Principle 10 - Use Open Design

Detail

The effectiveness of security components included in a service should not be compromised by any visibility of that design, i.e. should not rely on obscurity. Designs should not include implementation detail specific enough to enable or aid attack scenarios.

Design is not a secret, but the implementation of safeguards and controls are!

Decision Evaluation Criteria:

• Where design documentation templates are used, do they indicate the type of information which is inappropriate for inclusion ?
• Do design reviews confirm and record that the level of included detail is appropriate from the security perspective ?
• Do design reviews confirm and record the boundaries of technical solution components and what security policies are to be enforced ?

Basis

• NIST 2 - Treat security as an integral part of the overall system design
• NIST 3 - Clearly delinate the physical and logical security boundaries governed by associated security policy
• NIST 12 - Where possible, base security on Open Standards for portability & interoperability
• NIST 20 - Isolate public access systems from mission critical resources
• NIST 21 - Use boundary mechanisms to seperate computing systems and network infrastructure
• CSSLP - Use Open Design