Which security model is based on the concept of least privilege?

The Role-Based Access Control (RBAC) model aligns closely with the principle of least privilege. This security model allows users to access only the information and resources that are necessary for their job functions. In RBAC, permissions are assigned to roles rather than individuals, which simplifies management and ensures that users only gain the access required to perform their designated tasks. This approach helps limit exposure to sensitive information and minimizes the risk of unauthorized access or misuse of resources, effectively embodying the concept of least privilege.

The other models do not prioritize least privilege in the same way. Mandatory Access Control (MAC) is based on system-enforced policies, where access is granted based on the classification levels of information, rather than individual roles. Discretionary Access Control (DAC) allows users to control access to their resources, which can lead to broader access than necessary. Attribute-Based Access Control (ABAC) focuses on policies that combine various attributes, which can make it complex and may not inherently adhere to the least privilege principle without careful configuration.