Definitions Edit

Least privilege is

the principle that requires each user in a system to be granted only the privileges needed for the performance of authorized tasks.[1]
[the p]rinciple of having access to the least information or fewest resources necessary to complete a legitimate purpose.[2]
the security objective of granting users only those accesses they need to perform their official duties.[3]
[a] foundational security principle that states that every program and every user of the system should operate using the least set of privileges necessary to complete the job. Primarily, this principle limits the damage that can result from an accident or error. It also reduces the number of potential interactions among privileged programs to the minimum for correct operation, so that unwanted, unintentional, or improper uses of privilege are less likely to occur. [4]
[t]he technique of assigning privileges for doing certain functions to only those that require them.[5]

Overview Edit

"For example, restricting the ability to create new user accounts to only the system administrator or a user that should only be able to query a database, but has privileges to delete the folder containing the database file."[6]

References Edit

  1. NSTISSAM INFOSEC 1-99, at 17.
  2. Cybersecurity A Primer for State Utility Regulators, App. B.
  3. NIST Special Publication 800-12.
  4. NIST Special Publication 800-160, at B-7.
  5. Common Cybersecurity Vulnerabilities in Industrial Control Systems, at 67.
  6. Id.

See also Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.