SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
The multics system: an examination of its structure
The multics system: an examination of its structure
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
We have met the enemy and he is us
Proceedings of the 2008 workshop on New security paradigms
Proceedings of the 37th annual ACM SIGUCCS fall conference: communication and collaboration
Insiders behaving badly: addressing bad actors and their actions
IEEE Transactions on Information Forensics and Security
Ontological semantic technology for detecting insider threat and social engineering
Proceedings of the 2010 workshop on New security paradigms
A methodology and supporting techniques for the quantitative assessment of insider threats
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
Engineering Security Agreements Against External Insider Threat
Information Resources Management Journal
Hi-index | 0.00 |
A security policy defines "security" for a given site or set of sites. Most security policies provide for trusted users to whom the policy either does not apply or to whom some parts of the policy do not apply. For example, in a traditional Bell-LaPadula model with strong tranquility, labels of entities do not change. In practise, this is too restrictive, so a trusted user (the site security officer) is allowed to set and change labels. Indeed, in their demonstration that Multics satisfies the model [1], Bell and LaPadula explicitly defined trusted users as subjects against whom the *-property is not enforced. The users are trusted not to violate that property.