Role-Based Access Control Models
Computer
ACM Transactions on Information and System Security (TISSEC)
The structure of the “THE”-multiprogramming system
Communications of the ACM
Traducement: A model for record security
ACM Transactions on Information and System Security (TISSEC)
Towards a Theory of Insider Threat Assessment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Toward a threat model for storage systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
Position: "insider" is relative
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Applying role based access control and genetic algorithms to insider threat detection
Proceedings of the 44th annual Southeast regional conference
Modeling network intrusion detection alerts for correlation
ACM Transactions on Information and System Security (TISSEC)
Analysis of Computer Intrusions Using Sequences of Function Calls
IEEE Transactions on Dependable and Secure Computing
The epistemology of computer security
ACM SIGSOFT Software Engineering Notes
A reinforcement model for collaborative security and Its formal analysis
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
E-voting and forensics: prying open the black box
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
GitBAC: Flexible access control for non-modular concerns
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Ensuring continuous compliance through reconciling policy with usage
Proceedings of the 18th ACM symposium on Access control models and technologies
A methodology and supporting techniques for the quantitative assessment of insider threats
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
Proceedings of the 2013 workshop on New security paradigms workshop
Hi-index | 0.00 |
The insider threat has long been considered one of the most serious threats in computer security, and one of the most difficult to combat. But the problem has never been defined precisely, and that lack of precise definition inhibits solutions. This paper presents a precise definition of insider threat, and shows how the definition enables an analysis of the set of problems traditionally lumped into \the insider threat". It introduces a hierarchy of policy abstractions, and argues that the discrepancies between the different layers of abstraction expose the potential for insider threat. It also presents a methodology for analyzing the threat based upon our definitions. In the process, we introduce Attribute-Based Group Access Control, a generalization of the Role-Based Access Control model that allows any attributes to define a group. We apply this to the insider threat by defining groups based on access capabilities, and using that to identify users with a high level of threat with respect to high-risk resources.