Title :
Defining and Analyzing Insiders and Their Threats in Organizations
Author :
Alawneh, Muntaha ; Abbadi, Imad M.
Author_Institution :
Inf. Security Group, R. Holloway, Univ. of London, Egham, UK
Abstract :
This paper is concerned about insiders and analyzing their threats in organizations. We start by deriving a novel definition of insiders, and identifying the criteria distinguishing insiders from potential insiders. The paper then discusses the main organization types, process workflow, and then derives their requirements. We analyze one of the major threats which affect secure information sharing, which is the content leakage threat that is caused by insiders. Subsequently, we analyze the state of the art schemes, which attempt to mitigate the risk of insider threats on content confidentiality. Such an analysis helps us to identify the weaknesses of the discussed schemes in addressing the identified organizational requirements and develop our research agenda in this direction.
Keywords :
organisational aspects; security of data; information sharing security; insiders analysis; organization threats; organizational requirements; potential insiders; process workflow; Access control; Availability; Organizations; Permission; Standards organizations; content leakage; insider criteria; insider definition;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on
Conference_Location :
Changsha
Print_ISBN :
978-1-4577-2135-9
DOI :
10.1109/TrustCom.2011.103
