Privilege revocation (computing)

This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (December 2008) (Learn how and when to remove this message)

Privilege revocation is the act of an entity giving up some, or all of, the privileges they possess, or some authority taking those (privileged) rights away.

Privileges maybe revoked either to enforce authoritative mandate, or to aid in the reliability of computing services provided. The reasoning behind this being: chances of restarting such tasks maybe better as unaffected jobs may not be effected (or at least probably not as much as in the alternative case: i.e. a privileged process gone haywire instead).

In computing security privilege revocation is a measure taken by a program to protect the system against misuse of itself. Honoring the principle of least privilege at a granularity provided by the base system such as sandboxing of (to that point successful) attacks to an unprivileged user account; helps to reduce risk of escalation of privileges.

Privilege revocation can be seen as a variant of privilege separation whereby the program terminates the privileged part immediately after it has served its purpose. Revocation of privileges is a technique of defensive programming.

In law the general term is often used when discussing some paper, such as a drivers licence^[1], being voided after a (negative) condition is met by the holder.

• Protection Profile for Privilege-Directed Content Authoriszor Ltd, Ref: Auth_CC/PP/DES/01, Issue 1.3, 22 December 2000
• LOMAC: Low Water-Mark Integrity Protection for COTS Environments by Timothy Fraser