Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
schneierBruce SchneierSCHNEIER:7F842637C6663479212B6B2901A4BC39
HistoryDec 07, 2022 - 12:04 p.m.

The Decoupling Principle

2022-12-0712:04:41
Bruce Schneier
www.schneier.com
6
decoupling principle
privacy
information splitting
architectural decoupling
institutional decoupling
service providers
data breaches
JSON

This is a really interesting paper that discusses what the authors call the Decoupling Principle:

> The idea is simple, yet previously not clearly articulated: to ensure privacy, information should be divided architecturally and institutionally such that each entity has only the information they need to perform their relevant function. Architectural decoupling entails splitting functionality for different fundamental actions in a system, such as decoupling authentication (proving who is allowed to use the network) from connectivity (establishing session state for communicating). Institutional decoupling entails splitting what information remains between non-colluding entities, such as distinct companies or network operators, or between a user and network peers. This decoupling makes service providers individually breach-proof, as they each have little or no sensitive data that can be lost to hackers. Put simply, the Decoupling Principle suggests always separating who you are from what you do.

Lots of interesting details in the paper.

JSON