nChoose techniques to mitigate the Threats (techniques != technologies)
nSpoofing identity
nAuthentication (i.e. X.509 certificates, IPSec,
HTTP Basic Authentication, Digest
Authentication, DCOM)
nProtect secrets
nDon’t store secrets
nTampering with data
nAuthorization (i.e. ACL, Privileges, IP adress
restrictions)
nHashes
nMessage authentication codes
nDigital signatures
nTamper-resistant protocols (SSL/TLS, IPSec,
DCOM, EFS)