas in the network.
Authentication is linked to isolation, so
that would lead into the CIA’s isolationist
triad. With that in mind it would need to
have and maintain the highest levels of
confidentiality and integrity.
Modularity
Modularity relates to PKI in being that
receiving a certificate is an example of
modularity. Once the certificate is
acquired, it’s uploaded to the database
and sent to a server, in turn letting the
server inside the subnet you chose.
With how similar they are nodes in a
network can act independently. This
technique can be reused indefinitely.
When designing with modularity, ease of
use is a must.
Minimization of Implementation
Minimizing the amount of code needed to
handle particular situations can be
achieved with other methods such as
having set credentials that can operate on
any device. Essentially meaning nobody
else would be able to log onto the user’s
account.
Minimizing time and effort used to
implement a change is a private principle.
This restricts access to your account and
the contents within it for only authorized
users.
Layering
Layering connection with a PKI would be
along the lines of using a biometric
scanner and using something like login
credentials. This is a prime example of
layers, adding other things onto this
would be adding more layers.
The concept of layering is connected to
the triad through confidentiality. Using
the combinations of multiple security
methods including authentication ensure
authorized access is allowed or authorized
individuals may receive access.
Least Privilege
The least privilege method is by far my
Least privilege plays into all 3 roles in
2
