Abstract

As insider threats pose very significant security risks to IT systems, we ask what policy-based approaches to access control can do for the detection, mitigation or countering of insider threats and insider attacks. Answering this question is difficult: little public data about insider-threat cases is available; there is not much consensus about what the insider problem actually is; and previous research in access control has by-and-large not dealt with this issue. We explore existing notions of insiderness in order to identify the relevant research issues. We then formulate a set of requirements for next-generation access-control systems, whose realization might form part of an overall strategy to address the insider problem.

Links

• https://link.springer.com/chapter/10.1007%2F978-1-4419-7133-3_8

Citation

Crampton, J., Huth, M., 2010. Towards an Access-Control Framework for Countering Insider Threats, in: Probst, C.W., Hunker, J., Gollmann, D., Bishop, M. (Eds.), Insider Threats in Cyber Security, Advances in Information Security. Springer US, Boston, MA, pp. 173–195. https://doi.org/10.1007/978-1-4419-7133-3_8