Summary
This chapter covered foundational concepts in the security engineering domain. Hardware, software, or networking systems need to be secure, for which adherence to security best practices during design, development, and integration is essential. Security standards and models provide a baseline for developing and maintaining secure systems. During various stages of the information system life cycle, vulnerabilities may creep in. Hence, it is necessary to identify and assess vulnerabilities and mitigate them during development as well as during operations.
In the next chapter, we will understand the fundamentals of cryptography, its requirements in security, and its application in data security and communication security. Besides concepts and best practices that relate to the physical security of infrastructure and information systems are also covered in the next chapter.