The 最小特权原则 is also commonly known in the cybersecurity community as 最小权限访问(LPA). This concept in the security world essentially stipulates that there is a minimum amount of privilege – or access – granted to any entity that is a human user or automated process that needs permission to use an application to achieve its goals 和 which is also compliant with the organization’s risk goals.
Privilege creep is the process of losing control of the number of permissions a specific user maintains in order to do their job or to complete a task. 简单地说, if a user no longer needs access to a certain application to do their job, then that permission should be revoked to maintain as secure of an environment as possible.
在这种情况下, certain users obtain 和 hold more permissions 和 higher levels of access than their current job roles or responsibilities actually warrant. 这可能会发生, 例如, permissions are granted to access resources for a temporary work assignment of short duration, but are not subsequently disallowed when that work assignment comes to an end.
类似的, a change of job responsibilities could lead to an aggregation of privileges 和 permissions the person no longer needs. Automating LPA can help to address challenges like privilege creep 和 also:
的概念 零信任 主要依靠不同方法的验证. 在这个安全场景中, a user will never be able to simply gain access without undergoing some type of verification check. The most common type of verification technology is multi-factor authentication (MFA). 这通常以输入硬件密钥的形式出现, 正在接收验证文本消息, 或者输入一次性密码,这样他们就能进入.
最小特权, 另一方面, is a process by which a user is inherently trusted 和 verified for the length of time they’ll need access to the application or 程序 – meaning they won’t have to overcome any security verification measures to gain access.
LPA is important because it helps to keep a network as secure as possible. It does this by limiting the number of permissions network users need to do their job. 以这种方式, 特定的用户最终不会拥有过多的权限, 但人们通常可以理解他们是如何做到的.
网络环境, 特别是在大企业中, 通常规模非常大, 而且要知道用户需要的确切权限并不总是那么容易. 类似的, when you’re not quite sure what permissions a new user will need in the long run, it may be more convenient to over-provision in the off-chance they’ll require those permissions in the future.
如果用户的系统-或 端点 ——是要妥协的, a threat actor would have access to all of the user’s unnecessary escalated permissions. 这可能使威胁行为者有可能实施 ransomware攻击 by leveraging stolen privileges to hop from 系统 to 系统 so they can easily scour the network 和 find desirable 要加密的数据 和漏出.
特权蔓延发生在每个安全组织, 和 it can seem difficult – if not unfathomable – to hope to successfully manage excessive permissions at scale. Any solution to this problem needs to be able to establish a baseline of what normal activity looks like, which can be accomplished by tracking actual activity over a set period of time.
一旦建立了正常的基线, that normal activity can be correlated with the permissions granted to a given entity, 和 the permissions can be automatically adjusted to adhere to the organization's LPA guidelines.
LPA的好处是巨大的. An 身份和访问管理(IAM) 程序, a broader category concerning access under which the concept of LPA falls, 是任何现代安全程序的关键组成部分吗.
A key benefit in instituting the principle of least privilege is that it essentially locks down the network 攻击表面 而不会导致生产力显著下降. Let’s take a look at some of the other benefits of a least privilege access model:
Teams can establish 和 manage LPA by setting the minimum privileges possible to achieve the organization's risk goals. 他们还可以:
LPA是一个永无止境的过程, requiring ongoing assessment of privilege levels against organizational roles 和 permissions. 通过过度的特权账户发现和一些指导补救, 云基础设施授权管理(CIEM) 工具可以帮助组织走向更强大的安全状态.