Insufficient Granularity of Access Control (Dictionary Entry)

Contexts

IAM

Term

Insufficient Granularity of Access Control

Alternative Forms

 

Definitions

A system weakness characterized by access controls designed too coarsely, making it impossible to configure access permissions that satisfy the required least privileges.

It is a design flaw and is distinct from improperly configured access controls.

Related Terms

 

Quotes

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

(MITRE, 2020(2))

Bibliography

See Also


Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.


This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.