Mitigating the Risk of Insider Threats When Sharing Credentials

Muntaha Alawneh

Research output: ThesisDoctoral Thesis

385 Downloads (Pure)

Abstract

This thesis extends DRM schemes which address the problem of unauthorized proprietary content sharing in home networks to address the problem of unauthorized confidential content sharing in organizations. In particular it focuses on how to achieve secure content sharing between employees in a group while limiting content leakage to unauthorized individuals outside the group. The thesis discusses the main organization types, process work ow and requirements. Our main interest is in organizations which consider content sharing between groups of employees as a fundamental requirement. Achieving secure content sharing requires a deep analysis and understanding of security threats affecting such a fundamental requirement.

We study and analyze one of the major threats which affect secure content sharing, which is the threat of content leakage. In this thesis we focus on content leakage which happens when authorized employees share their credentials with others not authorized to access content, thus enabling unauthorized users to access confidential content. Leaking content in this way is what we refer to as content leakage throughout this thesis. We found that to limit the content leakage threat effectively we have to split it into two main categories: internal leakage and external leakage. In the thesis we define each category, discuss the intersection between the categories, and
consider how they can be realized.

Next, we analyze and assess existing content protection schemes, which focus on content sharing and protection from authorized employees misusing their privileges. These mainly include Enterprise Rights Management (ERM) and Digital Rights Management (DRM) schemes. Based on the analysis we identify the weaknesses found in these schemes for mitigating the content leakage threat. Following that we develop a framework, which we use to mitigate the content leakage threat. This framework is based on the authorized domain concept which was first proposed to address DRM threats. We extend the authorized domain concept so that it consists of a group of devices owned by an organization, whose employees need to share a pool of content amongst each other, e.g. a group of individuals working on a project. In other words, we group devices and content together in a controlled and secure environment. In this thesis, we propose two types of domains: the global domain and the dynamic domain that we use to address the identified
content leakage threats. The proposed schemes allow secure content sharing between devices in a dynamic and global domain, and limit the leakage of content to devices outside the domain.

Next, we extend our study to cover secure information sharing not only within a single organization but also to cover this important requirement within collaborating organizations. We then describe and analyze how the content leakage threat can be realized between collaborating organizations. We propose a scheme to control content sharing and, simultaneously, to limit the effect of content leakage when an organization needs to collaborate with other organizations.
Original languageEnglish
QualificationPh.D.
Awarding Institution
  • Royal Holloway, University of London
Supervisors/Advisors
  • Tomlinson, Allan, Supervisor
Award date1 Jul 2012
Publication statusUnpublished - 2012

Cite this