Least Privilege Principle

GPTKB entity

Statements (41)
Predicate Object
gptkbp:instanceOf Security Principle
gptkbp:alsoKnownAs Principle of Least Privilege
gptkbp:appliesTo gptkb:Access_Control
gptkb:Computer_Security
gptkbp:benefit Facilitates auditing and monitoring
Limits spread of malware
Minimizes attack surface
gptkbp:challenge Balancing usability and security
Complexity in large organizations
Managing privilege creep
gptkbp:defines Users, programs, and systems should be granted the minimum levels of access necessary to perform their functions.
gptkbp:enforcedBy Security Policies
User Permissions
Access Control Mechanisms
Privilege Management Tools
gptkbp:example Applications run with only necessary permissions
Database accounts have only required access
Standard users do not have administrator rights
gptkbp:goal Limit potential damage from accidents or attacks
Reduce security risks
https://www.w3.org/2000/01/rdf-schema#label Least Privilege Principle
gptkbp:originatedIn gptkb:Saltzer_and_Schroeder's_1975_paper
gptkbp:recommendation gptkb:NIST
gptkb:ISO/IEC_27001
gptkb:CIS_Controls
gptkbp:relatedTo gptkb:Role-Based_Access_Control
gptkb:Separation_of_Duties
Access Control System
Zero Trust Security Model
gptkbp:usedIn Cloud Computing
Network Security
Operating Systems
Application Security
Database Management
gptkbp:violatedBy Granting excessive permissions
Not revoking access when no longer needed
Using shared privileged accounts
gptkbp:bfsParent gptkb:Privilege_Escalation
gptkb:Identity_and_Access_Management
gptkb:Broken_Access_Control
gptkbp:bfsLayer 6