Most computer systems are designed for use with multiple users. Privileges mean what a user is permitted to do. Common privileges including viewing and editing files, or modifying system files.
Privilege escalation means a user receives privileges they are not entitled to. These privileges can be used to delete files, view private information, or install unwanted programs, such as viruses. It usually occurs when a system has a bug that allows security to be bypassed, or alternatively, has flawed design assumptions about how it will be used. Privilege escalation occurs in three forms:
Vertical privilege escalation, also known as privilege elevation, where a lower privilege user or application accesses functions or content reserved for higher privilege users or applications (e.g. Internet Banking users can access site administrative functions, or the password for smartphone can be bypassed.)
Horizontal privilege escalation, where a normal user accesses functions or content reserved for other normal users (e.g. Internet Banking User A accesses the Internet bank account of User B)
Privilege descalation, where a high privileged, but segregated user (e.g. user/security administrator, commonly seen in a SOx environment) is able to downgrade their access level to access normal user functions
View Other Software Tools Skill Sets:
- Alfresco
- ATG
- Comergent
- Day Communique
- Demandware
- Djengo
- Drupal
- Escalate
- EZ Systems
- IBM Websphere
- Interwoven
- JDEdwards
- Joomla
- Liferay
- Magento
- Mambo
- MS Commerce Server
- Open Text
- Oracle
- osCommerce
- PeopleSoft
- Red Dot
- SAP
- Satchmo
- Sharepoint
- Siebel
- Stellent
- Sterling Commerce
- Vignette
