Security Basics: The Principle of Least Privilege

Whenever I’m asked about creating a security model for an application or database, I tell folks to follow the Principle of Least Privilege. There are several definitions out there, some wordier than others. Here’s mine:

Give the permissions necessary to do the job. No more. No less.

If this is the basis for your security model, you’re in good shape. I often tie the Principle of Least Privilege into the CIA Triad for information security. I’ll cover that in another post. However, the CIA triad is an acronym of these three words: Confidentiality, Integrity, and Availability. These are referring to systems and data. With that as a basis, here’s how the Principle of Least Privilege is connected to the CIA triad:

The permission to do the job.

Nothing more.

  • Threatens confidentiality.
  • Threatens integrity.

Nothing less.

  • Threatens availability.

3 Comments (+add yours?)

  1. tonny poulsen
    Jul 17, 2017 @ 02:43:22

    I have another triad that i’m using. This is aimed at the insider threat: It is called MOC as in Motivation, Opportunity, Capability.
    Remove one of them and the data is secure


    • K. Brian Kelley
      Jul 19, 2017 @ 15:07:16

      The issue is that outsiders will compromise user accounts. So even if you remove motivation from the actual person, that still fails if the person’s account is compromised.


  2. Trackback: SQL Server Security Basics | The Principle of Least Privilege – SQLpathy

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: