Explore chapters and articles related to this topic
Cyber Offence Landscape
Published in Stanislav Abaimov, Maurizio Martellini, Cyber Arms, 2020
Stanislav Abaimov, Maurizio Martellini
Privilege escalation is the process of gaining higher level access rights to the target system, by exploiting the system vulnerabilities using already existing partial access. It can be accomplished through the exploitation of the system kernel or by taking advantage of misconfigurations or insecurely set configurations and local applications that are operating with higher permissions. In misconfigured systems the low-privileged user may have the ability to act as an administrator directly and run specific commands, which might be misused by an attacker. The attackers may be able to access and modify custom made scripts or shell scripts that are not secured properly, in order to pass operating system commands through them or gain direct access to an operating system shell.
Security in the Cloud
Published in John W. Rittinghouse, James F. Ransome, Cloud Computing, 2017
John W. Rittinghouse, James F. Ransome
As discussed in Chapter 5, identity and access management is a critical function for every organization, and a fundamental expectation of SaaS customers is that the principle of least privilege is granted to their data. The principle of least privilege states that only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary.17 However, business and IT groups will need and expect access to systems and applications. The advent of cloud services and services on demand is changing the identity management landscape. Most of the current identity management solutions are focused on the enterprise and typically are architected to work in a very controlled, static environment. User-centric identity management solutions such as federated identity management, as mentioned in Chapter 5, also make some assumptions about the parties involved and their related services.
Securing Web Applications Using Security Patterns
Published in Durgesh Kumar Mishra, Nilanjan Dey, Bharat Singh Deora, Amit Joshi, ICT for Competitive Strategies, 2020
Charu Gupta, R. K. Singh, A. K. Mohapatra
For prevention of attacks due to Broken Authentication, security patterns namely Password Design and Use, Identification and Authentication, Authorisation, Secure Session, Multilevel Security, Account Lockout, XML Message Inspector, XML Message Router are required. No framework considered in this paper has implemented all. A developer should incorporate these to ensure strong password policy, account lockout for preventing brute force attack, creating and managing session securely to prevent spoofing attacks in a web application. These patterns alongwith authorizer, role based access, single access point, check point and secure state machine will prevent privilege escalation.
Least Privilege across People, Process, and Technology: Endpoint Security Framework
Published in Journal of Computer Information Systems, 2022
Miloslava Plachkinova, Kenneth Knapp
General information security models often recommended by industry professionals include time-based security, defense-in-depth, baseline security, principle of least privilege, perimeter hardening, zero-trust, and intrusion detection/prevention. The principle of least privilege ensures that every user and system program should be given the least set of rights necessary to complete a job or task and nothing more.5 This principle can be applied to minimize the number of interactions among programs and users so that abuses or excessive privileges are less likely to occur. As a result, this principle limits the damage resulting from a security incident whether malicious or unintentional. The military security clearance rule of ‘need-to-know’ is an example of this principle. Applied to the endpoint, if a user does not have a ‘need-to-use’ a particular application, it should be restricted. The current paper exclusively uses the principle of least privilege as a general security model for promoting endpoint security in organizations. The proposed solution provides a holistic approach because we look into this principle from different aspects within an organization.