DESIGN PRINCIPLES 

Design principles in information security are fundamental guidelines that help ensure systems are secure and resilient against threats. These principles provide a framework for creating, implementing, and maintaining secure information systems. 

1. Least Privilege: Users and systems should only have the minimum level of access necessary to perform their functions. This reduces the risk of accidental or malicious misuse of privileges.
2. Defense in Depth: Multiple layers of security controls should be implemented to protect information systems. This way, if one layer fails, others still provide protection.
3. Fail-Safe Defaults: Systems should default to a secure state in the event of a failure. Access should be denied by default and granted only when explicitly allowed.
4. Separation of Duties: Critical tasks should be divided among multiple individuals to prevent fraud and error. No single person should have control over all aspects of any critical function.
5. Complete Mediation: Every access to a resource must be checked for the appropriate authorization. No access should be assumed to be safe without verification.
6. Open Design: The security of a system should not depend on the secrecy of its design or implementation. Security through obscurity is not a reliable security mechanism.
7. Economy of Mechanism: Security mechanisms should be as simple as possible. Complex systems are harder to understand, test, and secure.
8. Psychological Acceptability: Security mechanisms should not make the system difficult to use. If security measures are too cumbersome, users may find ways to bypass them, weakening security.
9. Least Common Mechanism: Mechanisms used to access resources should not be shared more than necessary. Sharing mechanisms increase the risk of one user’s actions affecting others.