Access Control Requirements for Preventing Insider Threats

Today the Intelligence Community (IC) has faced increasing challenges of insider threats. It is generally accepted that the cost of insider threats exceeds that of outsider threats. Although the currently available access control approaches have a great potential for preventing insider threats, there are still critical obstacles to be solved, especially in large-scale computing environments. In this paper we discuss those requirements with respect to scalability, granularity, and context-awareness. For each requirement we discussed related problems, techniques, and basic approaches to the corresponding countermeasures. Detailed solutions and implementations are not described in this paper.

[1]  Tim Berners-Lee,et al.  Agent Technology on the Internet. 3. Integrating Applications on the Semantic Web. , 2002 .

[2]  Ravi S. Sandhu,et al.  The Extended Schematic Protection Model , 1992, J. Comput. Secur..

[3]  Ravi S. Sandhu,et al.  Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management , 1997, DBSec.

[4]  Gail-Joon Ahn,et al.  Role-based access control on the web , 2001, TSEC.

[5]  Elisa Bertino,et al.  Trust-X: A Peer-to-Peer Framework for Trust Establishment , 2004, IEEE Trans. Knowl. Data Eng..

[6]  Naftaly H. Minsky Selective and locally controlled transport of privileges , 1984, TOPL.

[7]  Ninghui Li,et al.  Beyond proof-of-compliance: safety and availability analysis in trust management , 2003, 2003 Symposium on Security and Privacy, 2003..

[8]  Ora Lassila,et al.  WEB METADATA : A Matter of Semantics , 1998 .

[9]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[10]  Ravi S. Sandhu The typed access matrix model , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[12]  Michael Hayden The Insider Threat to U.S. Government Information Systems , 1999 .

[13]  G Stix,et al.  The mice that warred. , 2001, Scientific American.

[14]  Robert H. Anderson,et al.  Understanding the Insider Threat , 2004 .

[15]  Robert H. Anderson Research and Development Initiatives Focused on Preventing, Detecting, and Responding to Insider Misuse of Critical Defense Information Systems. , 1999 .

[16]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[17]  James A. Hendler,et al.  The Semantic Web" in Scientific American , 2001 .

[18]  Joon S. Park,et al.  Composite Role-Based Monitoring (CRBM) for Countering Insider Threats , 2004, ISI.

[19]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[20]  Joon S. Park,et al.  Role-based profile analysis for scalable and accurate insider-anomaly detection , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[21]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[22]  Ravi S. Sandhu,et al.  RBAC on the Web by smart certificates , 1999, RBAC '99.

[23]  Joon S. Park Towards Secure Collaboration on the Semantic Web , 2003, CSOC.

[24]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[25]  M. Gallaher,et al.  The Economic Impact of Role-Based Access Control , 2002 .

[26]  Sushil Jajodia,et al.  A logical language for expressing authorizations , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[27]  Elisa Bertino,et al.  A flexible authorization mechanism for relational data management systems , 1999, TOIS.

[28]  Ravi S. Sandhu,et al.  RBAC on the Web by Secure Cookies , 1999, DBSec.

[29]  Joon S. Park,et al.  A composite rbac approach for large, complex organizations , 2004, SACMAT '04.