- Published: September 15, 2022
- Updated: September 15, 2022
- University / College: George Washington University
- Level: Intermediate School
- Language: English
- Downloads: 34
WiFi, VPNs and Encryption WiFi, VPNs and Encryption Affiliation In the past few years, there have emerged a wide variety of security attacks such as viruses, worms and so many other types of security threats. Though, there are also a number of ways to deal with these threats but there is not a single perfect solution to completely avoid these threats. Once a computer or a server has been infected with these viruses, it is necessary for the administrator to use the mechanism of least privileges in order to complete their tasks. Basically, this mechanism allows the system users to run their processes using the minimum privileges required to complete the users processes. In this scenario, different restrictions are implemented on the system access mechanisms. As a result, it becomes very difficult for these security threats to pollute a system and spread to other systems and devices (Merrifield, 2015). In other words, the concept of least privileges is used by the system administrators to offer the smallest amount of system resources needed to complete important business tasks. This mechanism is implemented through a variety of methods such as user rights (for instance putting restrictions to users’ rights, the way they access to the systems), resource permissions for instance implementing restrictions on CPU, network, memory and file system permissions. For instance, if a middleware system simply needs access to the network, the capability to write to a log, and read access to a database table, it refers to all the authorizations that should be approved. However, the middleware server should not be granted administrative privileges in any case under any circumstances (OWASP, 2015).
References
Merrifield, J. (2015). Using a Least-Privileged User Account. Retrieved from Microsoft. com: https://technet. microsoft. com/en-us/library/cc700846. aspx
OWASP. (2015, March 05). Secure Coding Principles. Retrieved from https://www. owasp. org/index. php/Secure_Coding_Principles