Definitions – Cybersecurity First Principles

Cybersecurity First Principles in this lesson

This lesson is about defining cybersecurity first principles for elementary or middle school students. So all of them will be discussed.

Lesson goals

• Understand cybersecurity first principles

Materials required

• A printed poster [Optional]

Prerequisite lessons

• None, just lots of curiosity

Table of Contents

• Cybersecurity First Principles
• Additional Resources
• Acknowledgements
• License

Cybersecurity First Principles

What are Cybersecurity first principles?

The principles are basic activities in designing a good security system.

Stepping through the principles

We now examine 10 cybersecurity first principles.

1. Domain Separation

Define boundaries around protected objects.

2. Process Isolation

Create barriers around protected objects.

3. Resource Encapsulation

Monitor interactions with protected objects.

4. Least Privilege

Define permissions for interactions with protected objects.

5. Layering

Use more than one way to stop an intrusion.

6. Abstraction

Adapt computers for their use.

7. Data Hiding

Hide protected objects from unwanted exposure.

8. Modularity

Use interchangeable components.

9. Simplicity

Avoid unnecessary complexity.

10. Minimization

Reduce exposed areas.

How do the First Principles Relate to each other?

Think of the first four principles are the necessary elements of building a protection mechanism, like a Castle: Wall, Door, Guard and Check. They help you answer the question, how to build a protection mechanism. The rest of the principles that follow, contribute to the quality of the protection mechanism. They help you answer the question, how good is the protection mechanism.

Additional Resources

• Quick review of first principles using pictures
• First Principle Hand Gestures
• Scratch Activity and Quiz: Castle Story by Briana Morrison

Top

Lead Author

• Robin Gandhi and Kristeen Shabram

Acknowledgements

• A special thanks to Matt Hale for reviews of this module and thoughtful discussions.

Top

License

Nebraska GenCyber
is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Overall content: Copyright (C) 2017-2021 Dr. Matthew L. Hale, Dr. Robin Gandhi, and Dr. Briana B. Morrison.

Lesson content: Copyright (C) Robin Gandhi 2018-2021.

This lesson is licensed by the author under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.