Kujenga architecture salama kunamaanisha kutengeneza mifumo na kanuni za usalama iliyojenga — defense in depth, least privilege, zero trust, secure defaults, na zaidi. Kanuni hizi zinaongoza kujenga mifumo ambayo ina upinzani wa kukamatia kwa muundo.
Kanuni za msingi za usalama
DEFENSE IN DEPTH → multiple LAYERS of security (network, app, data, etc.) → no single
point of failure; if one layer fails, others still protect
LEAST PRIVILEGE → every component/user gets the MINIMUM access needed → limits blast radius
ZERO TRUST → "never trust, always verify" → don't trust based on network location;
authenticate/authorize every request (vs old "trusted internal network" model)
SECURE DEFAULTS → secure out of the box (closed by default, opt-in to open)
FAIL SECURELY → on failure, default to a SAFE/denied state (not open)
