When designing an access control scheme, Evaggelia set up roles so that the same person does not have the ability to provision a new user account and assign superuser privileges to an account. What information security principle is Evaggelia following?

Evaggelia's design follows the principle of segregation of duties. Giving one user the ability to both create new accounts and grant administrative privileges combines two actions that would result in a significant security change that should be divided among two users.