Case Studies of an Insider Framework

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Matt Bishop Articles by Sophie Engle Articles by Sean Peisert Articles by Sean Whalen Articles by Carrie Gates

42nd Hawaii International Conference on System Sciences

Case Studies of an Insider Framework (PDF)

Waikoloa, Big Island, Hawaii

January 05-January 08

ISBN: 978-0-7695-3450-3

	ASCII Text	x
	Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, Carrie Gates, "Case Studies of an Insider Framework," Hawaii International Conference on System Sciences, pp. 1-10, 42nd Hawaii International Conference on System Sciences, 2009.

	BibTex	x
	@article{ 10.1109/HICSS.2009.617, author = {Matt Bishop and Sophie Engle and Sean Peisert and Sean Whalen and Carrie Gates}, title = {Case Studies of an Insider Framework}, journal ={Hawaii International Conference on System Sciences}, volume = {0}, year = {2009}, isbn = {978-0-7695-3450-3}, pages = {1-10}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2009.617}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Hawaii International Conference on System Sciences TI - Case Studies of an Insider Framework SN - 978-0-7695-3450-3 SP1 EP10 A1 - Matt Bishop, A1 - Sophie Engle, A1 - Sean Peisert, A1 - Sean Whalen, A1 - Carrie Gates, PY - 2009 VL - 0 JA - Hawaii International Conference on System Sciences ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2009.617

Much of the literature on insider threat assumes, explicitly or implicitly, a binary, perimeter-based notion of an insider. However, it is generally accepted that this notion is unrealistic. The Attribute-Based Group Access Control (ABGAC) framework is a generalization of Role-Based Access Control (RBAC) which allows us to define a non-binary notion of "insiderness". In this paper, we illustrate how to use ABGAC to perform insider threat analysis of high-risk resources with three case studies. This precise yet flexible identification of high-risk resources and associated insiders allows organizations to understand where to target efforts towards defending against the insider problem.

Citation:

Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, Carrie Gates, "Case Studies of an Insider Framework," hicss, pp.1-10, 42nd Hawaii International Conference on System Sciences, 2009

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.