Versions Compared

Old Version 1

changes.mady.by.user David Doret

Saved on

compared with

New Version 2

changes.mady.by.user David Doret

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties

Contexts

IAM

Term

Insufficient Granularity of Access Control

Alternative Forms

Definitions

A system weakness characterized by access controls designed too coarsely to assure the required security level

Related Terms

Quotes

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

...