2024年11月03日

ISO/IEC 19249:2017 Information technology - Security techniques - Catalogue of architectural and design principles for secure products, systems and applications

5 Architectural Principles: 1. Domain Separation 2. Layering 3. Enscapulation 4. Redundancy 5. Virtualization

5 Design Principles 1. Least Privilege 2. Attack Surface Minimization 3. Centralized Parameter Validation 4. Centralized General Security Services 5. Preparing for Error and Exeception Handling