Security policies to mitigate insider threat in the document control domain

With rapid advances in online technologies, organizations are migrating from paper based resources to digital documents to achieve high responsiveness and ease of management. These digital documents are the most important asset of an organization and are hence the chief target of insider abuse. Security policies provide the first step to prevent abuse by defining proper and improper usage of resources. Coarse grained security policies that operate on the "principle of least privilege" [J. H. Saltzer et al., (1974)] alone are not enough to address the insider threat, since the typical insider possesses a wide range of privileges to start with. In this paper, we propose a security policy that is tailored to prevent insider abuse. We define the concept of subject, object, actions, rights, context and information flow as applicable to the document control domain. Access is allowed based on the principles of "least privilege and minimum requirements", subject to certain constraints. Unlike existing techniques, the proposed policy engine considers, among other factors, the context of a document request and the information flow between such requests to identify potential malicious insiders. Enforcing these fine-grained access control policies gives us a better platform to prevent the insider abuse. Finally, for demonstration purposes, we present a framework that can be used to specify and enforce these policies on Microsoft Word documents, one of the popular document formats.