Sign in
Author
|
Conference
|
Journal
|
Organization
|
Year
|
DOI
Look for results that meet for the following criteria:
since
equal to
before
between
and
Search in all fields of study
Limit my searches in the following fields of study
Agriculture Science
Arts & Humanities
Biology
Chemistry
Computer Science
Economics & Business
Engineering
Environmental Sciences
Geosciences
Material Science
Mathematics
Medicine
Physics
Social Science
Multidisciplinary
Keywords
(5)
Collaborative Environment
Operating System
Role Based Access Control
Separation of Duty
Intelligence Community
Subscribe
Academic
Publications
Composite Role-Based Monitoring (CRBM) for Countering Insider Threats
Composite Role-Based Monitoring (CRBM) for Countering Insider Threats,10.1007/978-3-540-25952-7_15,Joon S. Park,Shuyuan Mary Ho
Edit
Composite Role-Based Monitoring (CRBM) for Countering Insider Threats
(
Citations: 13
)
BibTex
|
RIS
|
RefWorks
Download
Joon S. Park
,
Shuyuan Mary Ho
Through their misuse of authorized privileges, insiders have caused great damage and loss to corporate internal information assets, especially within the
Intelligence Community
(IC). Intelligence management has faced increasing complexities of delegation and granular protection as more corporate entities have worked together in a dynamic collaborative environment. We have been confronted by the issue of how to share and simultaneously guard information assets from one another. Although many existing security approaches help to counter insiders' unlawful behavior, it is still found at a preliminary level. Effi- ciently limiting internal resources to privileged insiders remains a challenge to- day. In this paper we introduce the CRBM (Composite Role-Based Monitoring) approach by extending the current role-based
access control
(RBAC) model to overcome its limitations in countering insider threats. CRBM not only inherits the RBAC's advantages, such as scalable administration, least privilege, and separation of duties, but also provides scalable and reusable mechanisms to monitor insiders' behavior in organizations, applications, and operating systems based on insiders' current tasks.
Conference:
Intelligence and Security Informatics
, pp. 201-213, 2004
DOI:
10.1007/978-3-540-25952-7_15
Cumulative
Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
(
www.springerlink.com
)
(
craigchamberlain.com
)
(
www.informatik.uni-trier.de
)
Citation Context
(12)
...Pramanik et al. [37] propose a security policy to prevent insider abuse while referencing the malicious insider only “as an authorized user in a corporate network (usually an employee), who has a conflict of interest with the organization.” 6 See also [
36
]...
Shari Lawrence Pfleeger
,
et al.
Insiders behaving badly: addressing bad actors and their actions
...Park and Ho [
33
] propose a role-based monitoring approach...
Virginia N. L. Franqueira
,
et al.
External Insider Threat: A Real Security Challenge in Enterprise Value...
...There were attempts to correlate social network analysis with user activity keeping in view insiders role & permissions [
10
]...
Dattatraya S. Bhilare
,
et al.
Protecting intellectual property and sensitive information in academic...
...Other researchers proposed role-based profile analysis to detect insider anomaly [
5
, 6], they detected insiders based on not only the insider’s role, but also the individual profile to reduce false positives compared to common anomaly-based insider detection technologies...
Liu Shuo
,
et al.
Towards an Adaptive MultiLevel RBAC Mechanism for Countering Insider M...
...Current access control techniques such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), and ORCON have security flows and usability limitations when talking about information sharing but protection inside an organisation, as has been widely discussed in many literatures (see, for example, [23], [
20
])...
...Park et al. [
20
] provides scalable and reusable mechanisms to monitor insiders’ behaviour in organisations, applications, and operating systems based on insiders’ current tasks...
Imad M. Abbadi
,
et al.
Preventing Insider Information Leakage for Enterprises
References
(14)
Proposed NIST Standard for Role-Based Access Control
(
Citations: 1031
)
David F. Ferraiolo
,
Ravi S. Sandhu
,
Serban I. Gavrila
,
D. Richard Kuhn
,
Ramaswamy Chandramouli
Journal:
ACM Transactions on Information and System Security - TISSEC
, vol. 4, no. 3, pp. 224-274, 2001
Risks of Insiders
(
Citations: 8
)
Peter G. Neumann
Journal:
Communications of The ACM - CACM
, vol. 42, no. 12, 1999
A composite rbac approach for large, complex organizations
(
Citations: 21
)
Joon S. Park
,
Keith P. Costello
,
Teresa M. Neven
,
Josh A. Diosomito
Conference:
Symposium on Access Control Models and Technologies - SACMAT
, pp. 163-172, 2004
Secure Cookies on the Web
(
Citations: 52
)
Joon S. Park
,
Ravi S. Sandhu
Journal:
IEEE Internet Computing - INTERNET
, vol. 4, no. 4, pp. 36-44, 2000
Role-based access control on the web
(
Citations: 134
)
Joon S. Park
,
Ravi S. Sandhu
,
Gail-joon Ahn
Journal:
ACM Transactions on Information and System Security - TISSEC
, vol. 4, no. 1, pp. 37-71, 2001
Sort by:
Citations
(13)
Insiders behaving badly: addressing bad actors and their actions
(
Citations: 1
)
Shari Lawrence Pfleeger
,
Joel B. Predd
,
Jeffrey Hunker
,
Carla Bulford
Journal:
IEEE Transactions on Information Forensics and Security
, vol. 5, no. 1, pp. 169-179, 2010
External Insider Threat: A Real Security Challenge in Enterprise Value Webs
(
Citations: 1
)
Virginia N. L. Franqueira
,
André van Cleeff
,
Pascal van Eck
,
Roel Wieringa
Conference:
Availability, Reliability and Security - IEEEARES
, pp. 446-453, 2010
Protecting intellectual property and sensitive information in academic campuses from trusted insiders: leveraging active directory
Dattatraya S. Bhilare
,
Ashwini K. Ramani
,
Sanjay K. Tanwani
Conference:
SIGUCCS Conference on User Services
, pp. 99-104, 2009
Towards an Adaptive MultiLevel RBAC Mechanism for Countering Insider Misuse
Liu Shuo
,
Luo Xiling
,
Zhang Jun
,
Qi Ming
Conference:
International Conference on Management and Service Science - MASS
, 2009
Preventing Insider Information Leakage for Enterprises
(
Citations: 5
)
Imad M. Abbadi
,
Muntaha Alawneh
Conference:
International Conference on Emerging Security Information, Systems and Technologies - SECURWARE
, pp. 99-106, 2008