What is the principle of least privilege?
What is the principle of least privilege?
Rating:
The principle of least privilege states that users or processes are to be provided with only those minimum set of privileges that are just sufficient to accomplish their requisite roles, so that even if the users try, they cannot perform those actions that may critically endanger the safety of data in the event of any malicious attacks. It is important to mention that some damage to data may still be unavoidable. Therefore, after identifying the scope of their role, users are allocated only those minimal privileges just compatible with that role. This helps in minimizing the damage to data due to malicious attacks. Grant of more privileges than necessary may make data critically vulnerable to malicious exploitation.
The principle of least privilege is also known as the principle of minimal privilege and is sometimes also referred to as POLA, an abbreviation for the principle of least authority.
The principle of least privilege is implemented to enhance fault tolerance, i.e. to protect data from malicious attacks.
While applying the principle of least privilege, one should ensure that the parameter 07_DICTIONARY_ACCESSIBILITY in the data dictionary is set to FALSE, and revoke those packages and roles granted to a special pseudo-user known as
Some of the packages that are granted to the special pseudo-user known as
- UTL_TCP
- UTL_SMTP
- UTL_HTTP
- UTL_FILE
Rating:
Other articles
- What are the advantages of Oracle managed files (OMF)?
- What is object privilege?
- What are ADDM alerts?
- What is the REMOTE_OS_AUTHENT parameter?
- What is redo log buffer?