• DocumentCode
    2413320
  • Title

    Case Studies of an Insider Framework

  • Author

    Bishop, Martin ; Engle, Sophie ; Peisert, Sean ; Whalen, Sean ; Gates, Christopher

  • Author_Institution
    Univ. of California, Davis, CA
  • fYear
    2009
  • fDate
    5-8 Jan. 2009
  • Firstpage
    1
  • Lastpage
    10
  • Abstract
    Much of the literature on insider threat assumes, explicitly or implicitly, a binary, perimeter-based notion of an insider. However, it is generally accepted that this notion is unrealistic. The attribute-based group access control (ABGAC) framework is a generalization of role-based access control (RBAC) which allows us to define a non-binary notion of "insiderness". In this paper, we illustrate how to use ABGAC to perform insider threat analysis of high-risk resources with three case studies. This precise yet flexible identification of high-risk resources and associated insiders allows organizations to understand where to target efforts towards defending against the insider problem.
  • Keywords
    authorisation; RBAC; attribute-based group access control; insider threat analysis; role-based access control; Access control; Buffer overflow; Computer security; High performance computing; Information resources; Intrusion detection; Invasive software; Performance analysis; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    System Sciences, 2009. HICSS '09. 42nd Hawaii International Conference on
  • Conference_Location
    Big Island, HI
  • ISSN
    1530-1605
  • Print_ISBN
    978-0-7695-3450-3
  • Type

    conf

  • DOI
    10.1109/HICSS.2009.104
  • Filename
    4755421