Encyclopedia

least privilege

Also found in: Acronyms, Wikipedia.
(redirected from Principle of least privilege)

least privilege

A basic principle in information security that holds that entities (people, processes, devices) should be assigned the fewest privileges consistent with their assigned duties and functions. For example, the restrictive "need-to-know" approach defines zero access by default and then opens security as required. All data in a corporate network would be off-limits except to specific people or groups (see role-based access control).

In contrast, a less-restrictive strategy opens up all systems and closes access as required; for example, allowing employees access to all systems except human resources and accounting, which would be limited to only employees in those departments.
Copyright © 1981-2025 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
Mentioned in
References in periodicals archive
(d) In the context of protecting personal information, the principle of least privilege means that access to personal information should be restricted to those employees who need the information to perform their jobs.
What's your fraud IQ? Best practices for protecting personally identifiable information
Paper [9] makes an adequate explanation of workflow-based authorization method which gives a corresponding authorization method for event sequence and a solution to "the principle of least privilege".
"The principle of least privilege" is one of the most basic principles in system security and the essential privilege of every subject (user or process) in grid when completing some kind of operation.
Meanwhile, due to the introduction of conception of atom role, the role granularity becomes smaller, then through dynamic combination, making authorization process meet "the principle of least privilege".
A dynamic role-based authorization model in grid environment
Hub can now take a white-list approach, in line with the prevailing "principle of least privilege" approach to security.
Faster VPN provides insurance: SSL VPN overcomes security and deployment challenges for third-party site connectivity
"Minimising administrative privileges is an exercise in the principle of least privilege. In a properly designed, administered and maintained environment there is no requirement for any user to have administrative privileges on their day-to-day account In addition there should be no account which has both administrative privileges and access to networks outside of the organisation, such as Internet or email services," it says.
IT security lessons that Australia can teach us
Role-based access: In addition to segregation of duty, it's important to work to the principle of least privilege. Each individual should only be awarded a level of network access that is essential for them to do their job.
IT administrators go 'Rogue': minimising the threat from inside. (Infosecurity Europe 2009)
Copyright © 2003-2025 Farlex, Inc Disclaimer
All content on this website, including dictionary, thesaurus, literature, geography, and other reference data is for informational purposes only. This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional.