On SQL Server Central there is a very good article at http://www.sqlservercentral.com/blogs/steve_jones/archive/2011/9/5/the-principle-of-least-privilege-_1320_-skill-_2300_3.aspx on least priviledge access to a database.
The only thing I can add to such an excellent article is that where there is a series of applications each with its own database on a common database server, there should never be a common account across all the databases that the applications use.