User:HemsWiki/sandbox

Black & White Security Principle
This principle is associated with Infrastructure security and adaption of security for enterprise products. It explains the principle on which digital assets needs to be secured.

Principle Explained
The process is divided in two parts A Black Box and a White Box.

Black box represents IT security while white box represents enterprise products holding digital assets.

Black box looks at white box as a transparent insecure asset that needs to be secured irrespective of what security design considerations, principles or patterns it is built on. So according to the principle, Infrastructure should consider enterprise product an insecure product and should be configured to protect the product.

While white box looks at black box as a dark net or internet. Enterprise product is built on philosophy that IT security doesn’t exist and it is exposed to internet directly. So according to the principle, enterprise product must be created and secured keeping in mind, it will be deployed in an open and very insecure environment.

Conclusion
Together this principle ensures the optimum security for the deployment environment and product as a whole solution.