Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties

Contexts

IAM

Term

Insufficient Granularity of Access Control

Alternative Forms

Definitions

A system weakness characterized by access controls designed too coarsely, making it impossible to configure access permissions that satisfy the required least privileges.

It is a design flaw and is distinct from improperly configured access controls.

Related Terms

Quotes

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

...

Bibliography

See Also

...

Filter by label (Content by label)
showLabelsfalse
sorttitle
cqllabel = "insufficient-granularity-of-access-control"