Least privilege principle

Privilege

Authorization to perform a given task.
Similar to access control clearance.

Each subject should have, at any given time, the exact privileges required for the assigned tasks.

Fewer privileges than the required create unsurpassable barriers.
More privileges than required create vulnerabilities.
- Damage resulting from accidents or errors.
- Potential interactions among privileged programs.
- Misuse of privileges.
- Unwanted information flows.
  - "need-to-know" military restrictions.

PreviousAccess types NextAccess control models

Last updated 6 months ago