Security Design Principles

5 Design Principles to secure a system according to ISO/IEC 19249:

1. Least Privilege
2. Attack Surface Minimization
3. Centralized Parameter Validation - validate user’s input
4. Centralized General Security Services - centralize security service
5. Prepare for Error and Exception Handling

3 and 5 are perhaps the most relatable for software engineers. I remember my professor told me always try to think like a user - and that mindset really does go a long way.

---

Last Modified: 2026-01-11