A Model for Managing System Insiders

Insiders have trusted status that can provide malicious parties opportunity for advanced mischief. We offer a model and approach for managing insiders that can minimize or eliminate insider trust relationships in well-suited systems. Our approach can allow automatic insider identification when system activity occurs that can create trusted insiders. We illustrate our principles with example scenarios of insider environments that have minimal insider potential. We then extend the model to systematically incorporate issues of trust to produce well-defined insider groups. Our model targets trusted insiders in order to leverage the inherent properties of those that may become traitors. Thus, we intentionally omit malicious outside intruders that acquire insider credentials from our model because they cannot be expected to display potential traitor traits.