Saltzer & Schroeder's Secure Design Principles: Explained

a. Ease of use: The protection mechanism should be easy to use. This means that the security measures put in place should not be overly complicated or difficult to understand, as this can lead to errors or misuse by users.

b. Permission based: The default condition should be denial of access. This principle dictates that access to a resource or system should be based on permissions granted by an authorized entity, rather than being open or unrestricted by default.

c. Open design: An open design means that the security mechanisms should be transparent and visible to all, rather than being hidden or obscured. This allows for greater scrutiny and testing, which can improve overall security.

d. Complete mediation: This principle means that every access to a resource or system should be checked and verified for authorization. This ensures that no unauthorized access can occur, even if an attacker attempts to bypass or circumvent the system.

e. Least privilege: The principle of least privilege dictates that users or entities should only be granted the minimum level of access required to perform their tasks. This reduces the risk of accidental or intentional misuse of the system.

f. Separation of privilege: This principle means that multiple levels of access or authentication should be required to access sensitive or critical resources. This reduces the risk of a single point of failure or vulnerability.

g. Least common mechanism: This principle states that resources or components should not share common mechanisms or interfaces, as this can increase the risk of a widespread compromise or attack.

h. Economy of mechanism: The security mechanisms should be simple and efficient, as complex or convoluted systems can increase the risk of errors or misconfigurations. Simple mechanisms are also easier to audit and maintain.