by various folk
IBM, MS, Albion
The principle of least privilege states that only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary.
Defense in depth
The idea behind defense in depth is to manage risk with multiple defensive strategies, so that if one layer of defense turns out to be inadequate, another layer of defense will, ideally, prevent a full breach.
Avoid security problems related to failures. When systems fail in any way, they should not revert to insecure behavior.
Secure the weakest link
Security is a chain; a system is only as secure as the weakest link. One consequence is that the weakest parts of your system are the parts most susceptible to attack.
The basic idea behind compartmentalization is that we can minimize the amount of damage that can be done to a system, if we break the system up into as many isolated units as possible.
The KISS mantra — "Keep it simple, stupid!". Complexity increases the risk of problems; this seems unavoidable in any system. Your designs and implementations should be as straightforward as possible.
Users generally consider privacy a security concern. You shouldn’t do anything that could compromise the privacy of the user.
And you should be as diligent as possible in protecting any personal information that a user gives you. You can quickly lose the respect of your customers, if they think you handle privacy concerns poorly.
It’s hard to hide secrets
It’s incredibly difficult to keep the "secrets" secret. The most common threat to companies is the "insider" attack, where a disgruntled employee abuses access, … and reveals secrets. "Security by obscurity": whenever possible, you should avoid using this as your sole line of defense.
Don’t extend trust easily
Be reluctant to trust your own servers, in case they get hacked. You should also be reluctant to trust yourself and your organization. There have been many products from security vendors with gaping security holes
Trust the community
Repeated use without failure promotes trust. Public scrutiny does as well. You get to leverage the experience of others. This principle only applies if you have reason to believe that the community is doing its part to promote the security of components you want to use.
จากเอกสารประกอบการเรียนวิชา Computer Security