Security engineering

Overview

Security engineering is a specialized field of engineering that focuses on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts. It is similar to other systems engineering activities in that its primary motivation is to support the delivery of engineering solutions that satisfy pre-defined functional and user requirements, but with the added dimension of preventing misuse and malicious behavior. Those constraints and restrictions are often asserted as a security policy.

In one form or another, security engineering has existed as an informal field of study for several centuries. For example, the fields of locksmithing and security printing have a long history of design techniques that resist unauthorized access or reproduction. With the growth of the Internet and the increasing reliance on computer and communications systems, security engineering has in recent years become a separate discipline in its own right.

History

The history of security engineering dates back to ancient times and has evolved over centuries. The earliest forms of security engineering were seen in the design of fortifications and locks. The Romans, for example, were known for their architectural prowess in building fortifications and used a variety of security measures to protect their cities and towns from invasion. These early examples of security engineering were primarily focused on physical security and used simple mechanical devices.

In the 19th century, with the advent of industrialization, security engineering began to take on a new form. Factories and industrial plants needed to protect their machinery and products from theft and sabotage, leading to the development of more sophisticated security systems. This included the use of locks and keys, security guards, and even early forms of electronic security systems.

In the 20th century, the field of security engineering expanded dramatically with the development of computer technology. The need to protect information and data led to the creation of new security measures, including encryption, firewalls, and antivirus software. Today, security engineering is a critical component of many industries, including finance, healthcare, and government.

Principles of Security Engineering

Security engineering involves a number of key principles. These include the concepts of defense in depth, fail-safe defaults, least privilege, separation of privilege, economy of mechanism, complete mediation, open design, psychological acceptability, and least common mechanism.

Defense in depth is a concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical security for the duration of the system's life cycle.

Fail-safe defaults base access decisions on permission rather than exclusion. This means that the default situation is lack of access, and the protection scheme identifies conditions under which access is permitted. The concept of fail-safe defaults applies to more than just user rights. For example, a fail-safe default in the case of a script running on a web server would be to disallow that script to delete files.

Principle of least privilege requires that a user be given no more privilege than necessary to complete his job. When applied to employees, the principle of least privilege can help minimize the potential damage that can come from an employee's error, deliberate act, or compromise by a malicious third party.

Separation of privilege is where a system is designed so that it uses multiple separate single-factor mechanisms, rather than a multi-factor mechanism. The principle is that a compromise of one factor should not lead to a compromise of the entire system.

Economy of mechanism is the principle that security mechanisms should be as simple as possible. The simpler the security mechanism, the easier it is to ensure that it is secure. This principle is sometimes referred to as KISS (Keep It Simple, Stupid).

Complete mediation is the principle that every access to every object must be checked for authority. This is usually achieved by placing access control mechanisms in a reference monitor that is small enough to be completely tested and verified. The reference monitor concept is an important one in security engineering, and is often considered the key to implementing security in a system.

Open design is the principle that the security of a mechanism should not depend on the secrecy of its design or implementation. This is sometimes expressed as "security through obscurity is no security at all".

Psychological acceptability is the principle that security mechanisms should not make the resource more difficult to access than if the security mechanisms were not present. If security mechanisms make a resource too difficult to access, users may circumvent the mechanisms.

Least common mechanism is the principle that the design should minimize the mechanisms common to more than one user and depended on by all users. Every shared mechanism (especially one involving shared variables) represents a potential information path between users and must be designed with great care to isolate users from one another.

Security Engineering in Practice

In practice, security engineering involves a wide range of activities. These can include the design of security policies, the implementation of security mechanisms, the management of security services, and the evaluation of system security.

Security policies define what is, and is not, allowed. They set out the rules for data confidentiality, integrity, and availability. They also set out rules for accountability and how to achieve it. Security policies are often complex and must be understood by all who are responsible for their enforcement.

Security mechanisms are the tools and procedures used to enforce security policies. They include things like locks, keys, access control lists, and encryption algorithms. Security mechanisms must be designed to be robust and resistant to attack.

Security services are the processes that implement security policies. They include things like user authentication, log management, intrusion detection, and incident response. Security services must be managed effectively to ensure that they are providing the necessary protection.

Security evaluation is the process of assessing a system's security to ensure that it meets the required standards. This can involve a range of activities, from formal verification of the security mechanisms to penetration testing of the system.

Challenges in Security Engineering

Security engineering faces a number of challenges. These include the difficulty of establishing a precise definition of security, the complexity of modern systems, and the rapid pace of change in technology and threats.

A precise definition of security is difficult to establish. Different stakeholders may have different views on what constitutes security, and these views may change over time. For example, a user may consider a system to be secure if their personal data is protected, while a system administrator may consider a system to be secure if it is resistant to attack.

The complexity of modern systems also presents a challenge for security engineering. Modern systems often involve a large number of components, each of which may have its own security requirements. Ensuring that all these components work together securely is a difficult task.

The rapid pace of change in technology and threats is another challenge for security engineering. New technologies can introduce new vulnerabilities, and attackers are constantly developing new techniques to exploit these vulnerabilities. Security engineers must therefore be constantly learning and adapting to keep up with these changes.

Future of Security Engineering

The future of security engineering is likely to be shaped by a number of trends. These include the increasing importance of cybersecurity, the rise of artificial intelligence and machine learning, and the growing use of blockchain technology.

Cybersecurity is becoming increasingly important as more and more of our lives are conducted online. This is likely to lead to an increased demand for security engineers who can protect our data and systems from cyber threats.

Artificial intelligence and machine learning are also likely to have a major impact on security engineering. These technologies can be used to automate many security tasks, such as detecting and responding to threats. However, they can also introduce new vulnerabilities that need to be managed.

Blockchain technology is another trend that is likely to shape the future of security engineering. Blockchain can provide a secure and transparent way of recording transactions, which could be used in a wide range of applications, from financial transactions to supply chain management.