Synonyms
Related Concepts
Definition
The least privilege principle states that a subject (user or program) should be given only those privileges it actually needs to perform its job.
Theory
The least privilege principle was defined by Jerry Saltzer and Mike Schroeder [1] as follows.
Every program and every user of the system should operate using the least set of privileges necessary to complete the job.
The importance of the least privilege principle is widely recognized since it minimizes the danger of damage due to inadvertent errors, Trojan Horses, or intruders masquerading as legitimate users. Although the least privilege principle is by itself a simple and fundamental design principle, in real practice its enforcement is not straighforward. The main motivation is that it may be difficult to determine the least amount of privileges a user/process will ever need to perform its job.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsRecommended Reading
Saltzer JH, Schroeder MD (1975) The protection of information in computer systems. Proc. IEEE, 63(9):1278–1308
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
De Capitani diVimercati, S. (2011). Least Privilege. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_820
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_820
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering