Title :
A Model for Managing System Insiders
Abstract :
Insiders have trusted status that can provide malicious parties opportunity for advanced mischief. We offer a model and approach for managing insiders that can minimize or eliminate insider trust relationships in well-suited systems. Our approach can allow automatic insider identification when system activity occurs that can create trusted insiders. We illustrate our principles with example scenarios of insider environments that have minimal insider potential. We then extend the model to systematically incorporate issues of trust to produce well-defined insider groups. Our model targets trusted insiders in order to leverage the inherent properties of those that may become traitors. Thus, we intentionally omit malicious outside intruders that acquire insider credentials from our model because they cannot be expected to display potential traitor traits.
Keywords :
Awards activities; Computers; Encryption; Information systems; Resource management; Insider threats; privilege revocation; trust management;
Conference_Titel :
System Sciences (HICSS), 2013 46th Hawaii International Conference on
Conference_Location :
Wailea, HI, USA
Print_ISBN :
978-1-4673-5933-7
Electronic_ISBN :
1530-1605
DOI :
10.1109/HICSS.2013.45
