Privilege Aggregation and Creep
Privilege Aggregation and Creep is the cause and effect. Here’s my definition:
The privileges granted to a subject accumulate, e.g. because of promotions or rotations over time, to the extent that the aggregation of the privileges exceeds what the subject needs to do his or her duty or violates the security policies.
Confusion Point
Aggregation and Inference in the Context of Privacy
I treat aggregation as the means, while inference as the end. It’s just a process of data collection and reasoning by induction and deduction to make a conclusion.
Example: Aggregation Scam
Access Control Terminologies
Identity
An attribute or set of attributes that uniquely describe a subject within a given context.
NIST SP 800-63-3 under Identity
Subject
An active entity, generally in the form of a person, process, or device, that causes information to flow among objects or changes the system state.
NIST SP 800-33
Privilege
A right granted to an individual, a program, or a process.
NIST SP 800-12 Rev. 1 under Privilege (CNSSI 4009)
Permission
Authorization to perform some action on a system.
NISTIR 7316
Authorization
The right or a permission that is granted to a system entity to access a system resource. NIST SP 800-82 Rev. 2 under Authorization (RFC 4949)
The process of initially establishing access privileges of an individual and subsequently verifying the acceptability of a request for access.
NISTIR 4734 under Authorization
Entitlement
Something that you have a right to do or have, or the right to do or have something.
Cambridge Dictionary
Very nice information…You deserve more followers 🙂
BTW, if you have time, please visit my blog and if you like my posts, please follow my blog :)…I will #FollowforFollow 🙂