A security design principle that states that a person, process, or program be granted only those privileges necessary to accomplish a legitimate function, and only for the time that such privileges are actually required. The proper application of this principle limits the damage that can result from accident, error, or unauthorized use of available privileges by a process.