Role-Based Access Control Models
Computer
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A lightweight approach to specification and analysis of role-based access control extensions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Distributed credential chain discovery in trust management
Journal of Computer Security
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Articulating and enforcing authorisation policies with UML and OCL
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Why are there so many loop formulas?
ACM Transactions on Computational Logic (TOCL)
On mutually exclusive roles and separation-of-duty
ACM Transactions on Information and System Security (TISSEC)
Enabling verification and conformance testing for access control model
Proceedings of the 13th ACM symposium on Access control models and technologies
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
What is answer set programming?
AAAI'08 Proceedings of the 23rd national conference on Artificial intelligence - Volume 3
Stable models and circumscription
Artificial Intelligence
Towards Secure Virtual Directories: A Risk Analysis Framework
COMPSAC '10 Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference
| Hi-index | 0.00 |
One of the critical yet lingering issues in computer security is insider threat, and it often takes advantage of some security services based on directory services such as authentication and access control. Detecting these threats is quite challenging because malicious users with the technical ability to leverage these services often have sufficient knowledge and expertise to conceal unauthorized activity. In this article, we present an approach using directory virtualization to monitor various systems across an enterprise for the purpose of detecting malicious insider activity. Specifically, a policy engine that leverages directory virtualization services is proposed to enhance monitoring and detecting capabilities by allowing greater flexibility in analyzing changes for malicious intent. The resulting architecture is a system-based approach, where the relationships and dependencies between data sources and directory services are used to detect an insider threat, rather than simply relying on point solutions. This paper presents such an architecture in detail, including a description of implementation results. Copyright © 2011 John Wiley & Sons, Ltd. (The preliminary version of this paper was published at the proceedings of the ACM Workshop on Insider Threat, Chicago, IL, 8 October 2010.)