• DocumentCode
    622757
  • Title

    Invalidating Policies using Structural Information

  • Author

    Kammuller, Florian ; Probst, Christian W.

  • Author_Institution
    Middlesex Univ. London, London, UK
  • fYear
    2013
  • fDate
    23-24 May 2013
  • Firstpage
    76
  • Lastpage
    81
  • Abstract
    Insider threats are a major threat to many organisations. Even worse, insider attacks are usually hard to detect, especially if an attack is based on actions that the attacker has the right to perform. In this paper we present a step towards detecting the risk for this kind of attacks by invalidating policies using structural information of the organisational model. Based on this structural information and a description of the organisation´s policies, our approach invalidates the policies and identifies exemplary sequences of actions that lead to a violation of the policy in question. Based on these examples, the organisation can identify real attack vectors that might result in an insider attack. This information can be used to refine access control system or policies.
  • Keywords
    authorisation; access control system; action exemplary sequence; attack vectors; insider attacks; insider threats; organisation policy; organisational model; policy invalidation; risk detection; structural information; Access control; Analytical models; Computational modeling; Model checking; Servers; World Wide Web; Insider threats; formal methods; policies;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy Workshops (SPW), 2013 IEEE
  • Conference_Location
    San Francisco, CA
  • Print_ISBN
    978-1-4799-0458-7
  • Type

    conf

  • DOI
    10.1109/SPW.2013.36
  • Filename
    6565233