User Tools

Site Tools


principles:principle_of_least_privilege

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
Next revisionBoth sides next revision
principles:principle_of_least_privilege [2017-10-26 14:18] – created moxprinciples:principle_of_least_privilege [2017-11-19 21:41] – PoLP: structure christian
Line 1: Line 1:
 ====== Principle Of Least Privilege ====== ====== Principle Of Least Privilege ======
- 
-The original formulation is the following: every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job. From Jerome H. Saltzer in 1974. 
  
 ===== Variants and Alternative Names ===== ===== Variants and Alternative Names =====
Line 9: Line 7:
  
 ===== Context ===== ===== Context =====
-  * [[contexts:]] +  * [[contexts:Security]] 
  
  
 ===== Principle Statement ===== ===== Principle Statement =====
  
-In a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose+Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job.  
  
 ===== Description ===== ===== Description =====
  
 +In a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
  
 ===== Rationale ===== ===== Rationale =====
Line 32: Line 32:
 ===== Origin ===== ===== Origin =====
  
 +From Jerome H. Saltzer in 1974.
  
 ===== Evidence ===== ===== Evidence =====
Line 38: Line 39:
 /*  * [[wiki:Proposed]]*/ /*  * [[wiki:Proposed]]*/
 /*  * [[wiki:Examined]]*/ /*  * [[wiki:Examined]]*/
-/*  * [[wiki:Accepted]]*/+ 
 +  * [[wiki:Accepted]] 
 /*  * [[wiki:Questioned]]*/ /*  * [[wiki:Questioned]]*/
  
principles/principle_of_least_privilege.txt · Last modified: 2021-10-18 22:16 by christian