Skip to end of banner
Go to start of banner

Insufficient Granularity of Access Control (Dictionary Entry)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Contexts

IAM

Term

Insufficient Granularity of Access Control

Alternative Forms

Definitions

A system weakness characterized by access controls designed too coarsely to assure the required security level

Related Terms

Quotes

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

(MITRE, 2020(2))

Bibliography

See Also

  • XXX

  • No labels

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.