Insider Threat Likelihood Assessment for Access Control Systems: Quantitative Approach
نویسندگان
چکیده
Organizations need to use flexible access control mechanisms where the access decisions to critical information assets are taken dynamically. In this paper, we present a framework for insider threat likelihood assessment within the context of access control systems. Our approach takes into account information flows, the trustworthiness of subjects, the sensitivity of objects and the security countermeasures. We identify and formally describe a set of properties to be satisfied within this approach. These properties are, then used for quantitatively assessing the insider threat likelihood.
منابع مشابه
A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems
Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such as medical information from insider threat and enable dynamic access control depending on the cont...
متن کاملGuest Editorial: Insider Threat Solutions - Moving from Concept to Reality
As society has embraced technology and systems to promote services, trade and ubiquitous communication, it has also inadvertently exposed itself to a plethora of security risks. One of the most significant of these risks is that of insider threat, where privileged insiders (be they employees or trusted thirdparties) within an enterprise, intentionally or inadvertently cause harm their organisat...
متن کاملDetecting and Countering Insider Threats: Can Policy-Based Access Control Help?
As insider threats pose very significant security risks to IT systems, we ask what policy-based approaches to access control can do for the detection, mitigation or countering of insider threats and insider attacks. Answering this question is difficult since little public data about insider-threat cases is available, since there is not much consensus about what the insider problem actually is, ...
متن کاملAn Authorization Framework for Database Systems
Today, data plays an essential role in all levels of human life, from personal cell phones to medical, educational, military and government agencies. In such circumstances, the rate of cyber-attacks is also increasing. According to official reports, data breaches exposed 4.1 billion records in the first half of 2019. An information system consists of several components, which one of the most im...
متن کاملToward an Insider Threat Detection Framework Using Honey Permissions
The insider threat remains one of the most serious challenges to computer security. An insider attack occurs when an authorized user misuses his privileges and causes damages to the organization. Deception techniques have served as a common solution to insider threat detection, and several techniques, such as approaches based on honey entities, have been proposed. On the other hand, access cont...
متن کامل