Incentive-based modeling and inference of attacker intent, objectives, and strategies
Proceedings of the 10th ACM conference on Computer and communications security
A Bayesian game approach for intrusion detection in wireless ad hoc networks
GameNets '06 Proceeding from the 2006 workshop on Game theory for communications and networks
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Mitigating Inadvertent Insider Threats with Incentives
Financial Cryptography and Data Security
Insiders behaving badly: addressing bad actors and their actions
IEEE Transactions on Information Forensics and Security
Hi-index | 0.00 |
Authorised users (insiders) are behind the majority of security incidents with high financial impacts. Because authorisation is the process of controlling users' access to resources, improving authorisation techniques may mitigate the insider threat. Current approaches to authorisation suffer from the assumption that users will (can) not depart from the expected behaviour implicit in the authorisation policy. In reality however, users can and do depart from the canonical behaviour. This paper argues that the conflict of interest between insiders and authorisation mechanisms is analogous to the subset of problems formally studied in the field of game theory. It proposes a game theoretic authorisation model that can ensure users' potential misuse of a resource is explicitly considered while making an authorisation decision. The resulting authorisation model is dynamic in the sense that its access decisions vary according to the changes in explicit factors that influence the cost of misuse for both the authorisation mechanism and the insider.