Long ago in a galaxy far away, two Jedi Knights by the names of Jerry Saltzer and Michael Schroeder published a paper titled "The Protection of Information in Computer Systems (PDF)." Section three of that paper is a quick treatment of some essential design principles for information security. To say that "Saltzer and Schroeder," as it has come to be known, was a seminal work in security is an understatement; everything they had to say back in 1975 is relevant today, nearly 40 years later.
