Detecting and Countering Insider Threats: Can Policy-Based Access Control Help?

J. Crampton, Michael Huth

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

As insider threats pose very significant security risks to IT systems, we ask what policy-based approaches to access control can do for the detection, mitigation or countering of insider threats and insider attacks. Answering this question is difficult since little public data about insider-threat cases is available, since there is not much consensus about what the insider problem actually is, and since research in access control has by-and-large not dealt with this issue in the past. We explore existing notions of insiderness in order to identify the relevant research issues. We then formulate a set of requirements for next-generation access-control systems whose realization might form part of an overall strategy at addressing the insider problem.
Original languageEnglish
Title of host publicationProceedings of 5th International Workshop on Security and Trust Management
Publication statusPublished - 2009

Cite this