Case Studies of an Insider Framework
M. Bishop, S. Engle, S. Peisert, S. Whalen, and C. Gates, “Case Studies of an Insider Framework,” Proceedings of the 42nd Hawaii International Conference on System Sciences (Jan. 2009).
- Published version web page, paper paywalled at IEEE Explore: [DOI] [URL]
- Authors’ final version:
Much of the literature on insider threat assumes, explicitly or implicitly, a binary, perimeter-based notion of an insider. However, it is generally accepted that this notion is unrealistic. The attribute-based group access control (ABGAC) framework is a generalization of role-based access control (RBAC) which allows us to define a non-binary notion of “insiderness”. In this paper, we illustrate how to use ABGAC to perform insider threat analysis of high-risk resources with three case studies. This precise yet flexible identification of high-risk resources and associated insiders allows organizations to understand where to target efforts towards defending against the insider problem.