CISSP Domain – Security Architecture and Design

February 18, 2011 by Kenneth Magee

This article will cover some of the major areas within Security Architecture and Design by looking at: design concepts, hardware architecture, OS and software architecture, security models, modes of operations, and some system evaluation methods, specifically CAP.

First, design concepts. You need to remember “LAST.”  That is L=Layering, A=Abstraction, S=Security Domains and T=The Ring.  Actually is should have been LASR but who could remember that and besides if you vocalize THE RING it sticks with you.  OK, so layering or separating the design into distinct parts like hardware, hardware drivers, operating system and application.  Abstract, like in abstract painting, you never really know what the artist was thinking because all of that is hidden from you the viewer/user.  As an example, if you click on a URL in your browser, say for, you as the user see the web page painted on your screen, you don’t see all of the electronic work going on in the background to handle communications like  file lookup, screen painting, etc.  You just see the screen.  In Security Domains, think two things, user mode and supervisor mode.  Users can only do what they have been allowed to do and supervisor mode can do anything.  And finally, THE RING. No not the one you give to a very close acquaintance. But rather how security is designed, the closer to the center of the ring the more restrictive the security.

Next, hardware architecture.  Now, we already know the basics about input devices, CPUs, output devices, memory, hard disks, etc. So I won’t bore you with that minutia. But you should Google the following subjects: pipelining, interrupt, processes, threads, multitasking, multiprocessing, SRAM, DRAM, virtual memory and WORM — not the virus, but write-once, read-many.  Once you’ve Googled those, cut and paste the definitions you find somewhere and keep them handy.

Then, OS and software architecture.  You need to understand the “reference monitor” and the role it plays in mediating access.  You should be able to look at UNIX/Linux permissions and know the difference between Owner/Group/World and who has what.  Also, look at NTFS permissions in Windows and get a good grasp of the differences between the five different levels of permissions.  Some key words to research and remember in this section are: TOCTOU, backdoor vs. maintenance hook, and don’t forget polyinstantiation.

For security models, you can read through the different models, but pay particular attention to the Biba model and the Bell-LaPadula model and how they work with the principle of least privilege.

There are four different modes of operation; multilevel, compartmental, system-high and dedicated.  Understand the role of the reference monitor in the multilevel mode.

And finally system evaluation methods or as we like to call it Certification Accreditation Program (CAP).  (ISC)2 is getting away from asking questions which ask you to classify levels by ITSEC but it wouldn’t hurt to familiarize yourself with the Common Criteria and the EAL levels, especially the difference between EAL3 and EAL4 and the difference between EAL5 and EAL6 (remember verify, verify, verify).  And remember it all started with the Orange book (no network) and then went to the Red book (included network).

Fill out the short form below for pricing information and details regarding our various training options (self paced, online mentored & instructor lead) for the CISSP.

Posted: February 18, 2011
Articles Author
Kenneth Magee
View Profile

J Kenneth (Ken) Magee is president and owner of Data Security Consultation and Training, LLC, which specializes in data security auditing and information security training. He has over 40 years of IT experience in both private industry and the public sector with the last 21 devoted to IT security and Risk Management.

Ken holds degrees from Robert Morris University and Fairleigh Dickinson University. He holds 30 certifications including: CTT+, CEH, CPT, SSCP, CISSP-ISSMP, CAP, CISA, CISM, ISO 27001 PA, GIAC-GWAPT/GSEC/GSNA, CIA-CGAP, Security+, and CDP. He is a Senior Instructor with the InfoSec Institute.