This article will cover some of the major areas within Security Architecture and Design by looking at: design concepts, hardware architecture, OS and software architecture, security models, modes of operations, and some system evaluation methods, specifically CAP.
First, design concepts. You need to remember “LAST.” That is L=Layering, A=Abstraction, S=Security Domains and T=The Ring. Actually is should have been LASR but who could remember that and besides if you vocalize THE RING it sticks with you. OK, so layering or separating the design into distinct parts like hardware, hardware drivers, operating system and application. Abstract, like in abstract painting, you never really know what the artist was thinking because all of that is hidden from you the viewer/user. As an example, if you click on a URL in your browser, say for infosecinstitute.com, you as the user see the web page painted on your screen, you don’t see all of the electronic work going on in the background to handle communications like file lookup, screen painting, etc. You just see the screen. In Security Domains, think two things, user mode and supervisor mode. Users can only do what they have been allowed to do and supervisor mode can do anything. And finally, THE RING. No not the one you give to a very close acquaintance. But rather how security is designed, the closer to the center of the ring the more restrictive the security.
Next, hardware architecture. Now, we already know the basics about input devices, CPUs, output devices, memory, hard disks, etc. So I won’t bore you with that minutia. But you should Google the following subjects: pipelining, interrupt, processes, threads, multitasking, multiprocessing, SRAM, DRAM, virtual memory and WORM — not the virus, but write-once, read-many. Once you’ve Googled those, cut and paste the definitions you find somewhere and keep them handy.
Then, OS and software architecture. You need to understand the “reference monitor” and the role it plays in mediating access. You should be able to look at UNIX/Linux permissions and know the difference between Owner/Group/World and who has what. Also, look at NTFS permissions in Windows and get a good grasp of the differences between the five different levels of permissions. Some key words to research and remember in this section are: TOCTOU, backdoor vs. maintenance hook, and don’t forget polyinstantiation.
For security models, you can read through the different models, but pay particular attention to the Biba model and the Bell-LaPadula model and how they work with the principle of least privilege.
There are four different modes of operation; multilevel, compartmental, system-high and dedicated. Understand the role of the reference monitor in the multilevel mode.
And finally system evaluation methods or as we like to call it Certification Accreditation Program (CAP). (ISC)2 is getting away from asking questions which ask you to classify levels by ITSEC but it wouldn’t hurt to familiarize yourself with the Common Criteria and the EAL levels, especially the difference between EAL3 and EAL4 and the difference between EAL5 and EAL6 (remember verify, verify, verify). And remember it all started with the Orange book (no network) and then went to the Red book (included network).