DocumentCode
2899458
Title
Defining and Analyzing Insiders and Their Threats in Organizations
Author
Alawneh, Muntaha ; Abbadi, Imad M.
Author_Institution
Inf. Security Group, R. Holloway, Univ. of London, Egham, UK
fYear
2011
fDate
16-18 Nov. 2011
Firstpage
785
Lastpage
794
Abstract
This paper is concerned about insiders and analyzing their threats in organizations. We start by deriving a novel definition of insiders, and identifying the criteria distinguishing insiders from potential insiders. The paper then discusses the main organization types, process workflow, and then derives their requirements. We analyze one of the major threats which affect secure information sharing, which is the content leakage threat that is caused by insiders. Subsequently, we analyze the state of the art schemes, which attempt to mitigate the risk of insider threats on content confidentiality. Such an analysis helps us to identify the weaknesses of the discussed schemes in addressing the identified organizational requirements and develop our research agenda in this direction.
Keywords
organisational aspects; security of data; information sharing security; insiders analysis; organization threats; organizational requirements; potential insiders; process workflow; Access control; Availability; Organizations; Permission; Standards organizations; content leakage; insider criteria; insider definition;
fLanguage
English
Publisher
ieee
Conference_Titel
Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on
Conference_Location
Changsha
Print_ISBN
978-1-4577-2135-9
Type
conf
DOI
10.1109/TrustCom.2011.103
Filename
6120896
Link To Document