A security architecture to protect against the insider threat from damage, fraud and theft
C. Blackwell. Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, page 45:1--45:4. New York, NY, USA, ACM, (2009)
DOI: 10.1145/1558607.1558659
Abstract
The insider threat poses a significant and increasing problem for organizations. This is shown by the regular stories of fraud and data loss reported daily in the media in the US and elsewhere. There is a need to provide systematic protection from insider attacks because of their privileged access. We have developed a three-layer security architecture containing the physical, logical and social levels that we use to analyze the insider threat holistically to prevent, detect and recover from attacks. We examine destructive insider attacks, but the same analysis can be straightforwardly applied to the other main classes of insider threat from financial fraud and information theft. Our practical security model appears to have widespread application to other problem domains such as critical infrastructure and financial systems, as it allows the analysis of systems in their entirety including human and physical factors, not just as technical systems.
Description
A security architecture to protect against the insider threat from damage, fraud and theft
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
%0 Conference Paper
%1 Blackwell:2009:SAP:1558607.1558659
%A Blackwell, Clive
%B Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
%C New York, NY, USA
%D 2009
%I ACM
%K electronic employee personalization privacy survey
%P 45:1--45:4
%R 10.1145/1558607.1558659
%T A security architecture to protect against the insider threat from damage, fraud and theft
%U http://doi.acm.org/10.1145/1558607.1558659
%X The insider threat poses a significant and increasing problem for organizations. This is shown by the regular stories of fraud and data loss reported daily in the media in the US and elsewhere. There is a need to provide systematic protection from insider attacks because of their privileged access. We have developed a three-layer security architecture containing the physical, logical and social levels that we use to analyze the insider threat holistically to prevent, detect and recover from attacks. We examine destructive insider attacks, but the same analysis can be straightforwardly applied to the other main classes of insider threat from financial fraud and information theft. Our practical security model appears to have widespread application to other problem domains such as critical infrastructure and financial systems, as it allows the analysis of systems in their entirety including human and physical factors, not just as technical systems.
%@ 978-1-60558-518-5
@inproceedings{Blackwell:2009:SAP:1558607.1558659,
abstract = {The insider threat poses a significant and increasing problem for organizations. This is shown by the regular stories of fraud and data loss reported daily in the media in the US and elsewhere. There is a need to provide systematic protection from insider attacks because of their privileged access. We have developed a three-layer security architecture containing the physical, logical and social levels that we use to analyze the insider threat holistically to prevent, detect and recover from attacks. We examine destructive insider attacks, but the same analysis can be straightforwardly applied to the other main classes of insider threat from financial fraud and information theft. Our practical security model appears to have widespread application to other problem domains such as critical infrastructure and financial systems, as it allows the analysis of systems in their entirety including human and physical factors, not just as technical systems.},
acmid = {1558659},
added-at = {2011-11-12T18:15:45.000+0100},
address = {New York, NY, USA},
articleno = {45},
author = {Blackwell, Clive},
biburl = {https://www.bibsonomy.org/bibtex/24e82578072213476b5018c235c7c5bd9/gizmoguy},
booktitle = {Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies},
description = {A security architecture to protect against the insider threat from damage, fraud and theft},
doi = {10.1145/1558607.1558659},
interhash = {f05734c1bdf0caf06f77dd73ecb6ff60},
intrahash = {4e82578072213476b5018c235c7c5bd9},
isbn = {978-1-60558-518-5},
keywords = {electronic employee personalization privacy survey},
location = {Oak Ridge, Tennessee},
numpages = {4},
pages = {45:1--45:4},
publisher = {ACM},
series = {CSIIRW '09},
timestamp = {2011-11-12T18:15:45.000+0100},
title = {A security architecture to protect against the insider threat from damage, fraud and theft},
url = {http://doi.acm.org/10.1145/1558607.1558659},
year = 2009
}