Managing the Access Grid - A Process View to Minimize Insider Misuse Risks
نویسندگان
چکیده
It is generally agreed upon the fact that the quality of Identityand Access Management (IAM) data such as user accounts, access privileges or consistent user representation among different security domains is low. Growing user populations in mediumand large-sized organizations lead to a so called “identity chaos” in which over-privileged employees increase the risk of insider misuse. Recent governance and compliance mandates have amplified the importance of minimizing these risks. In order to fulfill these requirements, organizations focus on implementing role-based user management. To set up a role-based access control system, they face the challenge of modeling suitable roles for their employees. In this paper we show how the role modeling process can be improved by utilizing the so called access grid, a visualization technique to incorporate human interaction into the process of role creation.
منابع مشابه
Risk management in medical product development process using traditional FMEA and fuzzy linguistic approach: a case study
Medical product development (MPD) process is highly multidisciplinary in nature, which increases the complexity and the associated risks. Managing the risks during MPD process is very crucial. The objective of this research is to explore risks during MPD in a dental product manufacturing company and propose a model for risk mitigation during MPD process to minimize failure events. A case study ...
متن کاملCombatting Insider Misuse, with Relevance to Integrity and Accountability in Elections and Other Applications
Various risks of insider misuse arise at different layers of abstraction. This observation leads to a perspective on insiders that is both hierarchical and context-dependent. This position paper examines systemic approaches that might be most useful in overcoming the risks. It applies these approaches to the problems of developing and operating computer-related systems that would be suitable fo...
متن کاملLUARM – An audit engine for insider misuse detection
'Logging User Actions in Relational Mode' (LUARM) is an open source audit engine for Linux. It provides a near real-time snapshot of a number of user action data such as file access, program execution and network endpoint user activities, all organized in easily searchable relational tables. LUARM attempts to solve two fundamental problems of the insider IT misuse domain. The first concerns the...
متن کاملInsider Behavior: An Analysis of Decision under Risk
There is considerable research being conducted on insider threats is directed to developing new technologies. At the same time, existing technology is not being fully utilized because of non-technological issues that pertain to economics and the human dimension. Issues related to how insiders actually behave are critical to ensuring that the best technologies are meeting their intended purpose....
متن کاملYet Another Intrusion Detection System against Insider Attacks
Intrusion Detection System (IDS) originated as a mechanism for managing the detection of system misuse through the analysis of activity [5]. Despite that the various attacks are occurred by insiders and outsiders, most studied focused on IDS against outsider attacks. However, the loss from insider attacks is more severe than outsider attacks as shown in [10]. In this paper, we improve the Wang ...
متن کامل