Least privilege

A security technique that provides a security boundary for applications and prevents the application from interacting with other applications. Anti-malware applications use sandboxing techniques to test unknown applications. If the application displays suspicious characteristics, the sandboxing technique prevents the application from infecting other applications or the operating system.
[view]

The principle that allows a process to read from and write to certain memory locations and resources only. This is an alternate name for the * (star) Security Property of the Bell–LaPadula model.
[view]

A process that ensures that the requested activity or object access is possible given the rights and privileges assigned to the authenticated identity (in other words, subject). Access privileges granted to a user, program, or process. The granting of right of access to a user, program, or process.
[view]

A security procedure under which users are granted only the minimum access authorization they need to perform required tasks. An access control philosophy that states that subjects are granted the minimal access possible for the completion of their work tasks.
[view]

A method of isolating information resources based on a user’s need to have access to that resource in order to perform their job but no more; for example, a personnel officer needs access to sensitive personnel records and a marketing manager needs access to sensitive marketing information but not vice versa. The terms “needtoknow” and “least privilege” express the same idea. Needtoknow is generally applied to people, while least privilege is generally applied to processes. Necessity for access to, or knowledge or possession of, specific official information required to carry out official duties.
[view]