Secure Design Principles … System and System Architecture

System and application development consists of following stages

  1. Design
  2. Development
  3. Test
  4. Deployment processes.

Security has to be addressed at every step in the development cycle. However, addressing security in the design stage itself is most critical. Since prevention is better than cure, addressing security at the design stage itself can facilitate preventative controls to address security issues.

Hence, In this post we will take a look at the some of the important design principles must be considered while designing Systems.

Before I begin with Secure design principles – Lets understand what is a “system”;


Well system is something composed of Hardware and software; which allow software to run to perform some operation.

This typically includes the physical components, the operating systems, and the programming languages used. From a physical and logical perspective, a number of possible frameworks or platforms are in use. 

Below picture depicts about some of the most common systems.


Hence, A system is a collection of elements that together produce desired results which are not possible to get by the individual components alone. In enterprise solution, a system may involve single or multiple computers or devices working together to achieve a particular result.

For example, an online shopping system may involve a web server, an e-commerce server, and a database server. However, these systems alone cannot provide necessary security for online transactions. An organization may need to include multiple switches, routers, firewalls, IPS, IDS, Proxy or other security mechanism to ensure that security is maintained end to end.

To understand engineering using secure design principles, organizations must understand the difference between objects and subjects and closed versus open systems. Refer to below figure for all required details.

Refer to below examples to get a better understanding.
Example – Subject & Object
Suppose “Gaurav” wants to access an application. In this case, Gaurav is a subject, and the application is an object. Suppose then that once Gaurav is given access to the application, the application needs to access information in a database called “mrcissp”. Then the application becomes the subject, and the database becomes the object.

Let’s take a look at another example which is selected from our official study guide “Sybex” as it is.
Example – Transitive Trust
Workers (A) do not have access to specific internet sites (C). However, if workers can access a web proxy, virtual private network (VPN), or any other anonymization service, then this can serve as a means to bypass the local network restriction. In other words, if workers (A) are accessing VPN service (B), and the VPN service (B) can access the blocked internet service (C); then A can access C through B via transitive trust exploitation.

System Architecture

The system architecture, in turn, is the overall design of the components -such as hardware, operating systems, applications, and networks of an information system.

Organizations must implement and manage systems engineering processes using secure design principles as discussed in Domain 1: Security & Risk Management.

ISO & IEC groups have developed standards for systems engineering: ISO/IEC 15288:2015 and NIST Special Publication (SP) 800-160, which supersedes NIST SP 800-27.

Please note: ISO/IEC 15288:2015 will be discussed in separate blog.

Hence, Below are the primary Secure design principles used in System Engineering.

  1. The Computer Architecture
  2. System security mechanism
  3. Trusted Computing Base
  4. Assurance

Each of them is quite a Big topic in itself and we will discussing them through a separate post.