fereteacher.blogg.se - Security program for a google chrome book

We limit the impact of decisions, and make them revocable.

We ask for decisions in a way users comprehend.

Users only get asked to make security decisions when there is no better alternative.

We can send the right signals to users, and keep them informed.

We work to design our user experience so that: It is therefore difficult to properly assess risk in the face of such complexity, but this is not the users' fault. The web and Android app ecosystems are really a huge set of intertwined, semi-compatible implementations of overlapping standards.

Don't scapegoat our users: In real life, people assess their risk all the time.

In particular, users should not need to make configuration changes to get a secure experience and we generally avoid providing settings that would allow users to inadvertently turn off security defenses. All Chrome OS features are designed to minimize security risks so the user is generally not required to fully understand the security implications of using their device: the OS will just pick secure defaults.

Make the system secure by default: A safe system is not an advanced or optional feature it's the default for Chrome OS.

We place additional layers of defense to minimize the amount of damage the attacker can cause after compromising the initial layer. We make it difficult for an attacker to get into the system, but assume that an attacker may gain entry. Deploy defenses in depth: Because no security solution is ever perfect, Chrome OS believes that we must deploy a variety of defenses to act as a series of bulwarks against an attacker.To guide this work, the Chrome OS security team adheres to the following set of principles: The team strives for usable security: providing users with a computing experience that achieves good security while being pleasant to use. Principles of Chrome OS securityĬhrome OS' main security goal is to protect user data and prevent devices from being compromised, while enabling users to operate their devices as they see fit. It enumerates the principles the Chrome OS team uses to think about security, explains how these principles apply to different Chrome OS use cases, and outlines how these principles translate to security features in Chrome OS devices.Īfter going through this document the reader should be able to understand what threats Chrome OS aims to defend against, and how the system implements these defenses. This document describes the high-level security architecture of Chrome OS. What Chrome OS security means for organizations.

What Chrome OS security means for users.How our principles inform the threat model.Common use-cases and security requirements.