Skip to end of banner
Go to start of banner

Gegick, M., Barnum, S., 2005. Least Privilege. DHS CISA - Build Security In (US CERT Web Archive)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Least Privilege

article

Authors

Gegick, M., Barnum, S.

Year

2005 (Revised 2013)

Abstract

Only the minimum necessary rights should be assigned to a subject that requests access to a resource and should be in effect for the shortest duration necessary (remember to relinquish privileges). Granting permissions to a user beyond the scope of the necessary rights of an action can allow that user to obtain or change information in unwanted ways. Therefore, careful delegation of access rights can limit attackers from damaging a system.

()

Citation

Gegick, M., Barnum, S., 2005. Least Privilege [WWW Document]. DHS CISA - Build Security In (US CERT Web Archive). URL https://www.us-cert.gov/bsi/articles/knowledge/principles/least-privilege (accessed 6.22.20).

  • No labels

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.