Countering Insider Threats
نویسندگان
چکیده
This article summarizes the objectives and structure of a seminar with the same title, held from July 20th to July 25th, 2008, at Schloss Dagstuhl, Germany. The seminar brought together researchers and policy-makers from all involved communities, to clarify what it is that identifies an insider threat, and to develop a common vision of how an insider can be categorized as well as an integrated approach that allows a qualitative reasoning about the threat and the possibilities of attacks. This report gives an overview of the discussions and presentations during the week, as well as the outcome of these discussions.
منابع مشابه
Detecting and Countering Insider Threats: Can Policy-Based Access Control Help?
As insider threats pose very significant security risks to IT systems, we ask what policy-based approaches to access control can do for the detection, mitigation or countering of insider threats and insider attacks. Answering this question is difficult since little public data about insider-threat cases is available, since there is not much consensus about what the insider problem actually is, ...
متن کاملFraud Detection from a Business Perspective: Future Directions and Challenges
This contribution summarizes the state of the art of fraud detection in practice and shows the relations between the technology for fraud detection and intrusion detection. We identify prospective directions for further investigation and imminent challenges.
متن کاملComposite Role-Based Monitoring (CRBM) for Countering Insider Threats
Through their misuse of authorized privileges, insiders have caused great damage and loss to corporate internal information assets, especially within the Intelligence Community (IC). Intelligence management has faced increasing complexities of delegation and granular protection as more corporate entities have worked together in a dynamic collaborative environment. We have been confronted by the...
متن کاملBehavorial Parameters of Trustworthiness for Countering Insider Threats
This proposal is intended to examine human trustworthiness as a key component for countering insider threats in the arena of corporate personnel security. Employees with access and authority have the most potential to cause damage to that information, to organizational reputation, or to the operational stability of the organization. I am interested in studying the basic mechanisms of how to det...
متن کاملA Scalable Architecture for Countering Network-Centric Insider Threats
Dealing with the insider threat in networked environments poses many challenges. Privileged users have great power over the systems they own in organizations. To mitigate the potential threat posed by insiders, we introduced in previous work a preliminary architecture for the Autonomic Violation Prevention System (AVPS), which is designed to self-protect applications from disgruntled privileged...
متن کامل