---
layout: default
title: "Chapter 1: Core Security Principles"
description: "The five fundamental principles that must guide all resistance security decisions"
section_number: "1-1 to 1-5"
prev_page:
title: "Part I: Foundations"
url: "/parts/part-1/"
next_page:
title: "Chapter 2: Threat Assessment"
url: "/chapters/chapter-2/"
---
# Chapter 1: Core Security Principles
## Chapter Overview
This chapter establishes the five fundamental principles that must guide all resistance security decisions. These principles, derived from decades of resistance experience and modern security research, provide the conceptual framework for evaluating threats, designing countermeasures, and making operational decisions under pressure.
**Sections in this chapter:**
- 1-1: Principle of Least Privilege
- 1-2: Need-to-Know Basis
- 1-3: Compartmentalization and Cell Structure
- 1-4: Zero Trust Verification
- 1-5: Metadata Minimization
---
## Section 1-1: Principle of Least Privilege
### Definition
The Principle of Least Privilege states that every person, process, and system should have access only to the minimum resources necessary to perform their legitimate function. In resistance operations, this means limiting access to information, tools, and capabilities to the smallest set required for operational effectiveness.
### Application in Resistance Operations
#### Information Access
- **Operational details** are shared only with those who need them for their specific role
- **Contact information** is limited to direct operational relationships
- **Strategic plans** are known only to leadership and those implementing specific components
- **Technical details** are restricted to those responsible for implementation and maintenance
#### System Access
- **Communication platforms** grant access only to relevant channels and groups
- **File repositories** provide access only to documents needed for specific roles
- **Administrative privileges** are limited to the minimum number of trusted individuals
- **Backup systems** are accessible only to designated recovery personnel
#### Physical Access
- **Meeting locations** are known only to attendees and necessary support personnel
- **Safe houses** are accessed only by those with operational need
- **Equipment storage** is limited to those responsible for specific tools or supplies
- **Document storage** is restricted to those who create, maintain, or use specific materials
### Implementation Guidelines
DO
- Regularly review and audit access permissions
- Remove access immediately when roles change
- Document access decisions and their justifications
- Use role-based access control when possible
- Implement time-limited access for temporary needs
DON'T
- Grant access "just in case" it might be needed
- Share credentials or allow access sharing
- Assume that trust equals need for access
- Delay removing access when it's no longer needed
- Grant broad access to avoid managing specific permissions
### Common Violations and Consequences
**Violation:** Sharing operational plans with all cell members regardless of their role
**Consequence:** Compromise of one member leads to exposure of entire operation
**Violation:** Using shared accounts for multiple purposes
**Consequence:** Inability to track access or revoke permissions for specific individuals
**Violation:** Granting administrative access to avoid permission requests
**Consequence:** Accidental or malicious damage to critical systems
---
## Section 1-2: Need-to-Know Basis
### Definition
Need-to-Know is an information security principle that restricts access to sensitive information to only those individuals who require it to perform their duties. Unlike Least Privilege, which focuses on access controls, Need-to-Know addresses the content and scope of information sharing.
### Information Classification
#### Operational Classifications
**CRITICAL** - Information whose compromise would cause immediate operational failure
- Real names and personal details of participants
- Specific operational plans and timelines
- Location and access details for safe houses
- Technical vulnerabilities and exploitation methods
**SENSITIVE** - Information whose compromise would significantly impact operations
- Communication protocols and procedures
- General operational capabilities and resources
- Training materials and educational content
- Historical operational data and lessons learned
**RESTRICTED** - Information whose compromise would cause limited damage
- General security guidelines and best practices
- Public-facing materials and propaganda
- Non-sensitive logistical information
- Educational resources available from public sources
**UNCLASSIFIED** - Information that can be shared without operational impact
- Publicly available tools and software
- General security awareness materials
- Historical information about resistance movements
- Legal and political analysis available from public sources
### Information Sharing Protocols
#### Vertical Information Flow
- **Upward reporting** includes only information necessary for decision-making
- **Downward direction** provides only information necessary for task execution
- **Status updates** focus on operational requirements rather than comprehensive briefings
- **Emergency communications** may temporarily bypass normal restrictions
#### Horizontal Information Flow
- **Peer coordination** shares only information necessary for joint operations
- **Cross-cell communication** is limited to specific operational requirements
- **Resource sharing** includes only information necessary for effective utilization
- **Mutual support** provides assistance without unnecessary information disclosure
### Implementation in Practice
#### Meeting Protocols
```
Before sharing information in any meeting:
1. Identify who needs this specific information
2. Determine the minimum detail level required
3. Consider whether the information can be compartmentalized
4. Verify that all attendees have operational need for the information
5. Document what was shared and with whom
```
#### Communication Guidelines
- Use **coded language** for sensitive topics even in secure channels
- **Separate conversations** by topic and participant need
- **Time-limit** access to sensitive information when possible
- **Verify recipient identity** before sharing sensitive information
Information Discipline
The natural human tendency is to share information to build trust and demonstrate competence. In resistance operations, this tendency must be consciously overcome. Information discipline requires constant vigilance and may feel antisocial, but it is essential for operational security.
---
## Section 1-3: Compartmentalization and Cell Structure
### Definition
Compartmentalization is the practice of isolating information, people, and operations into discrete units (cells) that can function independently and have limited knowledge of other units. This structure prevents the compromise of one element from cascading through the entire organization.
### Cell Structure Design
#### Basic Cell Characteristics
- **Size limitation**: 3-7 members for optimal security and effectiveness
- **Functional focus**: Each cell has a specific operational purpose
- **Limited connectivity**: Minimal connections to other cells
- **Independent capability**: Can operate without external support for extended periods
- **Redundant skills**: Multiple members can perform critical functions
#### Cell Types
**Operational Cells**
- Execute specific resistance activities
- Have detailed knowledge of their operations only
- Receive direction through secure channels
- Report results through established protocols
**Support Cells**
- Provide specialized services (technical, logistical, financial)
- Have broad knowledge of capabilities but limited operational details
- Serve multiple operational cells without knowing their specific activities
- Maintain strict separation between different support functions
**Communication Cells**
- Facilitate secure communication between other cells
- Know communication protocols but not operational content
- Provide technical infrastructure and training
- Maintain multiple redundant communication channels
**Leadership Cells**
- Coordinate strategic direction and resource allocation
- Have broad operational awareness but limited tactical details
- Make decisions based on summarized reports rather than raw intelligence
- Maintain multiple independent communication channels
### Inter-Cell Communication
#### Communication Protocols
- **Scheduled contacts** at predetermined intervals
- **Emergency procedures** for urgent communication needs
- **Authentication methods** to verify identity and message integrity
- **Fallback procedures** when primary communication channels fail
#### Information Flow Management
```
Standard Communication Flow:
Operational Cell → Support Cell → Leadership Cell
Emergency Communication Flow:
Any Cell → Emergency Contact → Leadership Cell
Cross-Cell Coordination:
Cell A → Leadership Cell → Cell B
(Direct cell-to-cell communication only for specific authorized operations)
```
#### Security Measures
- **Unique communication methods** for each cell relationship
- **Time-delayed communication** to prevent real-time tracking
- **Multiple authentication factors** for sensitive communications
- **Regular communication schedule changes** to prevent pattern analysis
### Compromise Response
#### Isolation Procedures
When a cell is compromised:
1. **Immediate isolation** - Cut all communication with compromised cell
2. **Damage assessment** - Determine what information was exposed
3. **Notification protocol** - Alert affected cells through secure channels
4. **Operational adjustment** - Modify plans based on exposed information
5. **Recovery planning** - Develop procedures for reconstituting capabilities
#### Continuity Planning
- **Redundant capabilities** across multiple cells
- **Succession planning** for key roles and functions
- **Resource distribution** to prevent single points of failure
- **Alternative communication channels** for emergency coordination
Cell Discipline
Effective compartmentalization requires strict discipline from all participants. The temptation to share information across cell boundaries for efficiency or social reasons must be resisted. Remember: the inconvenience of compartmentalization is far less than the consequences of cascade compromise.
---
## Section 1-4: Zero Trust Verification
### Definition
Zero Trust is a security model that assumes no user, device, or communication can be trusted by default, even if they are inside the organization's network or have been previously verified. Every access request must be authenticated, authorized, and continuously validated.
### Core Zero Trust Principles
#### Never Trust, Always Verify
- **Identity verification** required for every access request
- **Device authentication** before allowing network access
- **Continuous monitoring** of user and system behavior
- **Regular re-authentication** for ongoing access
#### Assume Breach
- **Design systems** to function even when partially compromised
- **Limit blast radius** of any potential compromise
- **Monitor for indicators** of compromise continuously
- **Plan response procedures** for various compromise scenarios
#### Verify Explicitly
- **Multi-factor authentication** for all sensitive access
- **Behavioral analysis** to detect anomalous activity
- **Contextual verification** based on location, time, and access patterns
- **Cryptographic verification** of message and file integrity
### Implementation in Resistance Operations
#### Identity Verification
```
Standard Verification Process:
1. Something you know (password, passphrase, coded response)
2. Something you have (device, token, physical key)
3. Something you are (biometric, behavioral pattern)
4. Somewhere you are (location verification, network analysis)
5. Someone you know (trusted introducer, mutual contact)
```
#### Communication Verification
- **Message authentication codes** to verify sender identity
- **Forward secrecy** to limit damage from key compromise
- **Out-of-band verification** for critical communications
- **Regular key rotation** to limit exposure windows
#### Device Trust
- **Device registration** and authentication before network access
- **Regular security updates** and vulnerability patching
- **Behavioral monitoring** for signs of compromise
- **Remote wipe capabilities** for lost or stolen devices
#### Network Segmentation
- **Micro-segmentation** to limit lateral movement
- **Encrypted communications** for all network traffic
- **Access logging** and monitoring for all network activity
- **Regular network topology changes** to prevent mapping
### Continuous Verification
#### Behavioral Monitoring
- **Baseline establishment** for normal user behavior
- **Anomaly detection** for unusual access patterns
- **Risk scoring** based on multiple behavioral factors
- **Adaptive authentication** based on risk assessment
#### Regular Re-authentication
- **Time-based re-authentication** for ongoing access
- **Activity-based verification** for sensitive operations
- **Location-based challenges** for access from new locations
- **Privilege escalation verification** for administrative functions
Paranoia vs. Security
Zero Trust may seem paranoid, but it reflects the reality of operating in a hostile environment where compromise is not a matter of if, but when. The goal is not to prevent all compromise, but to limit its impact and maintain operational capability even under adverse conditions.
---
## Section 1-5: Metadata Minimization
### Definition
Metadata is "data about data" - information that describes the characteristics of communications and activities without revealing their content. In resistance operations, metadata analysis can reveal operational patterns, network structures, and behavioral indicators even when all content is encrypted.
### Types of Metadata
#### Communication Metadata
- **Sender and recipient** identities and addresses
- **Timestamps** of message creation, transmission, and receipt
- **Message size** and format information
- **Routing information** including intermediate servers and networks
- **Device information** including hardware and software details
#### Location Metadata
- **GPS coordinates** from mobile devices and applications
- **Network location** data from Wi-Fi and cellular connections
- **Movement patterns** derived from sequential location data
- **Association patterns** based on co-location with other devices
#### Behavioral Metadata
- **Usage patterns** including timing and frequency of activities
- **Application usage** and feature utilization patterns
- **Network traffic patterns** including volume and timing
- **Device interaction patterns** including typing and usage behaviors
#### Financial Metadata
- **Transaction timing** and frequency patterns
- **Payment methods** and account relationships
- **Geographic patterns** of financial activity
- **Association patterns** with other financial accounts
### Metadata Analysis Capabilities
#### Pattern Recognition
Modern data analysis can identify:
- **Communication networks** and hierarchical structures
- **Operational cycles** and planning timelines
- **Geographic patterns** and safe house locations
- **Behavioral signatures** unique to specific individuals
#### Predictive Analysis
Metadata can be used to:
- **Predict future activities** based on historical patterns
- **Identify key individuals** based on network centrality
- **Detect operational planning** through communication pattern changes
- **Locate physical meetings** through device co-location analysis
### Minimization Strategies
#### Communication Minimization
DO
- Use different communication methods for different purposes
- Vary timing and frequency of communications
- Use intermediary systems to break direct connections
- Employ time-delayed communication when possible
- Use broadcast methods for one-to-many communication
DON'T
- Use the same communication channel for all purposes
- Maintain regular communication schedules
- Allow direct communication between all network members
- Use personal devices for resistance communications
- Ignore the metadata implications of communication choices
#### Location Minimization
- **Disable location services** on all devices used for resistance activities
- **Use public Wi-Fi** from locations unconnected to your identity
- **Vary locations** for different types of activities
- **Avoid patterns** in movement and location choices
- **Use transportation methods** that don't create digital records
#### Temporal Minimization
- **Randomize timing** of communications and activities
- **Use time delays** to break real-time correlation
- **Avoid regular schedules** that create predictable patterns
- **Coordinate timing** to create false patterns when beneficial
- **Use automated systems** to decouple activity timing from human schedules
#### Technical Minimization
```
Technical Metadata Reduction:
1. Use Tor or similar anonymization networks
2. Employ VPNs with no-logging policies
3. Use disposable email addresses and accounts
4. Regularly change device identifiers when possible
5. Use different devices for different operational purposes
```
### Metadata-Aware Operational Planning
#### Communication Planning
- **Map metadata exposure** for all planned communications
- **Design communication flows** to minimize revealing patterns
- **Plan for metadata analysis** by adversaries
- **Develop cover stories** for unavoidable metadata patterns
#### Activity Planning
- **Consider metadata implications** of all operational activities
- **Design operations** to create misleading metadata when possible
- **Plan timing** to minimize correlation opportunities
- **Coordinate activities** to distribute metadata across multiple participants
Metadata Discipline
Effective metadata minimization requires thinking about the digital traces of every action before taking it. This becomes second nature with practice, but initially requires conscious effort and planning. The investment in metadata discipline pays dividends in operational security and longevity.
---
## Chapter Summary
The five core security principles covered in this chapter provide the foundation for all resistance security operations:
1. **Least Privilege** limits access to the minimum necessary for operational effectiveness
2. **Need-to-Know** restricts information sharing to operational requirements
3. **Compartmentalization** isolates operations to prevent cascade compromise
4. **Zero Trust** assumes compromise and requires continuous verification
5. **Metadata Minimization** reduces digital traces that reveal operational patterns
These principles must be applied consistently across all aspects of resistance operations, from technical tool selection to operational planning to daily security practices. They are not merely guidelines but operational requirements for survival in a hostile environment.
### Integration and Balance
While each principle is important individually, their real power comes from integrated application. Effective resistance security requires balancing these principles against operational requirements and human limitations. Perfect adherence to all principles simultaneously may be impossible, but conscious application of each principle to every security decision will dramatically improve operational security.
### Next Steps
Chapter 2 builds on these foundational principles by providing systematic approaches to threat assessment and operational environment analysis. Understanding these principles is essential preparation for the practical threat modeling exercises that follow.
---
**Next:** [Chapter 2: Threat Assessment and Operational Environment →](/chapters/chapter-2/)