IEEE Access (Jan 2022)
Exploring How to Apply Secure Software Design Principles
Abstract
Secure design principles (SDPs) are employed to be a solution against many types of attacks. However, it has been shown that software designers are not familiar with the notion of SDPs or do not understand how to implement them in the design stage. This paper tries to bridge this gap by applying SDPs to a real-world software project, electronic promotion system (ePS), and commenting on the contribution of each SDP. Saltzer and Schroeder’s eight principles, along with three additional principles proposed by others, are chosen to be applied to ePS. The results show that most of the SPDs identified here were instrumental and applied in the ePS’s design. Most of the eleven SDPs, economy of mechanism, fail-safe defaults, least privilege, least common mechanisms, sound authentication, defense in depth, and input validation were implemented on ePS to a great extent. Others, namely separation of privileges and psychological acceptability, were applied to a limited extent. The remaining two principles, complete mediation and open design, did not play a vital role, as ePS by itself satisfies these two principles. Some contradictions and interrelations among the SDPs when they were applied were also debated. Taking into account the integration of ePS with other enterprise systems in the same organization, it was felt placing SDPs in a general context would be beneficial and sufficient. This work is expected to bridge the gap between software developers and state-of-the-art research on software SDPs.
Keywords