• DocumentCode
    2899458
  • Title

    Defining and Analyzing Insiders and Their Threats in Organizations

  • Author

    Alawneh, Muntaha ; Abbadi, Imad M.

  • Author_Institution
    Inf. Security Group, R. Holloway, Univ. of London, Egham, UK
  • fYear
    2011
  • fDate
    16-18 Nov. 2011
  • Firstpage
    785
  • Lastpage
    794
  • Abstract
    This paper is concerned about insiders and analyzing their threats in organizations. We start by deriving a novel definition of insiders, and identifying the criteria distinguishing insiders from potential insiders. The paper then discusses the main organization types, process workflow, and then derives their requirements. We analyze one of the major threats which affect secure information sharing, which is the content leakage threat that is caused by insiders. Subsequently, we analyze the state of the art schemes, which attempt to mitigate the risk of insider threats on content confidentiality. Such an analysis helps us to identify the weaknesses of the discussed schemes in addressing the identified organizational requirements and develop our research agenda in this direction.
  • Keywords
    organisational aspects; security of data; information sharing security; insiders analysis; organization threats; organizational requirements; potential insiders; process workflow; Access control; Availability; Organizations; Permission; Standards organizations; content leakage; insider criteria; insider definition;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on
  • Conference_Location
    Changsha
  • Print_ISBN
    978-1-4577-2135-9
  • Type

    conf

  • DOI
    10.1109/TrustCom.2011.103
  • Filename
    6120896