U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

least privilege

Definition(s):

  The principle that a security architecture should be designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function.
Source(s):
NIST SP 800-12 Rev. 1 under Least Privilege from CNSSI 4009
CNSSI 4009-2015 [Superseded]
NIST SP 800-171 Rev. 1 [Superseded]

  The principle that a security architecture is designed so that each entity is granted the minimum system resources and authorizations that the entity needs to perform its function.
Source(s):
NIST SP 800-53 Rev. 5 from CNSSI 4009-2015

  The principle that a security architecture is designed so that each entity is granted the minimum system authorizations and resources that the entity needs to perform its function.
Source(s):
NIST SP 800-171 Rev. 2

  A security principle that restricts the access privileges of authorized personnel (e.g., program execution privileges, file modification privileges) to the minimum necessary to perform their jobs.
Source(s):
NIST SP 800-57 Part 2 [Superseded] under Least privilege