Compartmentalization is a security principle in which different identities (or projects) are kept separate so that they cannot be connected, and the compromise of one is isolated from the compromise of the others. This principle can be applied to both digital and non-digital identities.
Examples of digital compartmentalization include:
- Using different email accounts for different digital identities, such as one account for work, another for friends, another for a specific sensitive project, etc. This way, if an adversary knows your work email address and discovers your sensitive email address after seizing a computer in a house raid, because the email addresses are different, they won't know that they belong to the same person.
- Using different Tails[1] USB sticks or Qubes OS[2] virtual machines for different digital identities. This way, if an adversary compromises one stick or virtual machine with malware, the compromise won't spread to other sticks or virtual machines.
Examples of non-digital compartmentalization include:
- Using different names in different contexts, such as using your civil name with your family and an alias with your friends. An alias can be specific to a place, time, or group of people you interact with. This way, if an adversary compromises one of your names, it won't necessarily lead to the compromise of the others.
- Applying the need-to-know principle by sharing sensitive information only when it is necessary to do so, and only to the extent necessary.
Compartmentalization can be a useful tool for remembering to apply mitigations consistently within a project. For example, you may want to always take anti-surveillance measures when traveling as part of a specific project, but not make the same effort for another, less sensitive project.
Techniques addressed by this mitigation
| Name | Description | |
|---|---|---|
| Network mapping | You can compartmentalize your different identities (or projects) to make it harder for an adversary to conduct network mapping. | |
| Targeted digital surveillance | ||
| Malware | If an adversary installs malware on a Tails[1] USB stick or a Qubes OS[2] virtual machine that you use for different digital identities, they can tie the different identities together. To mitigate this, you can use different Tails USB sticks or Qubes OS virtual machines for different digital identities. | |
| Network forensics | An adversary can establish links between different digital identities through the footprints left by their network traffic. To mitigate this, you can compartmentalize different digital identities by: | |